At LEAP, we know that tech leadership thrives on discovery. Curiosity is the fuel for collaboration – and when leaders are curious, they create space for security to advance product development, instead of slowing it down. We’ve been focused on cybersecurity on the blog this month; and today, we’re looking at why your leadership style can have a huge impact on cyber resilience.
In an interview with Black Hat MEA, Jerich Beason (CISO at WM) described the moment when he said sorry to his team after a funding misstep:
“It wasn’t about weakness; it was about respect. Teams can spot when leaders are spinning or covering up, and that erodes trust quickly. By admitting where I got it wrong, I showed that accountability is not just something I demand from them. It is something I model myself.”
In the same interview, he recalled an early leadership lesson – “I had won the argument but lost the room…leadership is about building alignment, not showcasing intelligence.”
A 2025 report on data breach investigations from Verizon shows why this approach is so important. Human factors remain the leading cause of breaches, from misconfigurations to social engineering. And teams that feel safe to share concerns and challenge assumptions are less likely to make mistakes; and a lot less likely to try to cover up mistakes when they do happen.
Stefan Baldus (CISO at HUGO BOSS) has spent two decades protecting a global fashion and lifestyle brand. The Black Hat MEA team asked him about the key lessons he’s absorbed over that time, and he said:
“All the tools won’t save you…You need a strong team with the right tools, not all tools, to make security work. Make sure the processes and procedures are in place and try to get your business units prepared too.”
Industry research supports this. The most recent Cost of a Data Breach report from IBM highlights that organisations adopting AI without robust governance and training face higher breach costs. Process and culture provide the stability that new technology requires.
Curiosity can also help leaders grow talent. Also speaking to Black Hat MEA, Daniel Bowden (CISO at Marsh McLennan) encouraged companies to design internships that give students meaningful, real-world experience. “Students need hands-on experience with real threats and challenges – not just shadowing or menial tasks.”
Exposing interns to threat modelling and cross-functional collaboration develops future leaders who already understand business impact and security strategy. And this perspective can apply to talent development across every area of the tech industry – get your people curious about security (and the role they play in keeping things secure) by making awareness training interactive and genuinely meaningful.
That could be…micro training modules that reflect what people really care about (how their clicks and choices could impact their personal lives or the people closest to them, for example), or offering security simulations or games that give them a chance to experience what it’s like to work in cyber.
Make security feel real, and you’ll spark the kind of curiosity that will build a culture of resilience from the inside-out.
If you want to cultivate curiosity in your organisation – and use it to build cyber resilience – you have to lead by example. Look at how quickly teams align on high-stakes changes; how often incidents trace back to miscommunication; and how quickly teams can recover from mistakes.
A curious team can talk openly, plan well, and recover quickly. By following threads of ideas and asking ‘what if?’ questions all the time, you can create clarity in complex systems; and find ways to make security a foundation for better, stronger operations.
Curiosity allows you to see security as an opportunity instead of a friction point. So keep asking the questions – and make your team feel good about asking questions too.
Critical industries are supported by an invisible architecture – energy, finance, and logistics now depend on AI systems that make decisions faster than humans can react. And building resilience into that architecture is becoming one of the tech industry’s most urgent challenges. The team over at Black Hat MEA recently
Research shows moderate constraints boost creativity. See how cybersecurity can act as a design partner for tech innovation, offering the ideal conditions for growth.
Breaches cost millions and destroy trust. Learn why building security into innovation from day one saves money, culture, and growth.
Critical industries are supported by an invisible architecture – energy, finance, and logistics now depend on AI systems that make decisions faster than humans can react. And building resilience into that architecture is becoming one of the tech industry’s most urgent challenges. The team over at Black Hat MEA recently
Research shows moderate constraints boost creativity. See how cybersecurity can act as a design partner for tech innovation, offering the ideal conditions for growth.
Breaches cost millions and destroy trust. Learn why building security into innovation from day one saves money, culture, and growth.
