Episode 2
Breaking into Cybersecurity Leadership - Jeffrey Wheatman
Breaking into Cybersecurity Leadership - Jeffrey Wheatman
Jeffrey Wheatman on LinkedIn - https://www.linkedin.com/in/jnwheatman/
Sponsored by CPF Coaching LLC - http://cpf-coaching.com
The Breaking into Cybersecurity: It’s a conversation about what they did before, why did they pivot into cyber, what the process was they went through Breaking Into Cybersecurity, how they keep up, and advice/tips/tricks along the way.
The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership and tips/tricks/advice from cybersecurity leaders.
This podcast runs on listener support and funding. Consider supporting this podcast:
https://breaking-into-cybersecurity.captivate.fm/support
Check out our books:
Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI
Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/
_________________________________________
About the hosts:
Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over ten years of experience as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach.
https://www.linkedin.com/in/christophefoulon/
Find out more about CPF-Coaching at https://www.cpf-coaching.com
- Website: https://www.cyberhubpodcast.com/breakingintocybersecurity
- Podcast: https://feeds.captivate.fm/breaking-into-cybersecurity/
- YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity
- Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/
- Twitter: https://twitter.com/BreakintoCyber
- Twitch: https://www.twitch.tv/breakingintocybersecurity
Mentioned in this episode:
CPF Coaching: Cybersecurity Leadership and Talent Development Consultant
CPF Coaching: Cybersecurity Leadership and Talent Development Consultant
Transcript
Welcome to another episode of Breaking into Cybersecurity
2
:Leadership, where we talk to leaders
within the cybersecurity field to
3
:learn about the skills and competencies
needed to develop the next generation.
4
:Today we have Jeffrey Wheatman,
who's on the show, and he'll
5
:be sharing his insights.
6
:On what it takes to become a great leader.
7
:But before we get there, this is a
reminder to share this episode and
8
:others, with anyone that's interested in
breaking into cybersecurity or breaking
9
:into cybersecurity leadership so that
they could see the different skills,
10
:competencies, and approaches that'll be
successful in advancing their career.
11
:Jeff, before we jump in, give us a
little bit of background about yourself.
12
:Jeffery Wheatman: Yeah, absolutely.
13
:Hey, Christophe, how are you?
14
:It's a pleasure to talk to you again.
15
:So I have a little bit of an interesting
career in cyber because I actually
16
:started out, believe it or not, in retail.
17
:I managed a hardware store in
New York City when I was, when
18
:I first got outta college.
19
:You know what?
20
:But I hated it.
21
:I hated being in retail.
22
:I hated I hated that whole thing.
23
:And I, and
24
:so I put myself through a training.
25
:I'm dating myself.
26
:I got certified in Novell
Network three point 11 to show
27
:you how long I've been around.
28
:And I did a bunch of technical
things and between you and me and
29
:all the people listening, I was never
super great at a technical person.
30
:But what I.
31
:To.
32
:So that's really driven
a lot of what I've done.
33
:When I finished my, my network
certification, I actually
34
:went to go work for a company
that installed color printers.
35
:I ran a team that installed these
raster image processors that were
36
:built on the old Silicon Graphics
pizza boxes, if you remember those.
37
:Flat blue things.
38
:I sorta, I moved around quite a bit.
39
:I ended up in consulting where I ran a lot
of teams and I built consulting practices.
40
:I ran security and network
operations for Martha Stewart in
41
:New York City for a number of years.
42
:And before anyone asked, yes, I was
there during the investigation, I was.
43
:The thing that was super interesting
about that is back then the lawyers
44
:didn't have paralegals that knew
anything about cybersecurity or tech.
45
:The FBI didn't really know a lot about it.
46
:They didn't know about things like
MD five checks, sums on files.
47
:I sent them files and I sent them all
the MD fives and they said, what's that?
48
:And the response would.
49
:I went, oh, okay, I'm gonna,
I'm gonna keep this here.
50
:And I did that for a while.
51
:And then I went and I built another
I built a consulting practice.
52
:I had my own company for a little
while, and then I, stumbled into
53
:the job at Gartner where I had
the opportunity to work with.
54
:Tons of Fortune 1000 CISOs and Chief
Risk Officers and CFOs, and I learned
55
:more about leadership and managing
people and working with people from
56
:watching other people do it and seeing
what worked and what didn't work.
57
:And I did that for 15
years and I love that job.
58
:I love the.
59
:At Black, I.
60
:And now I'm closer to the problem.
61
:So we work in the third party
risk intelligence space.
62
:And I work with a lot of CISOs.
63
:I work with a lot of people in sourcing,
procurement and vendor management.
64
:And one of the things that I do
a lot of with them these days is.
65
:I help them engage with their non-IT
non-technical partners where people
66
:tend to struggle when this gonna a,
67
:and they had two breaches,
very significant breaches.
68
:The CISO got fired.
69
:The CEO got a raise and became
the chairman of the board.
70
:They put out their annual report.
71
:They didn't talk about cybersecurity risk.
72
:Yes, they railroaded the ciso,
but at the end of the day.
73
:Did the CISO do a good job
of communicating the business
74
:impact of those cyber risks?
75
:And they probably did not.
76
:So that's kinda kind of my story.
77
:I love to talk to people about coaching.
78
:I love to mentor people.
79
:And I'm a big fan of helping
people become people, become
80
:leaders as opposed to manager.
81
:Christophe Foulon: Yeah, absolutely.
82
:I think helping new leaders switch
from a tactical hands-on approach to a
83
:more strategic holistic approach when
working with the business is critical.
84
:I.
85
:As they move up, but
let's take a step back.
86
:In your career, you pivoted from, at
some point, from being an individual
87
:contributor to starting to lead teams.
88
:whAt in you decided that you really
wanted to lead teams versus just
89
:controlling your own workload?
90
:Track 1: That's a great question
and I think it's I'm gonna
91
:paraphrase a famous quote, right?
92
:Some some people seek out
leadership, some people have
93
:leadership thrust upon them.
94
:And what happened was people
started coming to me and asking
95
:me, Hey, how do I do this?
96
:Or struggling with this?
97
:There I have conflict with someone on my
team and I just really started doing a
98
:lot of the things that leadership does.
99
:And when when the leadership role opened
up it, I just stepped into it without even
100
:really thinking about it, and they did
gimme more money so that, that was good.
101
:But what I realized was I enjoyed
mentoring and leading and working
102
:with teams and building teams, and.
103
:As much, if not more as doing
pen testing and doing incident
104
:response, because those are a couple
of things that, that I was doing.
105
:I got more satisfaction outta it
and it, that just propelled my
106
:career and I'm proud to say I've
had a number of people that have
107
:worked for me in more than one role.
108
:And a very good friend of mine told me,
and I almost cried when she told me this.
109
:And she's a partner at one of the
big big four consulting firms.
110
:She said, everything I learned
about managing and leading
111
:people, I learned working for you.
112
:And she worked for me 20 years ago
and she told me this last month.
113
:I love that
114
:something.
115
:Christophe Foulon: You
already started to answer.
116
:The next question is, what are some of
the critical skills and competencies
117
:needed for a cybersecurity leader today?
118
:I.
119
:Jeffery Wheatman: All so that, there's
a lot, but we only have limited time.
120
:So I would say three or four
of the key ones, I think is we
121
:need to be better listeners.
122
:We have a tendency, especially those of
us that come from a technical background
123
:to get in front of a business audience.
124
:We have limited time, limited
opportunities, so we tend to
125
:go, here's everything I know.
126
:And they're overwhelmed and they
don't have the background, they don't
127
:have the context, and they don't
necessarily what to do with what.
128
:So I think being a better listener
and being able to understand the
129
:perspective and the role and what
is it that's important to you.
130
:So I make sure that I'm.
131
:So I think being a lister is another
I think another one and here to
132
:me is the major difference between
being a leader and a manager.
133
:Leaders lead from the front.
134
:They're in the front line
when there's a catastrophe.
135
:They're not home sitting in bed.
136
:They're in the data center, they're
in the office, they're working with
137
:the team through the whole thing.
138
:They're there, act.
139
:It wasn't even a breach, it was just,
it was an availability issue and all
140
:the executives were banging on the door.
141
:My job during that was
make sure my engineers.
142
:Shield and to be at the front
and not the back orders.
143
:I think you need people
see the big picture.
144
:I'm big fan of the parable about
the blind person, the blind
145
:people in the elephant, which.
146
:I always use to articulate the fact
that when we're really close to a
147
:problem, we don't see the bigger
picture, and we tend to make decisions
148
:based on what we see in front of us.
149
:And then we step back and it
turns out, oh wow, everyone's done
150
:that and we now have 10 parallel
solutions that are not necessarily.
151
:I think that one of the this
is there's discussion on
152
:frequently, showing that
you don't know something.
153
:Being open and honest, I think makes
you much more valued as a manager,
154
:as a leader, as an executive.
155
:There was Harvard Business Review probably
10 or 12 years ago, did a study and
156
:they found that being liked was much
more important, quality and an executive
157
:than being found to be competent.
158
:Right, and the only way that you can
do that is by not demeaning people, not
159
:insulting people listening to everybody.
160
:And here's the key thing, for those of
you out there, just because you listen
161
:doesn't mean you need to do what they
tell you, but they at least need to
162
:believe that they are listened to, that
they have been heard, and that you're.
163
:Mentoring thing.
164
:I'm a big believer that my job as
a leader, my replacement, right?
165
:Too many executive see that as a threat.
166
:I've seen people lose jobs because they.
167
:Showed up their manager, but
that's not what they did.
168
:What they did was they brought something
to light that needed to be discussed and
169
:talked about, and their boss didn't like
the fact that they got caught flatfooted.
170
:Now, if you get caught
flatfooted, that's on you.
171
:That's not on that.
172
:So I think those are a lot of
the things that I think are
173
:really important for leaders to.
174
:Christophe Foulon: Yeah we'll
dive into a couple others too.
175
:Let's dive into delegation.
176
:How would you define delegation and
your comfort level of delegation
177
:on a scale of one to five and why?
178
:I.
179
:Jeffery Wheatman: Yeah, so I
would've had a different answer to
180
:this 10 years ago than I do now.
181
:I think that leaders, especially
in larger organizations, have no
182
:choice but to delegate otherwise
you will quickly burn yourself out.
183
:I always joke that when I started
cybersecurity 30 years ago,
184
:it wasn't even, there's way.
185
:So I think you do need
able to trust there.
186
:I think that, letting people do
their jobs I think is very valuable.
187
:I do think you need to build
touch points in there, especially
188
:for high profile things.
189
:You don't wanna be in a position where
you get to the end of a six month
190
:project that you delegated and it turns
out they did not do what you wanted.
191
:As far as my comfort with delegation,
I have gotten significantly.
192
:I, my, the first thing outta my mouth was,
that's fine, but did you try it this way?
193
:And I was always trying to get people
to do things the way I want, right?
194
:And I think that is not a great way to go.
195
:So I would say I probably
used to be a two.
196
:I'm probably closer to a four now.
197
:Not sure if I'm ever gonna get to a five.
198
:I tend to have some.
199
:I, I do sometimes suffer
from I'm Jeffrey Wheatman.
200
:Do you know who I'm, and that's sometimes
cha challenging and problematic.
201
:But I think it's a skill that
can be learned and I think it's
202
:a skill that can be coached.
203
:And I think that for leaders that don't
feel they're good at it, go to your
204
:colleagues and learn how they do it.
205
:And I think we can learn
from, that's discipline.
206
:Christophe Foulon: And the
next one I would ask would be
207
:in regards to collaboration.
208
:So very similar to delegation, but n now
we have to be actively .Working with them,
209
:how would you define collaboration and
your comfort level at one to five and why?
210
:Jeffery Wheatman: So collaboration to
me is an example of the whole is greater
211
:than the sum of the parts, right?
212
:If you take five really smart people
and you bring them together, you'll
213
:get more than five times the value.
214
:You may not necessarily get five
times the work product, but you'll
215
:get more than five times the value.
216
:When I worked in consulting, I learned a
lot about that need to be collaborative
217
:because the tendency was for the team lead
to go their thing and bring it together.
218
:You'd end up spending twice as
much time, three times as much time
219
:bringing all the things together as
opposed to getting everyone in a room.
220
:I think collaboration has
been significantly hampered
221
:as a result of covid.
222
:I Think especially for younger people.
223
:I think it's much, much more
difficult to collaborate remotely
224
:than it's to do it in person.
225
:You and I can have a great interactive
conversation with the two of us.
226
:Add a third party in on, on.
227
:It gets more than twice as hard.
228
:Fourth party, it gets even harder still.
229
:And moderation of panels noticed you
people becomes harder to moderate
230
:panel other than a collaborative
environment for people to share.
231
:To share ideas.
232
:And I actually, earlier today I had a call
with one of my former colleagues at at
233
:the, that research firm I used to work at
and we were talking about the fact that
234
:one of their strengths is they're big, and
one of their weaknesses is they're big.
235
:Everybody's so narrow, they don't do a
great job on collaboration sometimes.
236
:I would say that I am
actually very collaborative.
237
:So I would say on give myself a
wouldn't really on bringing in ideas.
238
:And one of the things I
always suggest people do.
239
:When you have a bunch of people from
disparate backgrounds and you're trying
240
:to come to a, a conclusion, so a workshop
or a tabletop exercise, I always tell
241
:people, give everyone a different job.
242
:So for the exercise, the
CEO can act as the CIO.
243
:The CIO should be the CO.
244
:The CFO should be the CTO.
245
:And if you give everyone different jobs,
you don't always get what you want, but.
246
:A, I never thought about
it that way before.
247
:And to me that is one of the best
outcomes of co, of collaboration is
248
:getting people to think differently,
to be able to bring ideas together,
249
:to create synergies of ideas.
250
:And here's the thing.
251
:I think collaboration
is also not just people.
252
:I think collaboration is tools.
253
:I think collaboration is data.
254
:Chatt.
255
:I have started to use ChatGPT
as part of my team, right?
256
:Because ChatGPT has
different perspectives.
257
:I wouldn't go so far to say have thought,
but they have different perspectives.
258
:And I think collaboration
is about bringing that in.
259
:And if you're collaborating by
having six of the same people in
260
:the room, that is not collaboration.
261
:So you gotta bring in di disparate
backgrounds and perspective.
262
:Christophe Foulon: And on the
next scale, communication, how do
263
:you define communication and your
comfort level with communication
264
:on a scale of one to five and why?
265
:Jeffery Wheatman: Yeah.
266
:So on a scale of one to five, I
give myself a 10 on communication
267
:to pat myself on the back.
268
:It's a key for what I do, right?
269
:My job now is, as an evangelist,
is about communicating.
270
:My job as a Gartner analyst was about
communicating, and about 80% of what I
271
:did when I worked at Gartner was helping
people be more effective communicators.
272
:But coming back to the actual
question, communication is about
273
:bidirectional interaction, right?
274
:Communication is not
me telling you a story.
275
:Communication is me telling you
a story, and then as I'm telling
276
:the story, I'm watching your
face, I'm watching your hands.
277
:Are you leaning back?
278
:Are you leaning forward?
279
:Are you looking at.
280
:And make it much more interactive.
281
:I always tell people, and I
tell, I'll tell your audiences.
282
:Now, when you're talking to someone, don't
ever say, does that make sense to you?
283
:Because that's super insulting and
very pedantic, but what can you say?
284
:Is this helpful?
285
:Will this help you make better
and more informed decisions?
286
:If your management comes and ask you
this question, do you feel comfortable
287
:answering it based on, we talked
about, those are all different ways.
288
:Saying does.
289
:Not offensive, and you don't wanna
be viewed as pedantic or mansplain
290
:to, to use a different term.
291
:But I we had a management meeting a couple
weeks ago and I delivered a 30 minute
292
:session and then one of my head sales
guys came up to me and he goes, thank you.
293
:He's thank you for dumbing that down.
294
:And I said, I didn't dumb down.
295
:I.
296
:You.
297
:Why?
298
:Why would I make you learn
what I know, when I can take
299
:what I know and contextualize
it so that it matters to you?
300
:You're in sales, you don't care about
all of the technical detail, so I
301
:think communication is very much about
meeting people where they are, and
302
:sometimes you meet them there and then
you pull them closer to where you're.
303
:But I feel like it it's, yeah,
I think it's an underused skill.
304
:I'm a huge proponent of storytelling.
305
:I do presentations on storytelling
all over the world, and I'll let
306
:everyone in a little bit of a secret.
307
:I was at an event and they were
about 400 people in the audience, and
308
:they were more on the junior side.
309
:And I'm talking about
storytelling, and I'm looking and.
310
:I'm an introvert.
311
:You wouldn't know it from listening
to me, but my, if I had my druthers,
312
:I would be sitting at home on
the couch with my beautiful wife
313
:watching TV and never going out.
314
:But that's not a functional lifestyle,
plus no one would pay me to do that.
315
:So I have adopted a character and that
character is the cyber risk evangelist,
316
:and that character is funny, entertaining.
317
:Create your own character.
318
:And I think when we communicate,
I think creating your character
319
:is super, super important.
320
:And I actually was talking with someone
at an event a few weeks ago and they
321
:said, so tell me who your character is.
322
:And they didn't really know.
323
:And we worked through it and we said,
all your character has these qualities.
324
:Your character has these weaknesses.
325
:Let's be that character.
326
:And when we finished the conversation,
she said that was like, that may
327
:be the most helpful 15 minutes
anyone's ever given me in my career.
328
:Because it never occurred
to me that I could do that.
329
:Everyone thinks they need to
be and you need to be genuine.
330
:You don't wanna be fake.
331
:This is a character that I've
been playing for a long time.
332
:So I think that, those
are super important.
333
:I don't ability to be an
effective communicator.
334
:I everything's as.
335
:Christophe Foulon: Now
pivoting off of communication.
336
:How would you describe the skill of
influence and why is it so critical for
337
:cybersecurity practitioners and leaders
to use this skill within their roles?
338
:I.
339
:Jeffery Wheatman: That's a great
question and I don't think anyone's
340
:ever asked me that specific question,
so I think that, the word influence, I
341
:think has a bit of a connotation to it.
342
:So we need to be careful, right?
343
:You don't want people to construe
it as you're being manipulative.
344
:But I think exerting influence is
about, and coming back to one of
345
:the first things that said is going
to your audience and understanding.
346
:So what's important to.
347
:And then taking that and
wrapping that around what it is.
348
:I would like you.
349
:So As a simple example I could
go to my executives and I could
350
:say, and they're probably money.
351
:If I go to them and say, so I spoke
with all of the EVPs, the SVPs, and
352
:they've told us this system here
is probably the most important.
353
:When we have this system goes
down, gets breached, we're outta
354
:business, or we're gonna be fine.
355
:We have to protect that system.
356
:We have some things we do,
and I'll be honest with you,
357
:we have some gaps in those.
358
:We'd like to close those gaps.
359
:We need to make an investment.
360
:We need X 5 million.
361
:If we don't do that over the next couple
years, based on everything we know.
362
:Suffer million.
363
:I think is really powerful.
364
:And then I will, I'll make a
suggestion to everyone out there.
365
:There is a psychology professor.
366
:His name is Robert Chi Aldini.
367
:He works at, I don't remember, it's either
University of Arizona or Arizona State.
368
:And he wrote a seminal book
probably 15 years ago called
369
:Influence Science and Practice.
370
:And he talks about six ways to
get people to do what you want.
371
:And the book is great if you
can find the original versions.
372
:He's got a lot of stories in
there, but things like reciprocity,
373
:if I do something for you, you
feel obligated to do something.
374
:For me, it's human nature, right?
375
:If you create the perception of scarcity.
376
:People will do.
377
:People wanna do, people want to
interface with people they like.
378
:And that's where finding
common touch points are.
379
:So you people like people who look
like them, but they also like people
380
:who like the same sports as they do.
381
:They like the same teams, the same
movies, the same books, right?
382
:The same kind of music.
383
:So building those bridges and I won't
go through all six of them, but I
384
:use them frequently, probably every
single day to get people to at least
385
:understand why I'm pitching them on
whatever it is I'm pitching them on.
386
:And I think that, the final thing about
influence, that's very important there is.
387
:Where you are going to be done, you're
gonna be finished making your point.
388
:You're share what you know what
is just gonna say no, and you
389
:need to learn to step back.
390
:You can't drag people all the way,
but what you do need to do is document
391
:the conversations and document.
392
:And I think we're gonna see a lot more
of this with the SEC ruling and some
393
:of the other regulatory stuff that's
coming out where, CISOs cannot be held
394
:accountable for decisions that are being
made by their business stakeholders.
395
:So if
396
:communicating what the risks are.
397
:That's on you.
398
:Not on me anymore.
399
:And I know we don't like to give up.
400
:No.
401
:You don't understand.
402
:Lemme just tell you one more thing
and it'll definitely change your mind.
403
:And that's just, that's not gonna work.
404
:Use what you got and then be
prepared to step back and let
405
:people do what they're gonna do.
406
:People are, have their own
agency, they're gonna do.
407
:Christophe Foulon: Absolutely.
408
:And going from there, let's
talk about another important
409
:skill the skill of networking.
410
:How would you describe the skill of
networking and why is it critical
411
:to cybersecurity and leadership?
412
:And just to set the stage, this
is networking between computers.
413
:This is networking between people.
414
:Jeffery Wheatman: Yes.
415
:Yes.
416
:That's good 'cause I don't
know that much about networking
417
:between computers anymore.
418
:So I think that's a great it's
a great thing to talk about.
419
:I think there are lots of different
kinds of networks out there.
420
:You have your network at your
office, at your company, right?
421
:You know who decision makers are, and
frequently decision makers are not who
422
:you think they're, when you first walk in.
423
:You need to be able to bring
disparate parties together.
424
:There, there was a book a bunch of
years ago, it was a little bit more
425
:technical, but it was about networking
theory with people and they identified
426
:things like hubs and influencers and all
these different roles, and they actually
427
:used it to analyze the hijackers for.
428
:So I think you have to
have internal network.
429
:I think you also have be network
people outside organization.
430
:People.
431
:Who are in and out of your vertical?
432
:One of my roles at Gartner was
I was a leadership partner.
433
:And the thing I learned, the most
valuable thing I learned from that role
434
:was that there are things that higher
edge doing that can absolutely inform
435
:what financial services are doing,
but they're not talking to each other.
436
:Giving more than you get, giving
more than you ask for, right?
437
:So I'm very active on LinkedIn.
438
:I actually just hit 5,000
followers last night.
439
:I was very excited about that.
440
:And I, I know for you, you
have a couple more than that.
441
:I'm never gonna catch up.
442
:But what I try to do is for every
one thing I put out there where I.
443
:What we do at Black Kit, because
ultimately that's my job, is
444
:I talk about other things.
445
:I talk about what's going on in the world.
446
:I share parables.
447
:I take pictures and use
them to build stories.
448
:And then when people like what I
post, I go and connect to them and
449
:I say, Hey, thanks for engaging.
450
:If there's anything you need,
please do not hesitate to ask.
451
:And I think that's
probably how you and I met.
452
:On LinkedIn was, I like something of
yours or you like something of mine.
453
:And I reach out to all those
people and I say, look, I, anything
454
:you need to do, you reach out.
455
:I'll be happy to help you.
456
:I make connections with people all
the time on LinkedIn, outside of
457
:LinkedIn, and what I have found is
other people are willing to do the.
458
:I think sometimes security people
have a tendency to interact
459
:with people and detriment.
460
:Now, keep in mind.
461
:You can only have so many close friends.
462
:So networking isn't always about that.
463
:And my wife has actually said to me
more than once, my wife owns our own
464
:company and she does branding for people.
465
:She says, frequently you get more
from the people who are a little
466
:bit farther away from you than the
people that are super close to you.
467
:Hey, can you intro to me to this person?
468
:Christophe Foulon: I I'd echo what your
wi, I echo what your wife said because,
469
:for example, in, in my recent search.
470
:All the people that were close to me
already knew what I was looking for, but
471
:when I posted it publicly, it's all the
people that I didn't interact with on a
472
:daily basis that were doing the shares,
that were commenting, that were doing
473
:And you'll find that the people that you
interact with daily, the reciprocity that
474
:you have with them usually has been used.
475
:Continuously.
476
:So there, there isn't that that
feeling to give you more, whereas
477
:the people that you've potentially
helped without knowing it, they're
478
:not willing to go, oh, the advice you
gave me 10 years ago was so helpful.
479
:Of course I introduced
you to that person, or
480
:whatever the situation might be.
481
:But
482
:totally agree with you there.
483
:Jeffery Wheatman: Yeah.
484
:then one thing I'll just add on there
too, which I think is important, I
485
:for quite a while, I always hesitated
about reaching out to people.
486
:'cause I don't wanna bother you.
487
:I don't wanna bother them.
488
:And whenever I articulate that to people,
they go, what are you talking about?
489
:It's no bother.
490
:I love talking to you.
491
:I love helping people.
492
:So you are not bothering people as a
general rule when you reach out to them.
493
:People are on LinkedIn because they
wanna be linked to other people.
494
:And I think it's important you're not
bothering and you're not bothering me.
495
:If you listen to this and you
connect to me, I'll respond.
496
:And if you need anything, I'll
do my best to try to help you.
497
:Christophe Foulon: And as, as we
wrap up the end of our podcast I know
498
:you've shared a lot of advice, but
what final advice would you give to
499
:cybersecurity leaders that are looking to.
500
:Pivot up from a more tactical
career to a more strategic
501
:career to move on up that chain.
502
:Jeffery Wheatman: Yeah, it's a
tough, that's a great question.
503
:It's tough.
504
:I think finding yourself a mentor, in
your organization, maybe out of your
505
:organization who can guide you because
it's a big step to go from being
506
:a practitioner to being a leader.
507
:So I think finding a mentor or what we.
508
:But I think the other thing too is
you need to expand your learnings.
509
:There's free classes online.
510
:Learn how to read AP and l.
511
:Learn how to read a general ledger.
512
:Learn how to read a balance sheet.
513
:Take classes in, in public speaking learn.
514
:Start looking at 10 Ks looking, 10 Qs
looking at annual reports for companies,
515
:figuring out what it is that is important.
516
:And here's one last
thing, stop with acronyms.
517
:Acronyms are great when you're talking
to people in your tribe, but when you
518
:start talking to people outside of your
tribe, acronyms basically insulate you.
519
:We don.
520
:Don't,
521
:but it's an important thing.
522
:Meet people where.
523
:Christophe Foulon: Absolutely.
524
:Jeff, thank you so much for
sharing your advice with us.
525
:Truly appreciate it.
526
:For everyone.
527
:As a reminder, thank you for joining
Breaking into Cybersecurity Leadership
528
:where we're looking to help develop the
next generation of leaders so there's a
529
:leader or a future leader in your network.
530
:Feel free to share this with them
so that they can learn from the
531
:skills and competencies of others,
and we can have that diverse
532
:perspective within our industry.
533
:Thank you all.
