Have you ever said sorry to your team?

Jerich Beason (CISO at WM) has built his career at the intersection of technical expertise and human leadership. Known for his candid reflections on leadership, imposter syndrome, and diversity in the industry, he has a valuable perspective on how security leaders can balance resilience with empathy.

Before he heads to Riyadh to speak at Black Hat MEA 2025, we spoke with Beason about the lessons he’s learned – from apologising to his team for a funding misstep, to realising that winning an argument doesn’t mean you’ve led well.

Here’s what he told us.

You once apologised to your (then) team of security engineers for a funding misstep. Why do you believe admitting mistakes so openly helps to build stronger teams?

“I have always believed that leadership is not about being flawless. It is about being human and trustworthy. When I apologised to my team for a funding misstep, it wasn’t about weakness; it was about respect. Teams can spot when leaders are spinning or covering up, and that erodes trust quickly. By admitting where I got it wrong, I showed that accountability is not just something I demand from them. It is something I model myself. That transparency strengthens bonds because it signals, ‘We’re in this together, and you can trust me to own the outcomes, good or bad.’”

A LinkedIn post you wrote about imposter syndrome mentions a mindset shift from trying to win arguments, to focusing on building consensus. What was the moment that prompted that shift?

“The turning point came early in my executive journey. I had presented a technically flawless case for a security investment, but I walked out of the room with no buy-in. I realised that I had won the argument but lost the room. That was humbling. 

“It taught me that leadership is about building alignment, not showcasing intelligence. I also had to learn not to tech flex. Proving I knew more than others might have scratched my ego, but it didn’t serve the mission. Instead, I began reminding myself that if I was invited into the room, I belonged in the room. I didn’t need to prove my worth through over-explaining or technical one-upmanship. 

“From that moment on, I shifted my mindset. Success was creating consensus so that the team and business moved forward together. That’s also when I started to see imposter syndrome less as a weakness and more as a reminder to focus on service and collaboration, not perfection.”

Why is it important to you to actively support diverse talent in cybersecurity?

“Cybersecurity is a field where perspective directly impacts protection. If everyone on the team thinks the same, sees the same, and comes from the same place, we miss blind spots both in systems and in strategy. Supporting diverse talent is not charity – it’s essential for resilience. 

“Personally, I’ve been fortunate to have mentors who opened doors for me, and I feel a responsibility to extend that same support. I know firsthand how isolating this field can feel for those who do not see themselves represented at the top. If I can help change that, I’m making space for individuals; but I’m also strengthening the industry.”

How does trust and transparency contribute to making cyber a more hospitable industry for diverse practitioners?

“Trust and transparency level the playing field. For people entering spaces where they might feel othered, uncertainty is already high. Leaders who are open, consistent, and honest reduce that uncertainty and create a sense of belonging. 

“Transparency about decisions like why budgets are cut, why someone was promoted, and how risks are prioritised helps eliminate the hidden rules that often disadvantage underrepresented groups. 

“Trust builds psychological safety, and that’s the foundation for diverse voices to contribute meaningfully without fear of being dismissed or tokenised. It is not just about who we hire, but about how we lead once they are on the team.”

What’s one specific piece of advice you’d give to a mid-career cybersecurity professional who wants to become a CISO?

“Shift your mindset from being the smartest person in the room to being the connector in the room. 

“Technical expertise will get you noticed, but executive leadership is about translating security into business value, aligning with peers across functions, and influencing outcomes you do not directly control. 

“My advice is to practice framing security not as risk avoided but as business enabled. Build financial fluency, practice communicating with clarity, and learn to trust your team enough to delegate. Most importantly, remember that if you have been invited into those leadership conversations, you belong there. Those skills and that mindset, more than certifications or technical depth, are what will prepare you to lead well at the CISO level.”

Thanks to Jerich Beason at WM. Get your pass to attend Black Hat MEA 2025 and learn directly from the leading minds in cybersecurity.