The career lesson CISOs wish they’d learned earlier

Explore our weekly delivery of inspiration, insights, and exclusive interviews from the global BHMEA community of cybersecurity leaders.

Keep up with our weekly newsletters on LinkedIn — subscribe here. 

Insights, inspiration and exclusive interviews from the global Black Hat MEA community – in your inbox every week. 

This week we’re focused on…

The lessons CISOs wish they’d learned much earlier. 

We’ve asked dozens of CISOs this question over the last few years: If you could go back to the beginning of your career and tell yourself one thing you wish you’d known then, what would it be? 

And today we’re sharing four answers – all of which point to the reality that cybersecurity leadership is a very human challenge. 

Relationships are more important than titles 

For Bernard Assaf (CISO at Airbus), the most important advice he received from a mentor early in his career:

“Relationships matter more than titles. The most valuable advice I can offer is this: strive to be someone people genuinely want to work with.”

In cybersecurity, where influence often matters more than authority, the ability to build trust can be more valuable than any job title.

Read our full interview with Bernard Assaf

Leadership is about creating the conditions for others to thrive

For Dimitri Van Zantvliet (CISO at Dutch Railways), the lesson was about how leadership actually works in practice.

“Technical depth is important, but context, trust, and timing turn expertise into real-world impact. Leadership is not about control, but about creating the conditions for others to thrive.”

And perhaps most importantly, he says never to underestimate the people around you.

“I’ve been incredibly fortunate to be surrounded by brilliant, kind, and courageous people… who helped shape not just my career, but my character.”

Read our full interview with Dimitri Van Zantvliet 

Cybersecurity is a team sport

Daniel Bowden (CISO at Marsh McLennan) offers a similar perspective.

“Learn the business, not just the tech. Cybersecurity is a team sport. You’ll need alliances in legal, compliance, finance, operations.”

Those alliances are what turn technical insight into organisational change.

Read our full interview with Daniel Bowden

Clarity beats complexity

For Sounil Yu (Chief AI Officer at Knostic), the lesson was about communication.

He told us that early in his career he focused too much on perfect frameworks and complex thinking.

“Clarity is more valuable than complexity.”

He also learned a timeless principle the hard way: 

“Perfect is the enemy of good.”

In cybersecurity leadership, the goal is to help others make better decisions. You do have to understand complex systems in order to do that – but that complexity isn’t the most important layer. 

Read our full interview with Sounil Yu

The common thread

Across these reflections, we can see that cybersecurity leaders often begin with tech – but the people who end up leading organisations eventually realise the real differentiators are relationships, trust, clarity and business understanding.

Relationships matter most. So register now to secure your place at Black Hat MEA 2026 – where you’ll build relationships with current and future partners, peers, and employers.