When 90% of internet-connected systems worldwide depended on your software and a single vulnerability could crash entire sectors, crisis leadership took on existential importance. Christopher Budd, Founder & Principal at Christopher Budd Communications tells Ben that security success often means choosing between bad and worse outcomes. His experience building global incident response processes showcases why traditional leadership approaches fail during security crises and how to build organizational resilience that doesn't depend on individual heroics.

Christopher also discusses his framework for crisis communications where managing panic becomes a core leadership responsibility not found in any job description. His approach to team sustainability includes two business-critical rules: mandatory disconnection during time off to prevent burnout and stress-testing organizational resilience by removing key personnel during exercises. He explores how security leaders must develop tolerance for being misunderstood while their best work preventing disasters goes unrecognized, how diverse perspectives strengthen security thinking, and his mentoring philosophy emphasizes fostering curiosity over technical conformity. 

• Crisis leadership frameworks for managing incidents where success means achieving bad outcomes instead of catastrophic ones.
• Organizational resilience strategies that stress-test systems by removing key personnel during exercises and mandating true disconnection during time off periods.
• Building sustainable security teams by recognizing and countering the competitive culture that drives talented professionals toward burnout.
• Trust-building methodologies for security leaders whose best work preventing disasters goes unrecognized while visible failures draw criticism from those being protected.
• Crisis communication techniques for managing expectations during incidents, including the critical importance of conservative promises and understanding how missed expectations fuel panic.
• The professionalization of threat actor organizations, including their development of professional services, customer support, and business operations that mirror legitimate enterprises.
• Mentoring approaches that prioritize curiosity and diverse perspectives over technical conformity, recognizing that security requires people who can see systems differently than their intended use.
• Burnout recognition and prevention frameworks specifically designed for security professionals, including identification of the "grinding gears" phase where continued effort becomes counterproductive.
• Leadership transition strategies for security professionals moving from technical execution to team management, emphasizing the importance of knowing when to rely on team expertise rather than individual technical knowledge.

Too busy; didn’t listen: 

• Christopher Budd's 10 years at Microsoft's Security Response Center taught him that security success often means choosing bad outcomes over catastrophic ones, with the challenge that outsiders only see the bad results.
• His crisis leadership approach centers on becoming a "dispeller of panic" and managing expectations conservatively, as missed promises during incidents amplify crisis impact exponentially.
• Organizational resilience requires stress-testing through mandatory time off and removing key personnel during exercises to prevent single points of failure and identify system vulnerabilities.
• Security team sustainability demands actively countering the competitive masochism culture where professionals pride themselves on extreme workload tolerance, leading to burnout among the most dedicated performers.
• Effective security leadership involves building trust while accepting that your best work preventing disasters will go unrecognized, requiring internal motivation focused on mission rather than external validation.

Skip to the Highlight of the episode: [23:27-23:45] "The saying about trust, “it's hard to build, easy to lose,” is true. And a key part of building trust is understanding expectations, understanding what people need to hear, want to hear, and delivering on that in a credible, honest way.” 

Listen to more episodes: