March 27, 2025 • 35 mins
Joe and Peter Ramadan dive deep into the art of communicating with executives—no fluff, just real talk. Discover how to ditch the jargon, nail concise briefings, and win trust at the top, whether you’re a security pro, tech lead, or aspiring CISO. Peter unveils his new e-learning series on executive briefings, sharing hard-earned lessons from getting his ‘bun toasted’ by a CISO to mastering the efficiency mindset CEOs crave. Packed with stories—like Joe’s two-minute security slam dunk and Peter’s factory efficiency analogy—this episode is your cheat code to leadership success. Subscribe for more raw, unfiltered insights!
Chapters
00:00 Authenticity in Podcasting
01:55 Launching an E-Learning Series
05:01 Bridging the Gap: Technical to Leadership
10:06 Communicating with Executives
13:45 Efficiency in Leadership
19:05 The Value of Time in Business
22:57 Navigating Security Tools and Budget Constraints
27:03 Embracing Leadership and Asking for Help
E-Learning Series Links:
https://youtu.be/E8sZEMWHRHM
https://www.youtube.com/watch?v=fYmCzpcg9gw
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
How's it going, peter ?
It's good to have you back onthe podcast.
You know it's been aninteresting time for both of us,
I think, the past two months.
But yeah, great, great to haveyou back on.
Speaker 2 (00:10):
Joe, I really appreciate being out here and
had a lot.
You know had a blast last timeI was on here me that they
prefer my format of an interviewcompared to some other people
in the space, a lot of the otherpeople.
Speaker 1 (00:36):
they'll do a two-hour recording with someone and
they'll chop it up into 45minutes.
Whenever I hear that, it's like, guys, you know you're not,
you're not doing anyone anyjustice.
You know, if you're going torecord for two hours, it should
be pretty close to two hours toreally get that that feel for
the person.
But you know, at least that'sthat's my opinion.
(00:57):
I mean, there's other, moresuccessful podcasts out there
than mine, right?
So who am I to tell them thatthey doing something?
Speaker 2 (01:02):
you know it.
That sounds true, joe, but Iwould say, go the opposite way
and just go full force into thedirection you're going into,
because it's more authentic.
You're not, you know, sayingwe'll fix that in post, we'll
fix that in post, uh, you know.
Yeah, it keeps it real foreverybody, and I think that's
what we're all looking for isfor something real, and we all
(01:23):
enjoy security.
But we're also, you know, isfor something real and we all
enjoy security, but we're also,you know, human beings who do
stuff outside of security.
So, you know, try to find a wayin the middle of those two, and
I think that's where you startto kind of attract the right
people.
Speaker 1 (01:36):
Yeah, yeah.
Well, Peter, you know you.
You made a LinkedIn post todayabout you starting about a
e-learning series, right?
So what's all that about?
Give me the thousand-foot viewof why people should dive into
it and who it's really made for,and that sort of thing.
Speaker 2 (01:56):
Absolutely yeah.
So I would say the idea justkind of came out of nowhere.
We have a mutual friend that amutual friend that I was helping
out and he was trying todevelop some just source
material to help educate themasses on specific areas of
security.
So we were kind of kickingaround some ideas and I really
(02:18):
wanted to think of some ideasthat were not thought of before,
which is a challenging thing todo.
But it's one of those thingswhere you just go onto Google
and you're like, hey, I want tolearn about this from in this
area, what's available, what'sthe most popular.
And I did the same for myselfwith security and started to
realize that there isn't a lotof polished material out there
(02:42):
and it's not a dig to anybodyout there.
It's just kind of like what wewere just saying how do we keep
it real, keep it about the topicof security, but, like I said,
keep it interesting,entertaining.
So that's where I said, hey,I'm going to start developing my
own e-learning series, and thefirst topic that I wanted to
(03:03):
jump into was executivebriefings for security
professionals.
It's a near and dear topic tomy heart because it's one of
those that I actually had to gothrough and suffer through the
pitfalls and get that harshfeedback from your CISO to say
(03:23):
your message didn't get across,you used too many pictures, that
didn't matter.
With your presentation you lostthe message.
So I was kind of just swimmingout in the middle of the ocean
just trying to figure out youknow what direction I should go
in and I don't want anyone elseto go through that.
That was a really tough time,you know, I got my bun toasted a
(03:47):
couple times but, to say it thenice way.
But yeah, to focus on the youknow, security presentations,
you know for leadership, peoplewho want to become CISOs,
directors and, you know, don'twant to just have the role, they
want to actually do thingswhile they're, you know, being
that director, being that changein their organization.
(04:09):
So I developed a seven moduleseries for executive briefings
which goes through kind ofdifferent topics on how to
improve your game.
So like starting from framing,you know, cybersecurity, to
business terms, storytellingskills, what metrics, to use all
these different things to helpyou start crafting your story
(04:31):
and doing it in a, you know,very sharp, concise way where
executives are just lapping itup, they're eating it up, they
just hey, you're making my jobeasier.
I thought I would have to workharder.
You know, all I have to do issign yes, thank you Moving on,
and that's it's how they go.
They're very uh, or executivesare very red type, as in.
(04:52):
You know, be fast, be good, begone.
And that's what I really wantto teach you know, in this
series.
Speaker 1 (04:58):
Yeah, that is something that a lot of people
struggle with, even managers anddirectors and whatnot, right,
they even struggle with it quitea bit, especially that gap
right Going from a technicalrole into a more leadership role
.
You know, that bridge there oftrying to explain too thoroughly
(05:20):
of what's going on, right, notbeing concise enough is always
an issue, and it actually took,you know, a CISO of mine that
you know kind of kind of tookthe time and sat down and was
like, look, this is exactly whatI'm looking for.
And this is why I'm looking forit, because I want to take this
, copy and paste it into thisbig old slide deck that I have
(05:40):
and I want to talk about you fortwo minutes.
That's it, that's all I want todo, and it has to be high level
stuff.
Everyone in the room has to beable to understand it right,
like this is the board, the CEO,the CTO.
None of them are technical,none of them have a technical
background, you know.
And that really started to kindof shift my perspective, right,
(06:03):
because when I wanted to go tomy CISO for something or provide
him a status update on this bigproject that I'm working on,
right, I always present it nowin a way to where, if he, if he
needed to or wanted to presentit to someone in upper
management above him, right, Iwant him to just copy and paste
it, make it as easy as possible.
(06:25):
Like you know, he may get alittle bit more technical with
me on the side, you know tolearn the nuances of it, but you
know it should never be.
You know that like in depth,you know in the weeds view I
guess, when you're talking tothe executives, because they
just need to know what they needto make a decision about.
Speaker 2 (06:44):
Yeah, and they'll let you know when you're going the
wrong way too.
You could lose the room veryquickly with one slide.
You could not even get intoyour introductory paragraph of
what you're about to say.
You could just throw up a slideand then no one's listening to
you.
Everyone's looking at your youknow 20 million metrics within a
little square view, trying tounderstand what is this kid
(07:09):
talking about.
So I don't want others to gothrough that, like I was saying
before, because you could reallyhurt your reputation at the
organization you work for withone bad meeting, really kind of
hurt your reputation at theorganization you work for with
one bad meeting.
And it's really tough to kindof put it like that and just be
(07:29):
so dead cut about it.
But it's true, especially whenyou're a security professional
in your enterprise and you'renot earning trust within the
first couple of minutes, they'renot going to listen to you.
More things are going to pileup on your end, you're going to
get a breach.
And then, hey, why weren't youdoing your job?
And it's like I was trying todo my job.
(07:50):
I had all these meetings andit's like I didn't hear that.
You know, that wasn't themessage that you delivered to me
, and it's just like I got toget better at this, yeah.
Speaker 1 (08:00):
Yeah, it's, it's challenging if you've never done
it before.
You know, and I think one ofthe benefits that maybe this
podcast inadvertently gave mewas getting used to.
You know, speaking withexecutives, right, I mean like I
talk with you, know everyone Italk with.
You know successful CEOs andfounders.
You know successful CEOs andfounders.
(08:26):
You know CISOs that everyonewould know you know.
So it forces you to kind of getused to it and not be, like,
you know, awestruck, right,because a lot of the times when
you're the lower level andyou're talking to the CTO or the
CEO or whatever it might be,you know you're you're you're
nervous, more more of because ofthe status of the person you
know in the room, right, thatkind of it was interesting,
(08:47):
right, I can't even remember whoit was with.
It was a CEO of some largeorganization that was coming on
the podcast and I was realnervous going into the talk and
you know whatever else, right,and my friend, you know, just
asked me a real simple question,right, that kind of like broke
it down real easy for me.
He's like, well, you know whatcolors their blood when they
(09:11):
bleed?
He's like red.
He's like, okay, do they speakEnglish?
I'm like, yeah, he's like okay,are they human?
Like yeah, he goes.
Then what's the problem?
They're another person Likebroke it down, like that right
Genius.
It was fascinating, yeah,because I kind of I carry that.
I carry that now right LikeI've done a lot of podcasts with
(09:34):
you know spies from the CIA,from Israel.
I'm going to bring on you knowa former Russian spy.
At some point I got more comingon.
That's so cool?
Yeah, it's a really cool thing.
It's really easy to getintimidated, though, right,
because these people, you knowthey're one in a billion, right,
(09:54):
I mean they're not like fallingoff trees, right, like you
don't run into these kind ofpeople every time, right, or all
day, um, and it's justinteresting to have those
conversations and I could likepsych myself out before even
going into it, you know, and uh,but I want to circle back right
, because I do recall this isfairly recently, you know,
(10:17):
within the past two years, right, my cto wanted to.
You know, within the past twoyears, right, my CTO wanted to
like have a call, basically withall the tech leads and the
architects on the call and havethem like present.
You know what we're all workingon and the progress that we're
making and stuff like that,right, and it was fascinating
because my architect, you know,kicked off the security portion,
(10:38):
right, and he was the longestpart of the entire security
portion.
He was basically just kicking itoff giving a program overview,
right, and it gets to me and Imean, maybe, maybe it was a dig
at him, maybe, but I started offwith saying like I promise this
will be two minutes, don'tworry, you know, like, just like
setting the expectation rightthere, you know, and then, and
(11:01):
it was, it was only like twothere and it was, it was only
like two minutes, whatever itwas, but very concise, very to
the point, very much he couldtake this slide, put it into his
slide deck, present it to theCEO and be like, see this guy
who's running all of security,he's doing all of these things.
This is the value it'sproviding the organization.
Speaker 2 (11:21):
And at the end, you know, the CTO called out me
specifically for providing goodinformation, didn't even call
out anyone else in security,right, and I kind of like hung
my hat on that, so to speak, forthe day was like all right, I
did a good job Moving on,because now I got to go
interview some CISO you know fora company you start to realize
(11:42):
that, yeah, just the two things,that you start to remove titles
from people and you then areable to communicate in a whole
different, more open way andyou're not just thinking this is
the CEO of blah, this is theCISO of blah, you know, like
this is just a really coolperson that has a cool story
that I want to hear.
(12:02):
That's it.
You know, you keep it simple.
And then your, you know, your,your heart rate starts to go
down just a little bit and wasaround keeping it concise,
keeping it efficient, and whatI've realized is that a lot of
(12:28):
CEOs, cfos, coos, anybody atthat C level, looks at
efficiency as number one.
How do I whittle away minutes,how do I whittle away hours, how
do I whittle away seconds?
And if you're in a meeting withthem, they've already kind of
planned this in their head, likeI need to get X out of this
within X amount or Y amount oftime.
(12:49):
And if you're not hitting thatmark, you know that's where they
think I need somebody else tocome in and do what I need them
to do, because I have X amountof time and you're going over
that time right now.
And it's not to be rude, but,given the demands of that
position, that's what's needed.
They need to have thatefficiency mindset where they're
(13:11):
just like instead of spendingan hour on this, I need to spend
30 minutes, I need to spend 10minutes or I need to delegate
this.
So if you're just, you know,going on for 20 minutes, they're
on their phone just like huh,yeah, okay.
Speaker 1 (13:25):
Yeah, yeah, no, that's a.
That's a great point.
And you know, I kind ofrealized that several years ago,
right, where you startedthinking of efficiencies, of you
know how much.
Just simple, simple math, right, how much do I make an hour?
Right, is it going to take me,like, how much time is this
(13:47):
thing going to take me?
And I'll give you a greatexample.
I'm redoing my website right nowand I'm terrible at it.
You know, like it's it's realbad Because I'm not a website
designer and I'm not thatcreative when I don't already
have like design examples infront of me and website creation
a lot of the times.
Like, yeah, you'll havetemplates and whatnot, but at
(14:07):
the end of the day, you know,someone that does this every
single day is going to beat me10 times out of 10,.
You know, in terms of likedesign and flow and efficiency,
right, and literally today I was, I had a call with my web
designer and I mean 15 minutesinto it she was like, oh, yeah,
we'll get this all done in liketwo, three hours maybe.
(14:30):
And I gave her my budget andeverything and she's like, yeah,
don't even worry about it.
When I was starting to go downthat path, right, the very first
thing that I factored in wasokay, how much do I make an hour
?
Right, how many hours is thisgoing to take me?
A very large amount, becauseI'm not good at it.
(14:52):
Right, and can someone elsejust do it more efficiently,
even if I spend a little bitmore money?
Right, like, is their pricegoing to beat out the amount of
hours that I'm going to spend onit?
And 100% it is, and you'regoing to get better quality out
of it.
Well, that's what these CISOs orCEOs are thinking about in
(15:13):
their head, right, like, thinkabout it like this they spend an
hour or two at a board meeting,right, one time a quarter.
They spend an hour or two at aboard meeting, right, one time a
(15:43):
quarter.
I mean, they're looking forevery bit of value that you
bring to the marketplace withinthat hour.
It's not based on somefictitious number that people
made up or that you came up within your head or whatever.
You know like it's.
It's like literally no, everyhour I am bringing this much
value to the marketplace.
That may seem, you know, alittle bit astronomical, right,
but when you factor in theamount of employees that the
people are employing, when youfactor in the amount of people
(16:07):
from those employees thatthey're impacting, like their
families, right, the kids andthe extended families,
potentially, and everything elselike that it's like, okay, that
number becomes a little bitmore realistic, right?
Exactly, it's just something.
It's something that I've usedto frame it right, because it's
like, okay, they're viewing timedifferently because I mean,
(16:28):
they had, maybe they flew hereon a helicopter, right, if
you're in New York and you'redoing a board meeting, right,
most of the board membersprobably got there on a
helicopter, not via a car youknow Exactly, yeah, and it's the
fact that they're always kindof looking at it from this lens
of I always use the factoryscenario.
Speaker 2 (16:50):
They are given, you know, this challenge of hey,
here's this factory, it outputsthis much.
Here's all this machinery.
Is there the amount of peoplethat you have?
We want to up efficiency by 30%or increase our output by 30%,
(17:10):
but we're not going to give youmore people, we're not going to
give you more machinery.
You're just going to have tomove things around.
You're going to have to come upwith better ideas, and we need
it by the end of the month.
So that's where you have tothink like I need maybe one less
person and a better machine ora better conveyor belt that I
could make go quicker, and youknow that's when it could start
(17:34):
to.
You know, um, which I'll tumbledown into.
That area of thinking ofeverything's kind of like I need
to ship this, I need to make itmore efficient, and you almost
lose that personal touch fromthat.
But then you also have to knowfrom the outside.
That's what they're constantlythinking all the time.
They're always looking at thisfactory and thinking I need to
(17:56):
make this 30% better, I need tomake this 50% better with what I
have already.
So it's a.
It's a difficult thing to do,especially when you know you
have such a very small timeframeto do it and yeah, I, I, uh.
Speaker 1 (18:10):
I read this book a couple of years ago, called
extreme ownership from JockoWillink, right Former Navy SEAL.
I mean, he's known within thecommunity right as being just,
you know, a real badass person.
Speaker 2 (18:23):
Screenshots of his watch of 4.30 in the morning and
making me feel bad because I'mlooking at that post at 12 pm
Because I woke up at Exactly.
Yeah, it's like, oh Jesus, thisguy's already lived one life
before.
Speaker 1 (18:36):
I got up, I didn't even do anything.
He's already worked out twice.
I didn't even do anything.
He's already worked out twice.
But you know, in his book he hediscusses how he would have to
go to his upper management andrequest different things.
Right, like he'd have torequest, you know, whatever it
might be right, like a tank or adrone or you know whatever it
is, and all of his counterparts,um, you know they would be
(19:01):
requesting like everything underthe sun.
You know they would overkill amission by 300, 400 percent of
what they actually needed.
They would have four times themen, they would have four times
the weapons and the drones andeverything Right.
He described how, whenever hewas, you know, asked what do you
(19:21):
need, he would always saynothing, like like we've got it
and that's because he's doingmore with less.
It's like, okay, well, let'sfigure out how to make this
thing stretch farther.
And he said the purpose behindthat was that, when I went to go
and ask these people forsomething they needed to know
(19:42):
without a shadow of a doubt, Iexhausted every other resource
that I had and now I truly needit.
Like it's not a, it's not amaybe he doesn't need it, it's a
hundred percent, he needs it.
Let's go get it.
Got denied anything, you know,because it showed the urgency
(20:04):
behind his own request withouthim having to, you know,
continuously badger people,right?
And so, in security, I think weget into this.
We get into this mode whereit's always we need another tool
.
Right, I need this.
I need this brand new, fancyEDR.
You know, I can't tell you howmany times, right, people have
(20:26):
asked me, you know, what's thebare minimum that you need in
the environment to make itsecure, right, and it's like
give me a firewall, give me aSIM, give me an EDR.
Right, I'll figure everythingelse out.
Right, because every this iswhat you got to think of every
other other tool almost, orevery other category, just makes
things easier.
(20:47):
That's all it does.
It makes it easier, makes itmore streamlined and optimized.
That's what you're paying for.
You're paying for thatefficiency.
But if we're talking like atrue budget constrained
environment, it's like, okay,let me just get the bare minimum
, you know, let me let me, youknow, sleep a couple more hours
at night.
Speaker 2 (21:03):
Right, what are you solving for the business?
You always have to frame it forthe business.
It's not about I want to beable to, you know, for all these
crazy advanced attacks.
And it's like when is industry,are you in?
Do you have public facingservers?
Are you even like on a riskregister for that?
And then you start to be like,okay, you know, go back to the
(21:26):
factory mindset.
Like I said, what do I, what doI have in my factory right now
and what could I do to make it30 better or 40 better?
Speaker 1 (21:33):
yeah, yeah, and security is typically viewed by
the board as like a black holeoh yeah, we, yeah, we don't make
any.
Speaker 2 (21:40):
It's like, hey, we're throwing all this.
We're not cash revenuegenerating whatsoever.
We suck money up.
Speaker 1 (21:46):
Yeah, yeah, and it's, it's interesting the dynamics
of it, you know, and and youknow when, when you have someone
, I feel like it's easy to getaway, get away or ahead of your
skis with the security stacks.
You know, I mean you can get sofar in the weeds with this
(22:08):
stuff.
And you look at it, right.
Whiz started five years ago,right, and they did CSPM and
they had like some nuancedcontainer capabilities right.
And now they do everythingunder the sun and they just got
bought out by Google, right.
And if you look at Wiz'sofferings, actually it's like
(22:32):
almost 100% of cloud security,it it's like almost 100 of cloud
security, and yet there's still15 other pillars of cloud
security that that people aretrying to sell you on right,
like.
Speaker 2 (22:43):
It's like, guys, I could just consolidate all of
your stuff with this onesolution for a nominal cost
exactly, yeah, and there's someproducts that, um, obviously I'm
not going to name, but theyhave these scoring systems and
it's hilarious because it's likeyou go so arbitrary?
Scoring systems and you're likewait a minute, I have to
(23:05):
purchase something to satisfythat and that's factored into my
scoring system.
That's not.
That sounds a little likegreasy, if you ask me yeah,
let's not talk about yeah,whatever, let's.
Speaker 1 (23:17):
Let's not forget to mention that the companies on
the gartner's magic quadrant paygartner to get on the magic
quadrant right and then gartnersells a subscription to
companies for them to view thedifferent domains and the top
key players that pay to be puton this magic quadrant Right.
So it's like, guys, it's a, it'sa pay to play, pay to win game
(23:40):
that you're trying to have rightnow and like everyone's up on
it.
You know, like I can't remember, man, I think the last I mean I
had to present to you know thethe upper management right,
present to you know the uppermanagement right, when I was
trying to get a project you knowcleared and everything I had to
, like you know, add inGartner's Magic Quadrant and be
(24:01):
like, see, it's on the MagicQuadrant, but that was all that
I did.
You know, I didn't care about aposition or anything like that.
I didn't put any value behindit.
Because if they were to ask me,I'm going to be like, guys,
it's pay to play.
There's no real value behindthis thing.
The value is in the actual tool.
Speaker 2 (24:20):
Exactly.
Yeah, it's supposed to be aguide to let you know about
what's out there and you knowwho they think may be performing
the best and, like you said,it's pay to play.
So if you want to get yourlittle dot, you know, in that
quadrant, you know you got toyou got to fess up the big bucks
.
So it's just like I said,everything needs to be taken
(24:44):
with a grain of salt andcontextualized for your
enterprise.
Anyways, I would use it in thesame way that you did where it's
just like hey, I know I'mgetting brand reputation or they
know what this means, and ifGartner agrees with me, then
that helps my case even more.
So it's like I'm playing thissilly little game of you know
(25:12):
I'm going to manipulate you alittle bit, but you got to do
what you got to do to.
You know, build a winning case,because you said it's.
It's not like talking to yourteam, you're talking to a whole
different language that you needto convert to.
Speaker 1 (25:24):
Right, right, how did you make that switch?
You know, you kind of I guessyou kind of touched on it a
little bit, right, and I'm I'mprobably going, you know, beyond
whatever outline you youprepared, right, because I mean
a little little, uh, known fact,right, like I don't prepare an
outline, I don't preparequestions or anything else for
(25:46):
my guests.
I mean, like, if you're reallyprivileged and you know you were
a spy or something, I'llprepare like two questions that
are that are just like burninginto my brain, right, but you
operate a spy or something.
I'll prepare like two questionsthat are just like burning into
my brain, right, but youoperate a little bit differently
.
And so you, I know you have anoutline and so I'm derailing you
from it, but what was thatthing that kind of shifted your
mindset into okay, this is how Ido it.
(26:08):
And then probably a quarterlater, you figured out, okay, it
was successful, or I got totweak this or whatever it might
be.
Speaker 2 (26:15):
It's embracing leadership, because at the end
I'm going to sound very gimmickyright now, but at the end of
the day, you are representingyour team and you're
representing the company.
You're representing a lot ofdifferent things and if you're
not getting your initiativesacross, you're letting down not
only the enterprise, but you'reletting down your analysts, your
(26:37):
engineers.
You're making their livesharder.
So there's a lot of peoplecounting on you and when you
don't follow through, it'snoticed.
And I've had moments where Idid not follow through and made
my life harder for everyonearound me and that was just
because I didn't know how toconvey my message in a, you know
(26:58):
, efficient way to the my targetaudience.
I was getting too technical, Iwas taking too much time.
Presentations up to 40 minutes,it's like no, you can't do that
.
So once I was able to start,really kind of like one, I would
say, just listening to theleaders around me, really kind
of taking note of what they weredoing, how they were finding
(27:21):
success and kind of like copyingit in a way.
So I had a couple of CISOs thatreally helped me craft my
message.
Or, you know, we always kept onsaying how to craft your story,
what's the story that you'regoing to tell today to your
executive.
And that's where I reallystarted to understand.
You know, this is how I'm goingto start bridging the gap.
(27:42):
This is where I'm going tostart.
You know, stop talking aboutPowerShell logging and start
talking about the return oninvestment for the product.
Start talking about what areour you are our competitors
doing in the security market aswell, too, because sometimes
you're getting customers basedon the fact that you are a super
(28:03):
secure company and they may gowith a different company because
you had a qualification on yourSOC 2.
So that's where, like I said, Ireally kind of put a stake in
the ground and said, hey, I'mgoing to get better at this, I'm
going to dedicate myself tobecoming this leader, to where I
could translate the technicalof everything we're doing into a
(28:26):
business context, to where Icould bring it to my executives
and just make their life easy,bring them options and literally
, like, what button should Ipress?
Push the second button.
It's like cool and that's allit is.
Like I said, it takes a lot ofpractice and confidence in
yourself, but I'd say the firststep is to embrace leadership,
(28:48):
embrace the position you're inand really give it your all when
you are, you know, hunting downyour initiatives and seeking
that budget to make a difference.
Speaker 1 (29:00):
Yeah, that is, that's interesting, what you know.
Experiences will teach youright, and I feel like I feel
like people are always worriedabout you know failing right,
especially failing publicly,about you know failing right,
especially failing publicly.
I mean my gosh like man, theamount of times that I've failed
publicly.
You know, and and when we met,you know we were, we were
(29:23):
working for a company that youknow they had a I mean really
they had a vital product towhatever company bought the
product.
I mean, like you can't, if youhad a need to buy that product,
you, it's probably a legalrequirement, so you have to have
a product of that you know samecategory in your environment
(29:44):
and it's required to be up, likeat all times.
You know, and you know thatculture really cultivated, you
know a mentality of.
I made a mistake, I need help,right, and I mean the amount of
times that I accidentally didsomething that I didn't even,
you know I didn't realize thatthat command was going to do
(30:05):
something.
It was completely unintendedand I had to quickly realize.
Well, I'm completely out of mydepth here, right, raise my hand
and be like I need an adult.
You know, I mean, that was,that was the term that we used.
You know, I need someone herethat's more experienced than me
that can help me with this.
You know, and I mean you alwayscould tell if I really went
(30:28):
down a bad rabbit hole, if when,like the developer that wrote
the code, is hovering over mydesk, you know, and at some
point he's just like give me thekeyboard, give me, give me the
keyboard there's.
I can't even explain how to fixit.
Speaker 2 (30:43):
Yes, sir, please take over, thank you.
Speaker 1 (30:45):
Yeah, exactly, exactly.
I mean, it was a reallyinteresting times, right.
But, like that, that situation,you know, cultivates an
experience or a mentality whereit's like hey, I need help.
Right, like you learn how tofail publicly in front of other
people, like immediately.
And there was people on thatteam that were not very well
(31:09):
liked, that didn't last verylong there because they weren't
willing to raise their hand andbe like hey, I messed up, you
know, and announce it to thewhole team, right, like, I think
me and you were one of the fewpeople that were like willing to
raise our hand, announce it toeveryone.
Hey, I messed up in this giantway because that was the only
way that we were going to learn.
Speaker 2 (31:30):
Yeah, you know, like, that's how it was um, it's,
it's funny when you bring stufflike that too.
It's.
It's almost like post-traumaticstress disorder, when you're
just thinking like, well, yeah,I remember that one time when I
was on a customer support and II asked them to do something,
and then they, they reset allthe admin passwords in the
entire organization.
(31:51):
And then it's like the next daythey find out and everyone's
just hey, peter was on support,it was peter, and it's just like
no, no, no, no, no, no, no, no,I don't.
Oh, my god, it's like all righthere, here's what happened,
here's what I did.
You know, like I'm I'm nottrying to, you know, protect
myself, I just want everythingto be back to where it was so
(32:12):
it's you know just try to evenremove myself as an individual.
It's like I just want this tohappen for the organization.
This is what I've tried.
You know, help me out.
That's a.
I think it's a valuable lessonis that you need to ask for help
.
You just have to ask for helpwhen you need it.
You could spin your wheels asmuch as you want by yourself,
but then you realize when youask for help, hey, I could have
(32:34):
saved two hours.
And we're all human.
I do it myself, especially withthe C-Learning series and
working on the creative side ofthe slides.
My Lord, I've had to go back amillion times and redo stuff and
go on YouTube.
Ask my girlfriend, ask myfriend to review it.
Is my head straight?
Am I loud enough?
(32:55):
You know it's really importantto just get third party feedback
when you're doing anythinghonestly, because people are
going to see things that youdon't and you're just going to
have to accept that early on.
Speaker 1 (33:07):
Yeah, yeah.
Well, you know, peter, we'recoming up to the top of our time
here.
We're coming up to the top ofour time here, but you know,
before I let you go, how aboutyou tell you know my audience
where they could find thate-learning series and where they
could find you know you onsocial media if they wanted to
reach out.
Speaker 2 (33:22):
Yeah, fantastic, there's going to be two places.
I have a new YouTube channelcalled Pram Corp Productions and
that's where the channel willbe for my e-learning series.
They're going to be put intoplaylists.
For my e-learning series.
They're going to be put intoplaylists.
So, as of right now, there's anintro to the e-learning series
for executive briefings forsecurity professionals, and then
module one, understanding youraudience.
(33:43):
So that's going to be inYouTube, paramcorp Productions.
And then you can find me onLinkedIn.
I'm just linkedincom inP-Ramadan, very easy.
I have a bunch of differentarticles and content you could
check out there.
And, yeah, just feel free tomessage me if anyone wants to
contact and collaborate.
Just talk about stuff.
I'm, you know, really want toget engaged in the community and
(34:06):
I want to thank you, joe, forhelping me do that.
Speaker 1 (34:10):
Yeah, absolutely no-transcript.
How's it going, peter ?
It's good to have you back onthe podcast.
You know it's been aninteresting time for both of us,
I think, the past two months.
But yeah, great, great to haveyou back on.
Speaker 2 (00:10):
Joe, I really appreciate being out here and
had a lot.
You know had a blast last timeI was on here me that they
prefer my format of an interviewcompared to some other people
in the space, a lot of the otherpeople.
Speaker 1 (00:36):
they'll do a two-hour recording with someone and
they'll chop it up into 45minutes.
Whenever I hear that, it's like, guys, you know you're not,
you're not doing anyone anyjustice.
You know, if you're going torecord for two hours, it should
be pretty close to two hours toreally get that that feel for
the person.
But you know, at least that'sthat's my opinion.
(00:57):
I mean, there's other, moresuccessful podcasts out there
than mine, right?
So who am I to tell them thatthey doing something?
Speaker 2 (01:02):
you know it.
That sounds true, joe, but Iwould say, go the opposite way
and just go full force into thedirection you're going into,
because it's more authentic.
You're not, you know, sayingwe'll fix that in post, we'll
fix that in post, uh, you know.
Yeah, it keeps it real foreverybody, and I think that's
what we're all looking for isfor something real, and we all
(01:23):
enjoy security.
But we're also, you know, isfor something real and we all
enjoy security, but we're also,you know, human beings who do
stuff outside of security.
So, you know, try to find a wayin the middle of those two, and
I think that's where you startto kind of attract the right
people.
Speaker 1 (01:36):
Yeah, yeah.
Well, Peter, you know you.
You made a LinkedIn post todayabout you starting about a
e-learning series, right?
So what's all that about?
Give me the thousand-foot viewof why people should dive into
it and who it's really made for,and that sort of thing.
Speaker 2 (01:56):
Absolutely yeah.
So I would say the idea justkind of came out of nowhere.
We have a mutual friend that amutual friend that I was helping
out and he was trying todevelop some just source
material to help educate themasses on specific areas of
security.
So we were kind of kickingaround some ideas and I really
(02:18):
wanted to think of some ideasthat were not thought of before,
which is a challenging thing todo.
But it's one of those thingswhere you just go onto Google
and you're like, hey, I want tolearn about this from in this
area, what's available, what'sthe most popular.
And I did the same for myselfwith security and started to
realize that there isn't a lotof polished material out there
(02:42):
and it's not a dig to anybodyout there.
It's just kind of like what wewere just saying how do we keep
it real, keep it about the topicof security, but, like I said,
keep it interesting,entertaining.
So that's where I said, hey,I'm going to start developing my
own e-learning series, and thefirst topic that I wanted to
(03:03):
jump into was executivebriefings for security
professionals.
It's a near and dear topic tomy heart because it's one of
those that I actually had to gothrough and suffer through the
pitfalls and get that harshfeedback from your CISO to say
(03:23):
your message didn't get across,you used too many pictures, that
didn't matter.
With your presentation you lostthe message.
So I was kind of just swimmingout in the middle of the ocean
just trying to figure out youknow what direction I should go
in and I don't want anyone elseto go through that.
That was a really tough time,you know, I got my bun toasted a
(03:47):
couple times but, to say it thenice way.
But yeah, to focus on the youknow, security presentations,
you know for leadership, peoplewho want to become CISOs,
directors and, you know, don'twant to just have the role, they
want to actually do thingswhile they're, you know, being
that director, being that changein their organization.
(04:09):
So I developed a seven moduleseries for executive briefings
which goes through kind ofdifferent topics on how to
improve your game.
So like starting from framing,you know, cybersecurity, to
business terms, storytellingskills, what metrics, to use all
these different things to helpyou start crafting your story
(04:31):
and doing it in a, you know,very sharp, concise way where
executives are just lapping itup, they're eating it up, they
just hey, you're making my jobeasier.
I thought I would have to workharder.
You know, all I have to do issign yes, thank you Moving on,
and that's it's how they go.
They're very uh, or executivesare very red type, as in.
(04:52):
You know, be fast, be good, begone.
And that's what I really wantto teach you know, in this
series.
Speaker 1 (04:58):
Yeah, that is something that a lot of people
struggle with, even managers anddirectors and whatnot, right,
they even struggle with it quitea bit, especially that gap
right Going from a technicalrole into a more leadership role
.
You know, that bridge there oftrying to explain too thoroughly
(05:20):
of what's going on, right, notbeing concise enough is always
an issue, and it actually took,you know, a CISO of mine that
you know kind of kind of tookthe time and sat down and was
like, look, this is exactly whatI'm looking for.
And this is why I'm looking forit, because I want to take this
, copy and paste it into thisbig old slide deck that I have
(05:40):
and I want to talk about you fortwo minutes.
That's it, that's all I want todo, and it has to be high level
stuff.
Everyone in the room has to beable to understand it right,
like this is the board, the CEO,the CTO.
None of them are technical,none of them have a technical
background, you know.
And that really started to kindof shift my perspective, right,
(06:03):
because when I wanted to go tomy CISO for something or provide
him a status update on this bigproject that I'm working on,
right, I always present it nowin a way to where, if he, if he
needed to or wanted to presentit to someone in upper
management above him, right, Iwant him to just copy and paste
it, make it as easy as possible.
(06:25):
Like you know, he may get alittle bit more technical with
me on the side, you know tolearn the nuances of it, but you
know it should never be.
You know that like in depth,you know in the weeds view I
guess, when you're talking tothe executives, because they
just need to know what they needto make a decision about.
Speaker 2 (06:44):
Yeah, and they'll let you know when you're going the
wrong way too.
You could lose the room veryquickly with one slide.
You could not even get intoyour introductory paragraph of
what you're about to say.
You could just throw up a slideand then no one's listening to
you.
Everyone's looking at your youknow 20 million metrics within a
little square view, trying tounderstand what is this kid
(07:09):
talking about.
So I don't want others to gothrough that, like I was saying
before, because you could reallyhurt your reputation at the
organization you work for withone bad meeting, really kind of
hurt your reputation at theorganization you work for with
one bad meeting.
And it's really tough to kindof put it like that and just be
(07:29):
so dead cut about it.
But it's true, especially whenyou're a security professional
in your enterprise and you'renot earning trust within the
first couple of minutes, they'renot going to listen to you.
More things are going to pileup on your end, you're going to
get a breach.
And then, hey, why weren't youdoing your job?
And it's like I was trying todo my job.
(07:50):
I had all these meetings andit's like I didn't hear that.
You know, that wasn't themessage that you delivered to me
, and it's just like I got toget better at this, yeah.
Speaker 1 (08:00):
Yeah, it's, it's challenging if you've never done
it before.
You know, and I think one ofthe benefits that maybe this
podcast inadvertently gave mewas getting used to.
You know, speaking withexecutives, right, I mean like I
talk with you, know everyone Italk with.
You know successful CEOs andfounders.
You know successful CEOs andfounders.
(08:26):
You know CISOs that everyonewould know you know.
So it forces you to kind of getused to it and not be, like,
you know, awestruck, right,because a lot of the times when
you're the lower level andyou're talking to the CTO or the
CEO or whatever it might be,you know you're you're you're
nervous, more more of because ofthe status of the person you
know in the room, right, thatkind of it was interesting,
(08:47):
right, I can't even remember whoit was with.
It was a CEO of some largeorganization that was coming on
the podcast and I was realnervous going into the talk and
you know whatever else, right,and my friend, you know, just
asked me a real simple question,right, that kind of like broke
it down real easy for me.
He's like, well, you know whatcolors their blood when they
(09:11):
bleed?
He's like red.
He's like, okay, do they speakEnglish?
I'm like, yeah, he's like okay,are they human?
Like yeah, he goes.
Then what's the problem?
They're another person Likebroke it down, like that right
Genius.
It was fascinating, yeah,because I kind of I carry that.
I carry that now right LikeI've done a lot of podcasts with
(09:34):
you know spies from the CIA,from Israel.
I'm going to bring on you knowa former Russian spy.
At some point I got more comingon.
That's so cool?
Yeah, it's a really cool thing.
It's really easy to getintimidated, though, right,
because these people, you knowthey're one in a billion, right,
(09:54):
I mean they're not like fallingoff trees, right, like you
don't run into these kind ofpeople every time, right, or all
day, um, and it's justinteresting to have those
conversations and I could likepsych myself out before even
going into it, you know, and uh,but I want to circle back right
, because I do recall this isfairly recently, you know,
(10:17):
within the past two years, right, my cto wanted to.
You know, within the past twoyears, right, my CTO wanted to
like have a call, basically withall the tech leads and the
architects on the call and havethem like present.
You know what we're all workingon and the progress that we're
making and stuff like that,right, and it was fascinating
because my architect, you know,kicked off the security portion,
(10:38):
right, and he was the longestpart of the entire security
portion.
He was basically just kicking itoff giving a program overview,
right, and it gets to me and Imean, maybe, maybe it was a dig
at him, maybe, but I started offwith saying like I promise this
will be two minutes, don'tworry, you know, like, just like
setting the expectation rightthere, you know, and then, and
(11:01):
it was, it was only like twothere and it was, it was only
like two minutes, whatever itwas, but very concise, very to
the point, very much he couldtake this slide, put it into his
slide deck, present it to theCEO and be like, see this guy
who's running all of security,he's doing all of these things.
This is the value it'sproviding the organization.
Speaker 2 (11:21):
And at the end, you know, the CTO called out me
specifically for providing goodinformation, didn't even call
out anyone else in security,right, and I kind of like hung
my hat on that, so to speak, forthe day was like all right, I
did a good job Moving on,because now I got to go
interview some CISO you know fora company you start to realize
(11:42):
that, yeah, just the two things,that you start to remove titles
from people and you then areable to communicate in a whole
different, more open way andyou're not just thinking this is
the CEO of blah, this is theCISO of blah, you know, like
this is just a really coolperson that has a cool story
that I want to hear.
(12:02):
That's it.
You know, you keep it simple.
And then your, you know, your,your heart rate starts to go
down just a little bit and wasaround keeping it concise,
keeping it efficient, and whatI've realized is that a lot of
(12:28):
CEOs, cfos, coos, anybody atthat C level, looks at
efficiency as number one.
How do I whittle away minutes,how do I whittle away hours, how
do I whittle away seconds?
And if you're in a meeting withthem, they've already kind of
planned this in their head, likeI need to get X out of this
within X amount or Y amount oftime.
(12:49):
And if you're not hitting thatmark, you know that's where they
think I need somebody else tocome in and do what I need them
to do, because I have X amountof time and you're going over
that time right now.
And it's not to be rude, but,given the demands of that
position, that's what's needed.
They need to have thatefficiency mindset where they're
(13:11):
just like instead of spendingan hour on this, I need to spend
30 minutes, I need to spend 10minutes or I need to delegate
this.
So if you're just, you know,going on for 20 minutes, they're
on their phone just like huh,yeah, okay.
Speaker 1 (13:25):
Yeah, yeah, no, that's a.
That's a great point.
And you know, I kind ofrealized that several years ago,
right, where you startedthinking of efficiencies, of you
know how much.
Just simple, simple math, right, how much do I make an hour?
Right, is it going to take me,like, how much time is this
(13:47):
thing going to take me?
And I'll give you a greatexample.
I'm redoing my website right nowand I'm terrible at it.
You know, like it's it's realbad Because I'm not a website
designer and I'm not thatcreative when I don't already
have like design examples infront of me and website creation
a lot of the times.
Like, yeah, you'll havetemplates and whatnot, but at
(14:07):
the end of the day, you know,someone that does this every
single day is going to beat me10 times out of 10,.
You know, in terms of likedesign and flow and efficiency,
right, and literally today I was, I had a call with my web
designer and I mean 15 minutesinto it she was like, oh, yeah,
we'll get this all done in liketwo, three hours maybe.
(14:30):
And I gave her my budget andeverything and she's like, yeah,
don't even worry about it.
When I was starting to go downthat path, right, the very first
thing that I factored in wasokay, how much do I make an hour
?
Right, how many hours is thisgoing to take me?
A very large amount, becauseI'm not good at it.
(14:52):
Right, and can someone elsejust do it more efficiently,
even if I spend a little bitmore money?
Right, like, is their pricegoing to beat out the amount of
hours that I'm going to spend onit?
And 100% it is, and you'regoing to get better quality out
of it.
Well, that's what these CISOs orCEOs are thinking about in
(15:13):
their head, right, like, thinkabout it like this they spend an
hour or two at a board meeting,right, one time a quarter.
They spend an hour or two at aboard meeting, right, one time a
(15:43):
quarter.
I mean, they're looking forevery bit of value that you
bring to the marketplace withinthat hour.
It's not based on somefictitious number that people
made up or that you came up within your head or whatever.
You know like it's.
It's like literally no, everyhour I am bringing this much
value to the marketplace.
That may seem, you know, alittle bit astronomical, right,
but when you factor in theamount of employees that the
people are employing, when youfactor in the amount of people
(16:07):
from those employees thatthey're impacting, like their
families, right, the kids andthe extended families,
potentially, and everything elselike that it's like, okay, that
number becomes a little bitmore realistic, right?
Exactly, it's just something.
It's something that I've usedto frame it right, because it's
like, okay, they're viewing timedifferently because I mean,
(16:28):
they had, maybe they flew hereon a helicopter, right, if
you're in New York and you'redoing a board meeting, right,
most of the board membersprobably got there on a
helicopter, not via a car youknow Exactly, yeah, and it's the
fact that they're always kindof looking at it from this lens
of I always use the factoryscenario.
Speaker 2 (16:50):
They are given, you know, this challenge of hey,
here's this factory, it outputsthis much.
Here's all this machinery.
Is there the amount of peoplethat you have?
We want to up efficiency by 30%or increase our output by 30%,
(17:10):
but we're not going to give youmore people, we're not going to
give you more machinery.
You're just going to have tomove things around.
You're going to have to come upwith better ideas, and we need
it by the end of the month.
So that's where you have tothink like I need maybe one less
person and a better machine ora better conveyor belt that I
could make go quicker, and youknow that's when it could start
(17:34):
to.
You know, um, which I'll tumbledown into.
That area of thinking ofeverything's kind of like I need
to ship this, I need to make itmore efficient, and you almost
lose that personal touch fromthat.
But then you also have to knowfrom the outside.
That's what they're constantlythinking all the time.
They're always looking at thisfactory and thinking I need to
(17:56):
make this 30% better, I need tomake this 50% better with what I
have already.
So it's a.
It's a difficult thing to do,especially when you know you
have such a very small timeframeto do it and yeah, I, I, uh.
Speaker 1 (18:10):
I read this book a couple of years ago, called
extreme ownership from JockoWillink, right Former Navy SEAL.
I mean, he's known within thecommunity right as being just,
you know, a real badass person.
Speaker 2 (18:23):
Screenshots of his watch of 4.30 in the morning and
making me feel bad because I'mlooking at that post at 12 pm
Because I woke up at Exactly.
Yeah, it's like, oh Jesus, thisguy's already lived one life
before.
Speaker 1 (18:36):
I got up, I didn't even do anything.
He's already worked out twice.
I didn't even do anything.
He's already worked out twice.
But you know, in his book he hediscusses how he would have to
go to his upper management andrequest different things.
Right, like he'd have torequest, you know, whatever it
might be right, like a tank or adrone or you know whatever it
is, and all of his counterparts,um, you know they would be
(19:01):
requesting like everything underthe sun.
You know they would overkill amission by 300, 400 percent of
what they actually needed.
They would have four times themen, they would have four times
the weapons and the drones andeverything Right.
He described how, whenever hewas, you know, asked what do you
(19:21):
need, he would always saynothing, like like we've got it
and that's because he's doingmore with less.
It's like, okay, well, let'sfigure out how to make this
thing stretch farther.
And he said the purpose behindthat was that, when I went to go
and ask these people forsomething they needed to know
(19:42):
without a shadow of a doubt, Iexhausted every other resource
that I had and now I truly needit.
Like it's not a, it's not amaybe he doesn't need it, it's a
hundred percent, he needs it.
Let's go get it.
Got denied anything, you know,because it showed the urgency
(20:04):
behind his own request withouthim having to, you know,
continuously badger people,right?
And so, in security, I think weget into this.
We get into this mode whereit's always we need another tool
.
Right, I need this.
I need this brand new, fancyEDR.
You know, I can't tell you howmany times, right, people have
(20:26):
asked me, you know, what's thebare minimum that you need in
the environment to make itsecure, right, and it's like
give me a firewall, give me aSIM, give me an EDR.
Right, I'll figure everythingelse out.
Right, because every this iswhat you got to think of every
other other tool almost, orevery other category, just makes
things easier.
(20:47):
That's all it does.
It makes it easier, makes itmore streamlined and optimized.
That's what you're paying for.
You're paying for thatefficiency.
But if we're talking like atrue budget constrained
environment, it's like, okay,let me just get the bare minimum
, you know, let me let me, youknow, sleep a couple more hours
at night.
Speaker 2 (21:03):
Right, what are you solving for the business?
You always have to frame it forthe business.
It's not about I want to beable to, you know, for all these
crazy advanced attacks.
And it's like when is industry,are you in?
Do you have public facingservers?
Are you even like on a riskregister for that?
And then you start to be like,okay, you know, go back to the
(21:26):
factory mindset.
Like I said, what do I, what doI have in my factory right now
and what could I do to make it30 better or 40 better?
Speaker 1 (21:33):
yeah, yeah, and security is typically viewed by
the board as like a black holeoh yeah, we, yeah, we don't make
any.
Speaker 2 (21:40):
It's like, hey, we're throwing all this.
We're not cash revenuegenerating whatsoever.
We suck money up.
Speaker 1 (21:46):
Yeah, yeah, and it's, it's interesting the dynamics
of it, you know, and and youknow when, when you have someone
, I feel like it's easy to getaway, get away or ahead of your
skis with the security stacks.
You know, I mean you can get sofar in the weeds with this
(22:08):
stuff.
And you look at it, right.
Whiz started five years ago,right, and they did CSPM and
they had like some nuancedcontainer capabilities right.
And now they do everythingunder the sun and they just got
bought out by Google, right.
And if you look at Wiz'sofferings, actually it's like
(22:32):
almost 100% of cloud security,it it's like almost 100 of cloud
security, and yet there's still15 other pillars of cloud
security that that people aretrying to sell you on right,
like.
Speaker 2 (22:43):
It's like, guys, I could just consolidate all of
your stuff with this onesolution for a nominal cost
exactly, yeah, and there's someproducts that, um, obviously I'm
not going to name, but theyhave these scoring systems and
it's hilarious because it's likeyou go so arbitrary?
Scoring systems and you're likewait a minute, I have to
(23:05):
purchase something to satisfythat and that's factored into my
scoring system.
That's not.
That sounds a little likegreasy, if you ask me yeah,
let's not talk about yeah,whatever, let's.
Speaker 1 (23:17):
Let's not forget to mention that the companies on
the gartner's magic quadrant paygartner to get on the magic
quadrant right and then gartnersells a subscription to
companies for them to view thedifferent domains and the top
key players that pay to be puton this magic quadrant Right.
So it's like, guys, it's a, it'sa pay to play, pay to win game
(23:40):
that you're trying to have rightnow and like everyone's up on
it.
You know, like I can't remember, man, I think the last I mean I
had to present to you know thethe upper management right,
present to you know the uppermanagement right, when I was
trying to get a project you knowcleared and everything I had to
, like you know, add inGartner's Magic Quadrant and be
(24:01):
like, see, it's on the MagicQuadrant, but that was all that
I did.
You know, I didn't care about aposition or anything like that.
I didn't put any value behindit.
Because if they were to ask me,I'm going to be like, guys,
it's pay to play.
There's no real value behindthis thing.
The value is in the actual tool.
Speaker 2 (24:20):
Exactly.
Yeah, it's supposed to be aguide to let you know about
what's out there and you knowwho they think may be performing
the best and, like you said,it's pay to play.
So if you want to get yourlittle dot, you know, in that
quadrant, you know you got toyou got to fess up the big bucks
.
So it's just like I said,everything needs to be taken
(24:44):
with a grain of salt andcontextualized for your
enterprise.
Anyways, I would use it in thesame way that you did where it's
just like hey, I know I'mgetting brand reputation or they
know what this means, and ifGartner agrees with me, then
that helps my case even more.
So it's like I'm playing thissilly little game of you know
(25:12):
I'm going to manipulate you alittle bit, but you got to do
what you got to do to.
You know, build a winning case,because you said it's.
It's not like talking to yourteam, you're talking to a whole
different language that you needto convert to.
Speaker 1 (25:24):
Right, right, how did you make that switch?
You know, you kind of I guessyou kind of touched on it a
little bit, right, and I'm I'mprobably going, you know, beyond
whatever outline you youprepared, right, because I mean
a little little, uh, known fact,right, like I don't prepare an
outline, I don't preparequestions or anything else for
(25:46):
my guests.
I mean, like, if you're reallyprivileged and you know you were
a spy or something, I'llprepare like two questions that
are that are just like burninginto my brain, right, but you
operate a spy or something.
I'll prepare like two questionsthat are just like burning into
my brain, right, but youoperate a little bit differently
.
And so you, I know you have anoutline and so I'm derailing you
from it, but what was thatthing that kind of shifted your
mindset into okay, this is how Ido it.
(26:08):
And then probably a quarterlater, you figured out, okay, it
was successful, or I got totweak this or whatever it might
be.
Speaker 2 (26:15):
It's embracing leadership, because at the end
I'm going to sound very gimmickyright now, but at the end of
the day, you are representingyour team and you're
representing the company.
You're representing a lot ofdifferent things and if you're
not getting your initiativesacross, you're letting down not
only the enterprise, but you'reletting down your analysts, your
(26:37):
engineers.
You're making their livesharder.
So there's a lot of peoplecounting on you and when you
don't follow through, it'snoticed.
And I've had moments where Idid not follow through and made
my life harder for everyonearound me and that was just
because I didn't know how toconvey my message in a, you know
(26:58):
, efficient way to the my targetaudience.
I was getting too technical, Iwas taking too much time.
Presentations up to 40 minutes,it's like no, you can't do that
.
So once I was able to start,really kind of like one, I would
say, just listening to theleaders around me, really kind
of taking note of what they weredoing, how they were finding
(27:21):
success and kind of like copyingit in a way.
So I had a couple of CISOs thatreally helped me craft my
message.
Or, you know, we always kept onsaying how to craft your story,
what's the story that you'regoing to tell today to your
executive.
And that's where I reallystarted to understand.
You know, this is how I'm goingto start bridging the gap.
(27:42):
This is where I'm going tostart.
You know, stop talking aboutPowerShell logging and start
talking about the return oninvestment for the product.
Start talking about what areour you are our competitors
doing in the security market aswell, too, because sometimes
you're getting customers basedon the fact that you are a super
(28:03):
secure company and they may gowith a different company because
you had a qualification on yourSOC 2.
So that's where, like I said, Ireally kind of put a stake in
the ground and said, hey, I'mgoing to get better at this, I'm
going to dedicate myself tobecoming this leader, to where I
could translate the technicalof everything we're doing into a
(28:26):
business context, to where Icould bring it to my executives
and just make their life easy,bring them options and literally
, like, what button should Ipress?
Push the second button.
It's like cool and that's allit is.
Like I said, it takes a lot ofpractice and confidence in
yourself, but I'd say the firststep is to embrace leadership,
(28:48):
embrace the position you're inand really give it your all when
you are, you know, hunting downyour initiatives and seeking
that budget to make a difference.
Speaker 1 (29:00):
Yeah, that is, that's interesting, what you know.
Experiences will teach youright, and I feel like I feel
like people are always worriedabout you know failing right,
especially failing publicly,about you know failing right,
especially failing publicly.
I mean my gosh like man, theamount of times that I've failed
publicly.
You know, and and when we met,you know we were, we were
(29:23):
working for a company that youknow they had a I mean really
they had a vital product towhatever company bought the
product.
I mean, like you can't, if youhad a need to buy that product,
you, it's probably a legalrequirement, so you have to have
a product of that you know samecategory in your environment
(29:44):
and it's required to be up, likeat all times.
You know, and you know thatculture really cultivated, you
know a mentality of.
I made a mistake, I need help,right, and I mean the amount of
times that I accidentally didsomething that I didn't even,
you know I didn't realize thatthat command was going to do
(30:05):
something.
It was completely unintendedand I had to quickly realize.
Well, I'm completely out of mydepth here, right, raise my hand
and be like I need an adult.
You know, I mean, that was,that was the term that we used.
You know, I need someone herethat's more experienced than me
that can help me with this.
You know, and I mean you alwayscould tell if I really went
(30:28):
down a bad rabbit hole, if when,like the developer that wrote
the code, is hovering over mydesk, you know, and at some
point he's just like give me thekeyboard, give me, give me the
keyboard there's.
I can't even explain how to fixit.
Speaker 2 (30:43):
Yes, sir, please take over, thank you.
Speaker 1 (30:45):
Yeah, exactly, exactly.
I mean, it was a reallyinteresting times, right.
But, like that, that situation,you know, cultivates an
experience or a mentality whereit's like hey, I need help.
Right, like you learn how tofail publicly in front of other
people, like immediately.
And there was people on thatteam that were not very well
(31:09):
liked, that didn't last verylong there because they weren't
willing to raise their hand andbe like hey, I messed up, you
know, and announce it to thewhole team, right, like, I think
me and you were one of the fewpeople that were like willing to
raise our hand, announce it toeveryone.
Hey, I messed up in this giantway because that was the only
way that we were going to learn.
Speaker 2 (31:30):
Yeah, you know, like, that's how it was um, it's,
it's funny when you bring stufflike that too.
It's.
It's almost like post-traumaticstress disorder, when you're
just thinking like, well, yeah,I remember that one time when I
was on a customer support and II asked them to do something,
and then they, they reset allthe admin passwords in the
entire organization.
(31:51):
And then it's like the next daythey find out and everyone's
just hey, peter was on support,it was peter, and it's just like
no, no, no, no, no, no, no, no,I don't.
Oh, my god, it's like all righthere, here's what happened,
here's what I did.
You know, like I'm I'm nottrying to, you know, protect
myself, I just want everythingto be back to where it was so
(32:12):
it's you know just try to evenremove myself as an individual.
It's like I just want this tohappen for the organization.
This is what I've tried.
You know, help me out.
That's a.
I think it's a valuable lessonis that you need to ask for help
.
You just have to ask for helpwhen you need it.
You could spin your wheels asmuch as you want by yourself,
but then you realize when youask for help, hey, I could have
(32:34):
saved two hours.
And we're all human.
I do it myself, especially withthe C-Learning series and
working on the creative side ofthe slides.
My Lord, I've had to go back amillion times and redo stuff and
go on YouTube.
Ask my girlfriend, ask myfriend to review it.
Is my head straight?
Am I loud enough?
(32:55):
You know it's really importantto just get third party feedback
when you're doing anythinghonestly, because people are
going to see things that youdon't and you're just going to
have to accept that early on.
Speaker 1 (33:07):
Yeah, yeah.
Well, you know, peter, we'recoming up to the top of our time
here.
We're coming up to the top ofour time here, but you know,
before I let you go, how aboutyou tell you know my audience
where they could find thate-learning series and where they
could find you know you onsocial media if they wanted to
reach out.
Speaker 2 (33:22):
Yeah, fantastic, there's going to be two places.
I have a new YouTube channelcalled Pram Corp Productions and
that's where the channel willbe for my e-learning series.
They're going to be put intoplaylists.
For my e-learning series.
They're going to be put intoplaylists.
So, as of right now, there's anintro to the e-learning series
for executive briefings forsecurity professionals, and then
module one, understanding youraudience.
(33:43):
So that's going to be inYouTube, paramcorp Productions.
And then you can find me onLinkedIn.
I'm just linkedincom inP-Ramadan, very easy.
I have a bunch of differentarticles and content you could
check out there.
And, yeah, just feel free tomessage me if anyone wants to
contact and collaborate.
Just talk about stuff.
I'm, you know, really want toget engaged in the community and
(34:06):
I want to thank you, joe, forhelping me do that.
Speaker 1 (34:10):
Yeah, absolutely no-transcript.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!