Description:
In a major cyber incident—whether it’s a nation-state intrusion, insider sabotage, ransomware outbreak, or executive-targeted fraud—technical containment is only half the battle. The true challenge is leading people, aligning decisions, and navigating the storm of uncertainty, pressure, and competing priorities.

Drawing from experience in hundreds of high-impact incidents across finance, healthcare, SaaS, and critical infrastructure, this talk introduces the Crisis Command Framework—five leadership behaviors that separate successful incident leaders from the rest:

Stabilize – Control the tempo and create psychological safety.

Prioritize – Filter noise and sequence actions with clarity.

Translate – Bridge technical realities to business, legal, and reputational impact.

Own – Make confident calls amid incomplete data.

Restore – Rebuild trust, morale, and operational momentum post-incident.

Through anonymized real-world examples, attendees will see how leadership—not just tooling—determines the trajectory of a crisis. They’ll leave with a Crisis Leadership Cue Card and actionable steps to elevate their readiness, lead decisively under pressure, and earn executive trust when it matters most.

Key Takeaways:

Learn a repeatable framework to lead effectively in high-pressure incidents.

Apply leadership behaviors to both technical and business decision-making.

Integrate leadership readiness into tabletop exercises and IR playbooks.