It’s easy to believe that preventing a cybersecurity disaster hinges on having the latest tools, the most advanced AI, or the biggest budget. If you walk any conference floor or conduct research on software solutions, you’ll see hundreds of vendors selling solutions to solve your toughest challenges with cutting-edge technology or AI.
But this belief is fundamentally flawed. The organizations that successfully navigate cyber crises don’t win because of their tools. They win because of their people.
In a conversation with a leading incident response expert from Unit 42, a firm handling roughly 1,000 incidents annually, I asked a simple but revealing question: What separates organizations that respond well to cyber crises from those that don’t?
The answer wasn’t AI or tooling. It wasn’t even technical maturity. It was leadership and communication.
These two human factors consistently determine whether an organization can respond to chaos with clarity or fall apart under pressure.
During my time at the Air Force, I was part of a mission to support the rescue of two Americans held in hostile territory. My team’s role was to disable communications within a defined radius for a seven-minute window to enable a safe extraction.
The environment was intense, and lives were at risk. The technology we were using was advanced, classified, and powerful. But in the end, the mission’s success didn’t hinge on the tools. It depended on trained leaders making confident decisions in real time.
That same principle applies in the private sector, where the stakes, while different, are still significant. Businesses depend on their technology leaders to guide them through uncertainty, disruption, and risk.
Organizations are rapidly adopting new technologies in an attempt to get things done more quickly and effectively. Nearly every vendor now includes AI in their messaging, creating a sense of urgency that if you don’t adopt AI, you’re doing yourself a disservice. But there is a critical imbalance: We are scaling technology faster than we are scaling our teams. This gap creates real risk.
Many organizations are:
Over-investing in tools
Under-investing in leadership development
Neglecting talent and skill-building
Failing to prepare for real-world crises
In fact, a staggering percentage of purchased AI capabilities are never successfully implemented, not because the tools don’t work, but because organizations don’t have the skills, strategy, or governance to use them effectively.
One of the most important things that organizations need to understand is that a major cyber incident is not an IT problem. It’s a business problem.
When a serious attack or ransomware event occurs, it impacts operations, revenue, reputation, and customer trust. Yet, many organizations still treat cybersecurity as a technical issue owned solely by IT.
This disconnect becomes painfully obvious when executives are unprepared to respond during a crisis. So, how can we change this?
Here are three practical, actionable steps that you can start working towards to change the way your business thinks about cybersecurity:
Run realistic cyber incident simulations, not just technical failovers. Bring your executive team into the room. Close the door. Spend two hours walking through what happens when “the bad day” arrives.
Ask:
Who makes decisions?
How is communication handled?
What are the priorities?
Without practice, even the smartest teams will struggle under pressure.
Before investing in new technologies, ask bigger questions:
Where is our data?
How is it structured and secured?
Who knows how to use these tools effectively?
Technology alone won’t deliver value without the governance and talent to support it.
If you’re the only person who can make critical decisions, your organization is at risk. Strong leaders must develop successors, upskill their teams, share knowledge intentionally, and educate peers and executives. Readiness isn’t accidental. It’s built over time through training, repetition, and trust.
When the bad day comes, it will not go according to plan.
But teams that have practiced repeatedly can rely on muscle memory. They adapt faster, communicate more clearly, and make better decisions under pressure.
Preparation doesn’t eliminate chaos. It makes it manageable.
In an industry obsessed with innovation, it’s easy to overlook the constant: Leadership is the most important, and most overlooked, security capability.
Tools will evolve. AI will advance. Threats will change. But organizations that invest in their people: their leaders, their communication, and their readiness will always have the advantage.