February 28, 2026
By Jane Frankland
I've delivered hundreds of talks over the years—keynotes, panels, fireside chats—and each one has taught me something new. Sometimes the lessons are technical: a clicker that doesn't work, a monitor too far to read, a microphone that picks up every background conversation. Other times, they're deeply human: managing nerves, reading a room, staying composed when things go sideways.
But here's what surprised me: the parallels between standing on stage and leading cyber resilience efforts are striking. Both require preparation, adaptability, and the ability to perform under pressure. Both demand that you anticipate what could go wrong—and have a plan when it does. And both rely on trust, authority, capability, and collaboration to succeed.
Over time, I've come to see that the principles I use to navigate a stage mirror the layers of my cyber resilience framework: Leadership & Judgment, Culture & Trust, Governance & Authority, Defense & Capability, and Collaboration & Collective Strength. Whether you're speaking to practitioners in the language of domains (Leadership, Culture, GRC, Defence, Collaboration) or executives in the language of outcomes (Judgement, Truth, Authority, Capability, Collective Strength), these lessons apply.
When you step onto a stage, you own that space. The audience looks to you for direction, clarity, and confidence—even when things don't go as planned. I've had presentations where the wrong deck was loaded, where the stage setup forced me into an impossible position, where I couldn't see my notes or the timer wasn't counting the way I expected. In those moments, leadership isn't about perfection. It's about judgment: knowing when to pause, when to adapt, and when to simply own the situation and move forward.
Cyber resilience requires the same mindset. Leaders must make decisions in uncertain, high-pressure environments. They must assess risk, prioritise action, and communicate clearly—even when the data is incomplete or the threat is evolving. Just as I've learned to walk the stage beforehand to check for hazards, cyber leaders must anticipate risks and prepare for disruption. You can't eliminate every variable, but you can reduce your exposure and build the judgment needed to respond effectively.
Leadership also means knowing your limits and trusting your preparation. I don't need to ask others how my talk went—I know. 80% of the time, I'll perform well. The rest? I'm human, and I won't live up to my own high standards. Cyber resilience is no different. You won't catch every threat or prevent every incident. But if you've built strong judgment and leadership into your organisation, you'll recover faster and emerge stronger.
Trust is earned, not assumed. On stage, that means honoring the audience's time and attention. It means being authentic, prepared, and respectful of the relationship between speaker and listener. When an MC introduces me with an outdated bio or the wrong credentials despite having a current version, it undermines that trust before I've even begun. When technical issues arise and no one steps in to help, the audience sees it—and they question whether the event organisers (or the speaker) truly have their act together.
In cybersecurity, trust is just as fragile—and just as foundational. A strong security culture isn't built on policies and procedures alone. It's built on relationships, transparency, and shared accountability. Teams need to trust that leadership will support them when incidents occur. Employees need to trust that security measures are there to protect them, not punish them. And stakeholders need to trust that the organisation is prepared, not just compliant.
Culture also means creating an environment where people feel safe to speak up. I've learned not to start a talk until the room is quiet, because trying to compete with chatter and distractions makes it nearly impossible to connect—especially for neurodivergent speakers like me. Similarly, cyber resilience thrives when teams feel empowered to raise concerns, report anomalies, and challenge assumptions without fear of blame. Trust enables that openness. And openness enables resilience.
Authority on stage isn't about dominance—it's about clarity. The audience needs to know what to expect, and you need the tools and autonomy to deliver. That means verifying logistics ahead of time: checking that the clicker works, confirming the presentation file is correct, knowing where the monitor is and whether you can actually read it. When I don't have that authority—when decisions are made without my input, or when my preparation is undermined by poor coordination—the entire experience suffers.
Governance in cybersecurity serves the same purpose. It establishes the rules, roles, and responsibilities that enable teams to operate effectively. Good governance clarifies who has authority to make decisions, what standards must be met, and how accountability is maintained. It ensures that security isn't an afterthought, but a core component of organisational strategy.
But governance without flexibility is brittle. I've had to stop mid-presentation when a speaker system was blasting directly at me, making it impossible to think. That required asserting authority in the moment—knowing when the plan needs to change and having the confidence to act. Cyber resilience demands the same balance: frameworks that provide structure, but also the agility to adapt when circumstances shift.
Preparation is everything. Before any talk, I walk the stage, test the equipment, and check for potential hazards. I've learned to wear outfits with pockets or belts when using a lapel mic, to bring backup slides on my laptop, and to confirm that timers, monitors, and clickers all function as expected. Even with all that preparation, things still go wrong. But when they do, I'm usually ready.
Cyber defence works the same way. You can't prevent every attack, but you can build the capability to detect, respond, and recover. That means investing in the right tools, training your teams, and testing your defences regularly. It means having backups—not just of data, but of processes, communication channels, and decision-making authority. And it means accepting that no defence is perfect, so resilience must be built into the system itself.
Capability also means continuous improvement. Every talk I give teaches me something new, and I adjust accordingly. Cyber resilience requires the same mindset: learning from incidents, updating defences, and evolving as threats change. The goal isn't invulnerability—it's adaptability.
I've spoken at events where everything went smoothly because the organisers, AV team, and MC worked seamlessly together. And I've spoken at events where the lack of coordination left me stranded on stage, struggling to deliver. The difference is collaboration. When everyone involved understands their role and supports each other, the result is greater than the sum of its parts.
Cybersecurity is inherently collaborative. No single team, tool, or individual can protect an organisation alone. It requires coordination across IT, operations, legal, communications, and leadership. It requires partnerships with vendors, regulators, and industry peers. And it requires a collective commitment to resilience—not as a checkbox, but as a shared responsibility.
Collaboration also means recognising that diversity strengthens outcomes. Different perspectives, experiences, and expertise make teams more adaptable and creative. Just as a panel discussion is richer when voices from varied backgrounds contribute, cyber resilience is stronger when it draws on the full range of talent and insight available.
Standing on stage has taught me that resilience isn't about avoiding mistakes—it's about how you respond when things go wrong. It's about preparation, truth, authority, capability, and collaboration working in union. And it's about staying grounded in your purpose, even when the lights are bright and the pressure is high.
Cyber resilience is no different. It's not a static state you achieve and maintain. It's a dynamic capability you build, test, and refine. It requires leadership that makes sound judgments under pressure. It requires a culture where trust enables openness and accountability. It requires governance that sets clear standards while allowing for flexibility. It requires defences that are robust, adaptive, and continuously improved. And it requires collaboration—internally and externally—to harness collective strength.
The next time you're preparing for a high-stakes presentation or navigating a cybersecurity challenge, remember: the principles are the same. Walk the stage beforehand. Check your tools. Trust your preparation. And when something goes wrong—because it will—own it, adapt, and keep moving forward.
Because resilience, whether on stage or in cybersecurity, is built one lesson at a time.
Head over to LinkedIn to join the conversation, and tell me, how do you prioritise resilience in your professional life? How do you ensure that your team and organisation are prepared to handle challenges and setbacks?
On AI & Identity... AI is moving fast and identity is no longer just human. I’ve been exploring what this means for privileged access and non-human identities with ManageEngine and a group of cybersecurity leaders. If that shift is on your radar (and it should be), you can explore this insightful ebook here:
👉 https://bit.ly/ManageEngineEBookJF
On Sustainable Performance... Resilience isn’t only technical — it’s human. My friend Marilise de Villiers Basson has just launched her new book today: MOAR! How to Play to Win Without Burning Out. The ebook will be free for 48 hours from midnight US time. If you care about ambition without exhaustion — get it here:
👉 https://www.amazon.com/dp/B0GN98TJ1P
RSA San Francisco...I’ll be at RSA in San Francisco in March, hosting a Women in Cyber breakfast with Synack . More to follow — but if you’d like to connect or discuss thought leadership or influencer collaboration while I’m there, drop me a message.
related posts:
Last Friday — Valentine’s night, I found myself seated around a poker table instead of a candlelit restaurant! Not quite the Hollywood version of romance, but the conversation that unfolded was far more interesting than small talk over dessert. 🙂 Between hands, one of the group, a successful founder, casually admitted something that made the
Read MoreWhat the Co-op headlines reveal about culture, governance, and surviving a cyber crisis. Some organisations don’t discover they have a culture problem until the day they need their culture to save them. The recent headlines surrounding alleged cultural concerns inside the Co-op should make every CEO, board director, NED, and founder pause — not to judge
Read MoreAt Davos, the World Economic Forum 2026, the Prime Minister of Canada, Mark Carney, delivered a masterclass in storytelling with a powerful speech that felt less like commentary and more like a warning flare. Not because it was dramatic but because he was sharing something rare – honestly. Carney described a world where the familiar
Read More