Goal 1: Strengthen executive communication and stakeholder influence. Throughout my career, I have communicated primarily with technical teams - SOC analysts, engineers, system administrators. As a CISO, however, I increasingly need to translate complex cyber risk into language that resonates with boards, investors, and non-technical executives. My MBI coursework in Business Professionalism and Stakeholder Engagement has highlighted that effective influence depends not just on what you say, but on how you frame risk in terms of business impact, financial exposure, and strategic opportunity.
Strategy: Apply frameworks from the MBI programme (e.g., stakeholder mapping, strategic communication models) in my current role at Boosta when presenting security investment cases to leadership. Seek feedback from peers and mentors on presentation clarity. Target: confidently deliver board-level security briefings by mid-2026.
Goal 2: Develop research and analytical writing skills. My professional background is rooted in technical documentation - policies, runbooks, audit reports. Academic research requires a fundamentally different skill set: critical analysis, theoretical framing, evidence synthesis, and adherence to formal methodologies. The Research Methods course has been particularly valuable in exposing gaps in my approach to structured argumentation.
Strategy: Continue developing these skills through the MBI research project on Security Awareness Training effectiveness. Apply qualitative research methods (reflexive thematic analysis, semi-structured interviews) to build competence in producing evidence-based, analytically rigorous work. Target: complete a publication-quality research output by programme end.
Goal 3: Improve delegation and team empowerment. I have a strong instinct to build things personally - I deployed the entire security stack at Boosta single-handedly within six months. While this is effective in early-stage environments, it is not sustainable at scale. I need to develop the ability to recruit, mentor, and empower team members to own and operate security functions independently.
Strategy: Study leadership models from the MBI curriculum and apply them when building out the security team at Boosta. Begin by documenting all processes I currently own and identifying which can be delegated first. Target: have at least two trained team members operating independently by the end of 2026.
Goal 1: Establish a CISO track record across multiple industries. I have held CISO-level roles in cloud/SaaS (Keepit) and digital holdings (Boosta), with prior experience in banking (Raiffeisen, BNP Paribas) and fintech (TransPecos Bank). My next objective is to consolidate this experience into a recognisable leadership profile that positions me for CISO/Head of Security or Security Architect roles in larger, more complex organisations - potentially in regulated sectors such as healthcare, critical infrastructure, or financial services in the APAC region.
Strategy: Leverage the MBI qualification to complement my technical credentials. Build visibility through industry events and professional communities in New Zealand and the broader APAC region. Target: secure a senior security leadership role in a mid-to-large enterprise within 18 months of graduating.
Goal 2: Expand professional network in the New Zealand and APAC cybersecurity community. Having relocated to New Zealand, I need to build a professional network from scratch in a new market. The local cybersecurity ecosystem is smaller than in Europe, which creates both a challenge (fewer opportunities) and an advantage (easier to become a recognised contributor).
Strategy: Attend NZSec, ISANZ, and NZCISO events. Engage with the local chapter of (ISC)² and ISACA. Contribute to discussions on LinkedIn with practitioner-oriented content. Leverage ICL connections and MBI alumni network. Target: establish at least 10 meaningful professional connections in the NZ cybersecurity community by mid-2026.
Goal 3: Pursue formal CISSP certification. I have completed CISSP coursework but have not yet sat the exam. Obtaining the certification will formalise what I already practise daily and significantly strengthen my credentials in the APAC market, where CISSP is frequently listed as a requirement for senior security roles.
Strategy: Schedule the CISSP exam within the next six months. Use my current hands-on CISO responsibilities as continuous preparation. Target: CISSP certified by the end of 2026.