Lessons From 25 Years in Technology Leadership
Twenty-five years in, the lessons that stuck are not the technical ones.
I have spent more than twenty-five years in technology leadership, and the lessons I trust most are not about any specific tool. Tools change every eighteen months. Judgment does not. If you build your career on the current platform, you retire with the current platform. If you build it on judgment, you stay useful through every cycle.
Nobody is paying you to know every tool
Early in my career I thought the job was to know everything. Every protocol, every framework, every vendor on the magic quadrant. That instinct is natural and it is a trap. The senior people I respected most were not the ones with the most facts. They were the ones who could look at a noisy situation and tell you the one or two things that actually mattered. Expertise is not how much you know. It is how fast you can find the load-bearing wall in a room full of furniture.
The business does not care about your architecture
This was a hard one for me to accept. I cared deeply about elegant systems. The business cared about revenue, risk, patients, customers, and time. None of those words are technical. When I learned to describe my work in their language instead of mine, my influence went up and my stress went down. A technology leader who can only talk to other technologists has capped their career on purpose.
Most failures are agreement failures
When a program falls apart, the post-mortem usually blames a vendor, a budget, or a missed deadline. Look closer and the real cause is almost always that the people involved never agreed on what they were trying to do. They agreed on a name for the project. They never agreed on the outcome. Aligning people sounds soft next to writing code. It is harder, and it matters more.
You can recover from the wrong tool. You rarely recover from the wrong goal.
Slow is sometimes the responsible answer
In regulated industries, the fastest path is frequently the wrong one. I have watched teams ship quickly and spend the next two years cleaning up what they broke. Healthcare and government taught me that some friction is protective. The art is knowing which friction is keeping patients safe and which friction is just a committee that likes meetings.
People remember how you behaved under pressure
Outages happen. Breaches happen. Audits go badly. What people remember years later is not the incident. It is whether you stayed calm, told the truth, and protected your team while you fixed it. Reputation in this field is built in the bad weeks, not the good ones. I have tried to be the same person at 3 a.m. during an incident that I am in a Tuesday planning meeting. That consistency is worth more than any certification.
The job keeps getting wider
When I started, security, infrastructure, and applications were separate worlds. Now AI, cloud, privacy, compliance, and data all sit in one tangled system, and a decision in one corner moves the others. The leaders who will matter next are the ones comfortable connecting those dots in a single conversation. If you want my view on where that goes, I wrote about it in the future of technology leadership.
Why Most Cybersecurity Programs Fail
It is almost never the tools. It is the agreement underneath them.
What Boards Really Need From Security Leaders
A board meeting is not a place to prove how much you know. It is a place to help people decide.
My Journey From CTO to CIO to COO
Each title taught me the same lesson from a different angle: technology is never just technology.