Summary6 min read

Cybersecurity Today (June 20, 2026)

"5 People You Meet In Cybersecurity"

Guest: Amy Yee
Host: David Shipley

Episode Overview

This episode features David Shipley interviewing Amy Yee, a distinguished Chief Resilience Officer, conference organizer, and host of the Wired for Change podcast. The conversation delves into Amy’s career trajectory—from engineering to digital transformation in healthcare and ultimately cybersecurity—anchored by her firsthand experience surviving a ransomware attack. The episode centers around personal and professional lessons learned and the human side of cybersecurity, particularly through the lens of Amy’s talk, “5 People You Meet in Cybersecurity,” inspired by the Mitch Albom novel.

Key Discussion Points & Insights

Amy Yee’s Unconventional Career Path

Engineering Roots to Digital Transformation
- Amy began in electrical engineering for its breadth, bridging software and systems.
  - “I studied electrical engineering, but then after that is where I lost my way.” (01:19)
- Transitioned through venture capital, startups, and digital consulting before a pivotal switch to healthcare and digital leadership.
- Created new digital infrastructures that now support quality improvement for over 300 Canadian healthcare organizations.
Pivot Into Cybersecurity Through Adversity
- A ransomware incident while Amy was Chief Digital Officer forced her and her organization into the world of cybersecurity.
  - “I experienced my first ransomware incident... we were not prepared.” (03:36)
- Daily crisis meetings for 60 days highlighted the lack of preparedness and catalyzed deeper interest and commitment to cybersecurity and resilience.

The Human Impact of Cyber Incidents

Surviving a Ransomware Attack
- First 24–48 Hours:
  - Chaos, confusion, urgent problem-solving, client communication, and legal considerations.
  - “We were still trying to figure out what was going on…and what systems were impacted.” (07:03)
- Weeks In:
  - Emotional strain surfaced: exhaustion, family stress, and feelings of helplessness.
  - “There were people a few weeks in whose wives were ready to divorce them because they just hadn't been home.” (08:14)
  - Team members internalized the incident as personal failure.
  - “My IT manager…put his hand on my shoulder and he said, ‘I'm sorry I failed you.’” (08:20)
- Turning the Corner:
  - Progress came as leadership showed support and a recovery plan emerged.
  - “We could feel the support coming back from our board…and clients when we started to get that feedback that we were going to be okay.” (10:45)
Advice to Leaders After an Incident
- Demonstrate visible, unified support from executive leadership.
- “Even if they're not all completely supportive, I believe that they need to come across as a supportive front.” (11:55)
- Avoid blame and focus on helping those most affected.
- Recognize the traumatic impact on personnel—“Now is not the time to be like, how dare you? …it’s like, what do you need from me? How can I help?” (12:55)
Value of Tabletop Exercises
- Builds emotional resilience by simulating crises, lessening panic during real events.
- “Sometimes just rehearsing when things go wrong helps you persevere.” (14:09)

"The 5 People You Meet In Cybersecurity" (Inspired by Mitch Albom)

Origin of the Framework
- Based on “The Five People You Meet in Heaven”—about unseen but profound impacts on others’ lives.
- In cyber, much of the impact is invisible: “The harder he works, the less happens. …it’s so hard to see the benefit.” (17:19)
The Five People:
1. The Person You Protected
  - Often unknown—a vulnerable population, a client, ordinary users.
  - “Those are the people that you've protected…they'll never know your name.” (19:26)
2. The Person Who Challenged You
  - Sometimes an adversarial voice, but crucial for growth—forces better articulation of risk and improvement.
3. The Person Who Gave You a Chance
  - A mentor or someone who believed in you and opened a door.
  - Resonated powerfully with the audience, many coming from unconventional backgrounds.
4. The Person You Failed
  - Mistakes happen; the key is learning and growing from these moments.
5. The Person You Inspired
  - Impact is often indirect or unseen but genuine; “You don’t know, but you’ve probably inspired someone…” (19:26)
Real Stories & Audience Engagement
- Amy incorporated stories from industry leaders and attendees, illustrating the framework’s universality and emotional resonance.
- Example: An audience member shared about struggling to support her team during an incident—highlighting common feelings of falling short.
Core Message
- Every cyber professional makes a difference, even if their work is invisible or unacknowledged at the time.

The Importance of People in Cybersecurity

Cybersecurity Burnout & Community
- The field is defined by long stretches of calm and sudden crisis—akin to military service more than first responder roles.
  - “It’s years of boredom punctuated with moments of absolute fear…” (18:59)
- Community, mentorship, and narrative are critical for sustaining motivation and nurturing future talent.
People-First Philosophy
- “Caring for people, telling stories, making genuine connections, inspiring the next generation is awesome.” (23:04)

Amy's Wired for Change Podcast & Broader Impact

Podcast Purpose and Vision
- Wired for Change focuses on technology, leadership, and change management in sectors like healthcare, government, and defense.
- The show aims to break silos and encourage shared learning across the tech community.
  - “How can we help each other to make better decisions around technology and change and leadership, especially as it impacts the public?” (24:38)
- Recently celebrated 300+ YouTube subscribers.
Change Management in Tech
- 90% of complex IT projects fail not due to technology, but due to challenges managing people and change.
  - "The careful consideration of what you gain or what you lose when you build or use that thing." (26:08)

Career Reflections and Advice

On Building a Career
- If Amy could advise her younger self, it would be:
  - “Meet more people earlier, build more relationships earlier…” (28:09)
- Networks and community are invaluable.

Notable Quotes & Memorable Moments

On Surviving Ransomware:
- “We were not prepared...Daily standups for 60 days.” — Amy (03:36)
On Emotional Toll:
- “There were people a few weeks in whose wives were ready to divorce them because they just hadn't been home…It can be really tough on people in relationships.” — Amy (08:14)
On Leadership in a Crisis:
- “Even if they're not all completely supportive, I believe that they need to come across as a supportive front…” — Amy (11:55)
On Cyber Impact:
- “Cyber people have...invisible impacts on the people they protect or inspire.” — Amy (17:19)
On Community:
- “Caring for people, telling stories, making genuine connections, inspiring the next generation is awesome.” — David (23:04)
Advice to Younger Self:
- “I would say... meet more people earlier, build more relationships earlier.” — Amy (28:09)

Timestamps for Key Segments

Amy’s Background and How She Landed in Cybersecurity: 01:10–04:53
Ransomware Incident—The Challenge and Emotional Impact: 07:03–10:45
Leadership Lessons from Crisis Response: 11:41–12:55
Importance of Resilience and Tabletop Exercises: 14:09–15:08
Origin and Explanation of “5 People You Meet…” Framework: 15:08–19:26
Real-Life Stories Resonating with Community: 19:26–23:04
Transition to Wired for Change Podcast and Reflections on Change Management: 24:25–28:09
Parting Advice to Young Professionals: 28:09

Tone and Style

The episode is candid, reflective, and encouraging, blending honest discussion of personal struggle and professional lessons with warmth, humor, and optimism. Both Amy and David share a people-centric philosophy, with memorable anecdotes and actionable wisdom for cybersecurity leaders and practitioners.

For listeners, this episode provides rare insight into the “human side” of cybersecurity—including the emotional impacts of incidents, the importance of resilience, and the need to recognize and support each other.

Loading summary

Transcript40 lines

[00:00]
A
Welcome to Cybersecurity Today on the Weekend. With me is Amy Yee, who has a fascinating story. Starting off as a chief Digital officer, surviving a ransomware incident, helping build community, her day job as a Chief Resilience officer, helping organize one of Canada's most impactful international cyber conferences, and running a phenomenal podcast called Wired for Change. In our conversation today, we're going to talk about her career journey, but lessons learned along the way. We're to talk about surviving a ransomware incident, which, sadly, many of us can really relate to listening to this show. And I think there are great lessons there for all of us. And we're going to focus on the five people you meet in cyber and the lessons from a famous book that apply to our field. I hope you enjoy this conversation as much as I did in having it. Amy, thank you so much for your time. I know you're incredibly busy between the day job and podcasting and speaking on cyber, so I really appreciate you making the time today.
[01:07]
B
It's a real pleasure to be here. David, thanks so much for having me.
[01:10]
A
Awesome. And I'd love to, in your own words, get you to introduce yourself to our listeners. Who are you and what do you do and how did you get into cyber?
[01:20]
B
How many days have you got, David? So let's see. I think that. I think I do like to let people know that I am an engineer. So I studied electrical engineering, but then after that is where I lost my way. So I spent a few years in venture capital. I spent some time working with startups. I spent some time working at a boutique digital firm where I built a practice around helping large Fortune 500 companies figure out what to do with intranets and the Internet. And. And then I decided one day that I wanted to. I'd won a big contract for a huge law firm. And I thought, is this really what I want to spend my time doing, or do I want to have more of an impact that I can go home and tell my kids about kind of thing? Right. And then I decided to get into healthcare and thought, what would they hire me to do in healthcare? I thought, let's see. And then I went on LinkedIn and I did a little research and I found a job for an IT manager. And I thought, I'm not really an IT manager, but I may be able to convince someone that I am. That's kind of what I did. And from there I thanks to a wonderful CEO of Accreditation Canada and Health Standards Organization. She. She was about to hire me for the role of IT manager. And I actually stopped her and I said, okay, don't hire me. And she was like, what? And I said, don't hire me as your IT manager. I will help you find an amazing IT manager because I just want to do that to help you in your mission of your organization. But if you want someone to help you figure out how to really harness the power of digital to transform what you do and to really help achieve improvement of quality healthcare around the world and achieve the quality that you're looking for and that the world is looking for, I'd love to help you figure that out. And the next day she had an offer on my desk for, for their inaugural Chief Digital Officer. And so I thought, I don't know what that is, but it sounds really cool. And that's really what I would love to do. And so that started my journey as a Chief Digital Officer where I started off by building kind of their underlying infrastructure and IT organization and then I looked at consolidating all their enterprise platforms and I built it up kind of layer by layer until I got to the client experience, which is where I was really interested and and rebuilt a whole digital platform in house for them. That was then rolled out more than 300 health care organizations by the time I left and it's being used by, I believe, every hospital in Canada to help track their quality improvement in a new and engaging model for continuous improvement over time. So that's how I got to become a Chief Digital Officer and how I got into cyber was that I experienced my first ransomware incident while being a Chief Digital Officer having, and I won't say where this was, but it did happen and we were not prepared and company Jarrett Perron of C3SA to come in and help me during that incident. And that's when I started learning about cyber. Unfortunately, it's also when the organization started learning about cyber
[04:09]
A
and many organizations. Amy share that cyber origin story. Wait, this is a thing and it becomes a thing. So don't feel too terribly bad about that.
[04:20]
B
It does. Yes, it does. And. But I learned so much. That's where you, that's where you really learn, right through the hard journey and through the doing daily standups for 6, 60 days to the organization about where things are at. Right. And looking at the impact that it has both on your team and across everyone that you might be impacting as an organization. So that's the story of how I got into cyber. And then about a year ago, I decided to focus a little bit more on cyber. I will Never completely give up healthcare. It'll always be very much on my mind, which is why I do talk about healthcare on the show. But I'm focusing more on cyber across industries now today.
[04:53]
A
David, tell me a little bit more. So first of all, what kind of an engineering background education did you have? I find engineers infinitely fascinating, but I'm curious about your engineering superpower.
[05:05]
B
I don't know if engineering is superpower of any kind for me but electrical engineering. So for me that was the broadest one that there was and that's what I wanted, something that exposed me to software equally as well as systems.
[05:21]
A
See what I love about working with engineers and one of my mentors is a brilliant telecommunications executive. He's known affectionately in Atlantic Canada as the codfather because he's the Jerry Pond. He's the founder of the modern startup movement in Atlantic Canada and he once really opened my eyes about the power of systems and process thinkers and engineers and actually engineers. If you're listening to this, you're phenomenal. Modern day solutions focused salespeople. And sales isn't by the way a bad thing. It's actually quite a necessary and good thing. But also selling happens every day inside of organizations. Change management is selling the dream, selling the vision. So that's what I love Amy, about people with an engineering background is your ability to zoom out and zoom in and understand process and components and steps. And I can see why I think you were so successful. Like pulling off any kind of a system in healthcare is a minor miracle in and of itself because you're talking about a depending on the nature of the healthcare. If it's a hospital for example, it's an airplane that Never lands, it's 24, seven in the air, always flying, always on missions. And 300 Healthcare Orgs is even more impressive. So that, that's just awesome. But I want to, I want to go back to the 60 days because I think a lot of people who haven't lived the dream, it's not a dream, it's a nightmare. But who haven't gone through a ransom experience, I think they may have the misconception that this is a bad 24 hours, a bad 48 hours. But you, you said something so honest in the sense of 60 days of daily standups of where we're at. What Was the first 24 hours like?
[07:04]
B
Oh, that I think we were still trying to figure out what was going on and who we needed to bring in the first 24 hours and how often who the team was internally because we'd never done kind of a tabletop exerc size or really thought about what needed to happen because we didn't look at it as a possibility. So it was a bit chaotic. I think a lot of the focus was on what do we tell our clients essentially? And then do we have the expertise in house and do we need to. What do we need to consider from a legal perspective? And so some of that crisis communications was definitely part of it and really just figuring out what was going on and what systems were impacted. That was the first 24 hours, but it was also the first, like, it was Also the first 48 hours, I would say.
[07:45]
A
And oftentimes I find it's not the 24, 48 hour period that you hit your low point, your energy is at its lowest, you're exhausted, you're just like, I can't take one more thing. Where was that for you? Was it in that first two days or was it a little further along where it was like, okay, this is my, my, my runner's hurdle that I have to get over. This is the hump. Where did that happen for you?
[08:15]
B
So that would have been a couple of weeks in. I think it would've been a few weeks in. And this is one of the things I touch on, actually, in the presentation. I remember my IT manager coming to me at the time and he just. It was within the first couple of weeks and he is this amazing guy who always had everything under control and who is just use. The first thing that everybody wants was their right hand or he was the director of it and he, I remember he had his, his. I've never seen him so defeated. His head was hanging down. But he put his hand on my shoulder and he said, I'm sorry I failed you. And I said, look, you didn't fail me. And we went on to have a conversation about that. That was one point. At the same time, there were people walking around wanting to throw up. They were trying to be overly dramatic about it, but this was really what it was like at the time. There were people a few weeks in whose wives were ready to divorce them because they just hadn't been home and they couldn't understand why their spouses were spending so much time at work. Once I said that to. I said that once a CIO over a lunch about. And he said. And I said, I don't know how you do it. I don't know how you stay married kind of thing. And he's. I'm divorced. And. Because that's how real it can be. It can be really tough on people in relationships when to go through this kind of thing on a regular basis. Sometimes it's very stressful because we were unprepared. It was hard to know how to digest it. But I think even when you are prepared, I think it's still a lot. It's a lot to take, especially when you have others in the organization who might not understand what the team is going through, who is. Was really focused on this.
[09:47]
A
And I've often wondered when it comes to incidents, there's almost. It's not the same, but it's the grieving process that you kind of have to go through because you. You had a plan, you had quarterly objectives, you had new things, projects you wanted to roll out. And all of a sudden all of your plans sidetracked, derailed for how long. All of this energy gets poured in this thing that you didn't want. And I wonder sometimes if people go through the denial, the bargaining, the anger, all of those different and possibly even in waves. It's interesting on that side. I know when we dealt with incidents at the university, depending on the magnitude of it. Yeah, you felt elements of this. And I do remember though, that moment where you feel like you've crossed the hurdle and you can see light at the end of the tunnel. You can. You're on the downward hill. What was that like for you? When did it happen? In the 60 days it was a couple weeks in to hit the low point. When did you find yourself on the other side of the hump?
[10:46]
B
I think getting closer to a few weeks in when we knew that I think we had to make some decisions. We had to make some decisions around when we were going to stop the investigation, you know, when we felt comfortable enough with what we knew that we were. We were communicating on an ongoing basis to our clients. We knew when we were going to be up and running again. Operationally, there was still a lot with respect to we don't know if the system's ever going to come back up again or that one's ever going to come back up again. But. And some of them never did. And in some ways that's okay, but forced transformation. Right. I think that it was when we. We really felt comfortable that we had a full assessment and we start. We were starting to have a path forward. We were start. We could feel the support coming back from our board, from the business owners in the organization, from clients when we started to get that feedback that we were going to be okay, or at least that they understood to some degree, the message, I think that started to alleviate some of the anxiety.
[11:42]
A
I really appreciate that. If you had one lesson to give to a leader who's just coming out of an incident, they're just through their 30, 60, 90, God forbid, more than that days, what would your advice be as a leader who's been down that path?
[11:56]
B
What a great question, David. There was a lot to, to figure out in that. I think number one for me, just in reliving a little bit of it right now with you, is to ensure that the executive stakeholders at an organization or the leadership of the organization comes across as a supportive voice. And even if they're not all completely supportive, I believe that they need to come across as a supportive front and to be able to make some decisions together and to work as a team. I think that is a critical element for success. And so when I think about that, I think it's the need to rally those people and to know that you are supporting and that your leader above you is supporting you, because that, that has to be there. I think if you could turn that into, phrase that into a lesson, I would say that's the lesson. Even so, if you're that, that executive leader and you're unsure, just whatever it is, just be supportive of where things are going. Try to understand, seek to understand, but be supportive of that team.
[12:56]
A
That's. Yeah, I think that makes a lot of sense. I think from my experience with your point about the, the impact it had on some of your team members, it's, it's also the mental health side of this. It's, hey, guys, like, you might not think this is the same as a traumatic experience, like in terms of a first responder or other things, but it is traumatic in a, for a lot of people because it shatters so many certainties and constructs they have and being there. And I think your point is right. Leadership matters when it matters the most, which is to say, when people are hurting, now is not the time to be like, how dare you? How could you let this happen? It's like, what do you need from me? How can I help? What decisions do you need next? Do you have the resources you need? You might be feeling it in the back of your head, but like you say, you got to kind of button that down. And yeah, that makes a lot of sense.
[13:48]
B
It's so easy to derail things like when you're not supportive or when there's someone who is not being supportive. It's just, it's such a fragile, vulnerable moment. I Think for the organization and for everyone, not just in the immediate teams, but everyone who is looking for information about that incident to pile on at that point in time is one of the worst things that I think you can do to slow the recovery from that incident.
[14:09]
A
No, I think this is. It's interesting. I remember hearing stories in the trenches, and someone went into an incident, it was in the first 24 hours, and they literally had to put an executive in the recovery position because they went into a full panic attack. And it was awful. And one of the lessons learned from that was part of the value of tabletop exercises is, is that you're building people's emotional resilience to. Okay, what do you mean things can go wrong in it? Yep. How bad can it get? Oh, and nothing's perfect. But from my time in the military, sometimes just rehearsing when things go wrong helps you persevere through that. But I want to focus on this talk that you did, and I'm fascinated by it. I didn't get a chance to go see it. I think it was well received at the Atlantic Security Conference. But the five people you meet in cyber. And I'll ask you to explain, where does this five people you meet come from? Because I think it's a cultural reference for sure.
[15:09]
B
Thanks, David. And part of my success, I got to admit, maybe because I provided free popcorn to anybody who attended the sessions. Maybe that's the secret. This talk is based on a book by Mitch Albom called the five people that you meet in heaven. And that book, have you read it?
[15:28]
A
I just broadly got familiar with it before we. We did the show. And I was like, oh, okay, this is fascinating. So, yeah, a little bit more.
[15:36]
B
Yeah, it's about the invisible impact that we had. And so the book is very briefly. And I don't want to spoil it for anyone either, but essentially it's about the idea that someone in the book dies and he dies right at the beginning. And the story is about how he then goes to heaven and meets five people who help him to understand the impact he had in life. Because he died feeling like there was more that he could do. He was stopped from doing that, but there was more he could have done, and he felt under. Accomplished, maybe. And so in heaven, he has all these conversations with people. One person that he meets is the blue man. And so the setting for this book is a carnival. And the blue man is someone who works at the carnival. But his story that he tells the main character is that when the main character was a Child, he ran across the street after a ball. And the blue man, who is blue because of an illness, a medical condition that he has, was driving and stopped short of hitting the little boy, who is now grown up and the main character. And as a result of that, he actually died. He had a heart attack and died because of the stress of that incident. Now, the little boy running across the street after the wall had no idea that this had happened. And so this was the impact that the little boy had on his life. And the blue man tells him the story not to make him feel bad about having killed him or had a part to play in his death, but to help him understand that there's often enormous impacts that you can have without even knowing it. And so when I think about cybersecurity, I remember recently there was something I saw on LinkedIn, and this is a fairly common thing, where there's a siso who was talking about how one of the hardest parts of his job is that the harder he works, the less happens. Right. So it's just so hard to see the benefits of it, the impact that he has, because ideally nothing happens. And so it's this invisible impact that cyber people have on the people that they protect or the people that they might inspire, for example, that is, it's so important to understand and to not just forget about, because how do we, how do we motivate people around something like resilience, for example? Right. It's hard to put KPIs and resilience. I talked about this with respect to healthcare. I gave a keynote in D.C. about a year ago, and it was about how do we build a more resilient healthcare system? And. And what do we need to be measuring that's different from what we're measuring today, which we might be measuring some things today, but not things like, like cross training, for example, which makes us more resilient. Right. So there are, there are metrics and ways of looking at this. If we really focus on what resilience means. And so that's an example of an invisible kind of impact that we can have that's really important. But if we don't think about it, then we won't be able to achieve it either. Does that make sense?
[18:19]
A
No, it makes a lot of sense. I think cybersecurity as a field has high levels of burnout, high levels of stress and anxiety because it's nothing. Moments of chaos, and then you've got incidents, which I think the parallels are more akin to military service than they are first responders. Because first responders tend to have a higher encounter rate with chaos. And I think what's interesting is how you come to the other side of those chaotic moments. We used to joke in the military, hurry up and wait, right? Like it's. Everyone thinks the military is this glamorous 30 or 60 second recruitment ad.
[18:59]
B
We're going.
[19:00]
A
It's like years of boredom punctuated with moments of absolute fear, even in training. So I think it's learning to deal with that. But, but also it's, did I make a difference? Was it worth such an important part of this conversation? And so you talk about the one character, I assume there's other characters, but the core message here is you make a difference. Whether you may not realize it or not, it is.
[19:27]
B
And so I'll tell you, the five that I go through, there's the person that you protected. So in healthcare, there are lots of examples of that. And vulnerable populations, for instance, like the elderly, like lots of people like that you'll be working for, but you'll never see them, they'll never know your name, right? So that's. Those are the people that you've protected, the person who challenged you. So we've all met folks who have challenged us sometimes in a. Not always with good intent, right. But people who challenge us sometimes to be better, but sometimes they're challenging us to articulate the risk better. For example, that's a good thing, right? The person who gave you a chance in cyber, for example. So often there's. And this one that resonated, this is one that resonated quite a lot with the audience at Altecon, actually. The person who gave them a chance in cyber, person who either gave them a hand when they needed help or hired them into a job when they were unproven, for example, that one resonated the person that you failed or had an example for that too. And how that feels, right, to feel like you failed someone. What did you learn from that? And then the person that you've inspired. And David, I have to say that I'm sure you inspire people all the time without having any idea. And that's one of the things about having a podcast as well, that it's. You don't know, but you've probably inspired someone or just people working in teams every day someone's watching you. You might not be aware of it, you might not be doing anything intentionally, but someone is watching you and likely inspir. Right? And you. And you don't know that. And so in thinking about all these or or types of people that you might meet in heaven, or hopefully you meet them before you get to heaven, you meet them in your every day and you're continuing to impact them, then that can help you think about what impact your actions have. And in a world where. And you help help people to understand the news all the time around cybersecurity, I see this as kind of sense making in terms of what do we do with that and what impact do we want to have in taking that news that you bring to us and things that are happening in the world and translating that into impact. And we can't always control like where we often can never control what events take place around us, but we can control who we are in those moments and who we want to be and who we can help others around us to be. And one of the things I loved about giving this talk, and oh, I'll mention one other thing, is that I wanted to level up this talk. So I've given this talk a couple of times and I wanted to level up by making it really not just my own experiences, but I went to cyber leaders that I know in the community and I asked for their stories. So for example, I asked someone about when someone gave them a chance and they told me a story about how they came from an unconventional background and someone recognized something in them that they would be very capable at cyber that they themselves didn't know and has changed the course of their lives. And other leaders who are out there that you probably know for their stories. And so I read out these stories to the audience, I read excerpts from the book to the audience. I surrounded them with balloons and popcorn in a carnival atmosphere and this spoke to them. And I was really happy about that because I asked people for their stories as well in the audience. And it's not easy to get security crowd to volunteer their personal story around these things. But I had people actually speak up during the session to talk about people that they protected or people that they felt like they failed. One woman felt like she failed her team during an incident when the team was going to through a lot. To go back to the beginning of our podcast, she felt like she failed her team because they were very stressed out during the incident and she didn't know how to help them as much as she could now. So this was something that had happened to her in the past and she shared that. And after the talk, there was a lineup of people who wanted to share their stories with me as well. People who gave them a chance, people who inspired them and it was such a gift to me and a gift for others in the room. I think that it's something that I'll never forget.
[23:04]
A
Now. I love that you did this talk because so much as an industry, we focus on the technology or we focus on the incident story, or we focus on process. But people is at the core of cyber and how we encourage, enable, how we help people put, pick people back up after their bad days and keep them motivated because this is a tough industry, it's a tough job, matters a lot. So I am just, I was just so pleased to see your talk selected for the conference because it's so easy to focus on everything else. And I admittedly my bias and my soapbox and everyone who's listening knows this is that I'm a people first kind of guy. And the importance of human agency is an important theme that I'm spending more and more time on. But I think caring for people, telling stories, making genuine connections, inspiring the next generation is awesome. And that's a nice segue for you've got your day job, which I think you're helping with this phenomenal conference in Canada called In Cyber and doing some great work there. But you also have your own podcast called Wired for Change. You just hit a really cool milestone on the subscriber side. Can you tell me a little bit about the podcast?
[24:25]
B
Thanks so much. And I should mention I have another day job at C3SA, as well as their chief Cyber Resilience officer.
[24:32]
A
There you go. So multiple day jobs, a podcast, parenthood, and all the chaos that goes with that.
[24:39]
B
That's right, yes. A little bit of the podcast to go into that. But they're wonderful and I'm trying to get my kids into cyber, actually. We'll see if they go that way. But the podcast is called Wired for Change. Thanks for recognizing the milestone. It's one of those things where it feels small, but it's also big. Reaching, yeah, 300 subscribers on YouTube and then more across other platforms. Wired for Change was born out of that same idea of wanting to have impact and share stories and really boils down to how can we help each other to make better decisions around technology and change and leadership, especially as it impacts the public. So I focus on the areas of healthcare, government, defense, and it really comes from we have big forces, projects, all kinds of things. So I started off looking at enterprise projects and how challenging they are to deliver, but then started looking at the larger landscape of Canada and then beyond on a global scale. The changes that are taking place and how do we again, just help people make better decisions through the eyes of practitioners, through the eyes of people who are. Have started new companies, through the eyes of people who are living with experiences or who have maybe failed and are willing to share their story? Because we need to hear more stories like that so that we can learn people who are trying to drive changes, really. And so how can we build more awareness around that so that we can all learn from each other as opposed to being more siloed? How can we work together better to make better decisions?
[26:09]
A
And what I love is that one of the stats that always stood out for me when I did my MBA and I did my Management of Information Systems course was 90% of complex IT projects fail, not because of the tech, but because of managing changes. And this idea of being wired for change has never been more important in an era where everything's coming as fast and furious. And your point about helping people make discerning decisions about how and where and when to use technology, because a lot of people don't realize this, but technology is actually a word of caution. Techne means the art or the skill of building or using something. Logos literally means the word in Greek, but when combined, says the careful consideration of what you gain or what you lose when you build or use that thing. And so helping people through that process, what are you going to gain? What could you lose? How do you maximize the good and mitigate the bad? Is such an important conversation. So I absolutely love that you're having those conversations and the work you're doing and the impact in the community. So I've had to recap this journey for you, engineer into it, into this brand new Chief Digital Officer role, into living and surviving and thriving through a ransomware incident, into. Nowadays you're a Chief Resiliency Officer, which I gotta say is an amazing title and hopefully extraordinarily fulfilling. Plus helping with an international conference, plus a podcast and parenthood. And that's a pretty amazing journey. If I had to ask you one question to sum up, if you could jump in the magic time machine and go back to Amy studying electrical engineering, would you tell her anything that may cause you to do anything differently, or would you do it all over again?
[28:09]
B
I would say, like I did, stay on course and finish it. But I would say meet more people earlier, build more relationships earlier. I didn't start really building those relationships until I think, fourth year kind of thing, but I could have started doing that earlier. And so I think meeting people and finding, building that network and, and helping people to help them to give voices to others where possible. I think that I would have started doing that earlier, just unlocking the value of people around.
[28:37]
A
That's phenomenal, Amy. It will end there. But. But I just want to say thank you so much, Amy, for the time together. And I learned something today I did not have a chance to learn about the five people you meet. I think that was cathartic in some ways. So I really appreciate the. The mini therapy, cyber therapy session, and I hope you deliver this talk more at more places. So thank you so much for that.
[29:02]
B
I would love to, and I've really been looking forward to this. Thanks so much, David.
[29:05]
A
You're very welcome.
[29:07]
B
That's right. That's perfect.
[29:09]
A
Okay, here we go. All right. That wasn't too bad for me.
[29:17]
B
You're good at that. You're so good. Geez, dude, you nailed it. I love watching you work.
[29:29]
A
I'm getting there. This is my. My other side hustle. But, Amy, it's truly great to spend time and I have to catch up on some of your episodes, your show, but congratulations on your milestone. Keep going. So glad your voice is out there and look forward to seeing you again in person sometimes.
[29:43]
B
Hope so soon. Thanks so much, David.