Soft Skills, Hard Defences

Why human-centred leadership determines whether cyber incidents become business failures

Author

Justin Black

Managing Director, Europe

In every major cyber incident, the technical breach is only the beginning. What determines the true business impact is what happens next: how information is interpreted, how leaders make decisions, and how trust either holds or fractures under pressure. Those that create clarity from chaos are the ones to recover the fastest. 

We consistently see organisations with all the right ingredients (strong runbooks, Incident Response expertise, legal coaches, and technical vendors) still lose control; not because of missing tools, but because fear, distortion, and competing business and operational priorities unintentionally undermine coordination.

Before working with CYPFER, many leadership teams believe execution is “following the plan”, while in reality, execution is much different. As pressure builds, information shared between teams is interpreted differently due to diverse cultures, functions, and seniority levels. Shifting priorities among business leadership, legal, and operational perspectives slow decision-making and foster unrealistic expectations. This puts a strain on an already exhausted team and widens the human fault lines between them. Turning a cyber incident from a potential business failure into a controlled situation requires alignment with your business operations and an experienced partner. 

Based on previous cases, partnering with CYPFER has repeatedly proven that working together as a single trusted narrative, guided by an experienced team working with your people, creates a focus on what matters most: the business must recover. This approach gives leadership confidence that their teams can act together as one when it matters most. Such alignment turns strategy into real-world execution. 

As Daniel Tobok, CEO of CYPFER, notes, “At CYPFER, we operate as an extension of your team, delivering unmatched cyber recovery and response services under your brand or ours, bringing confidence and certainty in uncertain times.”

Today, this matters more than ever. Cyber and operational incidents are no longer isolated IT events; they are enterprise-wide crises involving regulators, legal advisors, technology partners, insurers, operational teams, and specialist providers across multiple regions. Without empathy, clarity, and credible human-centred leadership, even the best technical response produces fragmented outcomes, unnecessary delays, and avoidable financial and reputational damage.

As Carlo Schreurs, Global CISO of FrieslandCampina and keynote speaker, stated at the 2025 OneConference, “When pressure and uncertainty affect people, it’s our interpersonal skills and shared stories that restore trust and empathy. The things that bring teams together and drive real progress.” 

The organisations that recover fastest are not those with the thickest playbooks but are the ones that create clarity under pressure. That starts with validating who is truly leading the response, what each external partner does and does not own, and how business-critical priorities translate into concrete recovery actions. 

Leadership decisions must be anchored in operational reality and evidence, not in noise, fear, or competing agendas. Above all, people need a clear storyline that aligns everyone behind one goal: restoring the minimum viable business as quickly and safely as possible.

Learn how human-centred crisis leadership changes incident outcomes. Contact us today to tap into our expertise. 

Facing a live crisis?

Complete the form on our website for immediate support from a CYPFER expert within five minutes.