John discusses cyber security with Wall Street Journal

In this short conversation with WSJ Pro Cybersecurity (hosted by Jackie Hunter), John Childress shares a leadership lens on cyber security: why the real exposure is often human behaviour under pressure, and why cyber outcomes improve when leaders treat culture as a managed risk, not a slogan.

Rather than staying in the weeds of tools and training, John focuses on the conditions that shape everyday decisions — priorities, incentives, decision rules, and accountability — and why boards and senior teams should be explicit about which risks are acceptable (and which are not).

In the video, John covers:

• Why “culture” shows up most clearly when pressure is high — and why cyber risk is no different

• How leadership accountability changes cyber outcomes (beyond awareness and compliance)

• Why organisations need clarity on accepted vs nonacceptable cyber risk

• How government and business can collaborate more effectively on standards and regulation

What leaders can take away

Culture drives cyber behaviour — especially when people are busy, uncertain, or under pressure.

If you want cyber performance to hold, the work can’t stop at training. John’s point is simple: leaders shape the environment people operate in — and that environment determines what gets reported, what gets ignored, and how quickly teams respond.

Want John to speak or run a working session?

John delivers keynotes and workshops for CEOs, boards, CISOs, and senior teams.

If you’re planning a conference session, leadership offsite, or board discussion on cyber risk and culture, use the contact form to share your context and desired outcomes.