C-Suite career advice: Oz Alashe, CybSafe

What tips would you give to someone aiming for a c-level position? “I believe that the best C-levels – especially CEOs – understand people well.”


Name: Oz Alashe

Company: CybSafe

Job Title: CEO & Founder of CybSafe

Location: London

Oz Alashe MBE is CEO and Founder at CybSafe, a behavioural science and data analytics company that builds software to better manage human risk. A former UK Special Forces Lieutenant Colonel, Alashe is focused on making society more secure by helping organisations address the human aspect of cyber security. He has extensive experience and understanding in the areas of intelligence insight, complex human networks, and human cyber risk & resilience. Alashe was made an MBE in 2010 for his personal leadership in the most complex of conflict environments. Alashe chair’s the UK Government’s (DCMS) Cyber Resilience Expert Advisory Group. He also sits on the Advisory Board for the Research Institute in Sociotechnical Cyber Security (RISCS). He’s an Expert Fellow at The Security, Privacy, Identity and Trust Engagement NetworkPlus (SPRITE+), as well as the Royal United Services Institute (RUSI).

What was the most valuable piece of career advice that you received? I tend to find these questions quite challenging, especially because I have received a bunch of good and bad advice throughout my career. However, one of the best pieces of advice that has stuck with me to this day relates to being a leader.

I was once advised: “The role of a leader is to create the conditions of those that they lead to succeed.” It’s pretty self-explanatory but it tells you a lot about how one should lead. This has remained a very powerful piece of career advice for me. I’d like to imagine it’s a great quote for all aspiring leaders, C-suite or not, to bear in mind.

What was the worst piece of business advice that you received? I can’t think of one specific piece. I’ve received a lot of business advice that feels bad! But I remind myself that most people speak from their own experiences. What may work for someone else’s business may not work for mine – that doesn’t mean the advice given was bad.

Ultimately when it comes to business advice, what may be useful to someone else may not be for me – it’s always important to keep this front of mind.

What advice would you give to someone starting their career in IT/tech? I’ve spoken to a lot of people starting out in cyber security tech, and one thing I consistently tell them is the fact that you cannot know enough. It’s important to build a broad understanding of the field so do what you can to build that knowledge bank. Read books, listen to people speak at cyber security events and talks and engage in conversations.

The pursuit of knowledge is essential to building your credibility, and this is a vital thing to consider if your goal is to reach the C-suite level. Naturally, there are other benefits to learning more. Accelerating your own confidence and building a network of connections certainly comes to mind too. Confidence and connections are useful tools to have in the world of business, so go out there and start engaging. You’ll only hold yourself back if you don’t.

Did you always want to work in IT/tech? Kind of, but not quite. I’ve always been quite the technology enthusiast, especially when it comes to cyber security. Before my role as CEO at CybSafe, I served as an Army Officer in the UK military. Most of my career focused on counterterrorism and national security. I’ve seen a lot of people misuse technology for malicious and harmful purposes.

I want to see technology used to positively impact society. That is an ambition we all share at CybSafe.

What was your first job in IT/Tech? You could say that I was a slight anomaly – my first proper role in the tech sector was founding CybSafe, a cyber security and data analytics software company. 

What are some common misconceptions about working in IT/Tech? Oh, there are so many. Unfortunately, these misconceptions can prevent many talented people from entering the tech scene, so these misconceptions must be addressed head-on.

Two come straight to mind. The first is very common – and it’s to do with the skill set. There’s a misconception that those in the tech industry have a degree, or that they are exceptional at maths. You do not need a degree to enter the scene. Most companies, CybSafe included, will provide all the necessary training and qualifications for candidates. I’d also like to mention that the tech industry is so diverse – while software developers and engineers are undeniably important to tech, there is a range of other roles that don’t require maths. There is a place for everyone.

Another misconception comes from within the industry. Those in the tech field may believe that their role is of the utmost importance to an organisation - to the exclusion of other business priorities. This is damaging, as it can prevent said staff from understanding the broader challenges a business may face and where IT and tech capability fit within that.

What tips would you give to someone aiming for a c-level position? My main advice for those aspiring to reach C-level positions is to remember the importance of leadership. C-level, by definition, is a leadership position, after all. Do what you can to master your profession and understand what it means to lead.

I know I mentioned it already, but I can’t stress the importance of continuous learning and a growth mindset. Build your network, read books and engage in discussions in your field. Become proficient in the technical knowledge required. Whether you want to be a CMO, CDO, CSO or CEO - having that knowledge bank is crucial.

I believe that the best C-levels – especially CEOs – understand people well. Any C-level position will require you to be responsible for both the output of a specific division, as well as the people who work within it.

Leadership is about knowing how to inspire, support and challenge people if need be. Those attributes are something to remember if you are working towards C-level positions.

What are your career ambitions, and have you reached them yet? I’m a very ambitious person, so I’ll always have many things I want to achieve. While I have done a fair bit already, there is still plenty more that I want to do.

Currently, my main career ambition is to lead a successful business that achieves its primary aim. CybSafe’s aim has always been to positively transform society and the way people address the human aspect of cyber security. This ambition is very much a work in progress, but I am looking forward to seeing this ambition achieved over the years. It’s also to build a tech company that deserves to exist and improves the lives of all who come into contact with it.

Do you have a good work-life balance in your current role? I’d say that I have an optimal work-life integration that works well for me. While I’m an ambitious businessman, I’m also a father and a husband. I’m a family man, so I want to spend time with my loved ones! A tailored outlook on work-life integration is key. What works well for me may not work well for others, and I believe it’s important to be aware of this for your team too. So allow them to work in a way that works best for them.

Those in leadership positions must recognise this - everybody works differently. This goes back to what I said earlier about leaders creating conditions for people to succeed. We’re not clones, after all, we’re people. An optimal work environment must be created so exceptional people can work in an environment that will nurture, instead of suffocate. 

What, if anything, would you change about the route your career path has taken? Nothing. Absolutely nothing. Of course, I have had my fair share of setbacks and made a ton of mistakes, but those experiences (the good and the bad) have helped me to get to where I am today. I wouldn’t change the route of my career path at all.

Which would you recommend: A coding boot camp or a computer science degree? First and foremost, it depends on the individual and what they want to do. A degree is handy as you will always have that foundation to fall back on; especially if you are unsure of what career you’d like. Many of the things a degree course gives will stand you in good stead well outside that articulate academic discipline. You have that leeway to change your mind or change career paths, as what you may learn through a degree isn’t entirely as specific as through a boot camp.

On the other side of the coin, a coding boot camp is a great way to learn specialist coding skills in a shorter amount of time. Coding is a highly valued skill and will continue to be so. If you’re interested in starting a career that requires extensive coding knowledge, I’d say that is the one for you.

How important are specific certifications? Depending on what you want to do, they can be rather important. For some careers, certifications may even be vital. There are many certifications available in cyber security tech. On one level, certifications are a good way to show the level of understanding, skills and experience you have.

For cyber security tech, in particular, I would say that certifications are not mandatory to get a foot into the industry – again, it is subject to your job position. The cyber security sector is a good example of a sector that doesn’t require certifications to enter, though I would say that certifications are useful for career progression and climbing the ladder overall.

What are the three skills or abilities you look for in prospective candidates? I am most impressed by candidates who are passionate, innovative, hungry and have a growth mindset.

What would put you off a candidate? I’m particularly wary of self-centred candidates. Those who believe their ability trumps the need to work well as part of the team are not the right fit for CybSafe. In a similar vein, those who want to just “get by” delivering minimum or middling effort, and are not willing to excel and learn, are also not the right candidates.

What are the most common mistakes made by candidates in an interview? How can those mistakes be avoided? A common and avoidable mistake I have seen candidates make is turning up to an interview unprepared. It's crucial candidates take the time to prepare themselves beforehand – this applies to what you plan to say, to what time you will arrive. Unpreparedness shows, and it can leave a bad impression.

I do want to also say that interviewers are aware of the pressure that can be on candidates. While it is important to answer each question, it’s also okay to say you don’t know. Those who will admit they aren’t 100% sure but offer a sensible response, can show that they are teachable and that they can think on the spot. Despite how it may feel, it is not the be-all and end-all if you can’t answer a question – it’s how you handle it that matters.

Do you think it is better to have technical or business skills – or a mix of both? I believe that for a senior leadership role, technical skills – while valuable – are less required than business skills. Having a good grasp of business context is a hugely beneficial asset to have, even for a technical role.