What’s Next, and What Not to Do

A quick update, some spicy leadership lessons, and a preview of the book I’m probably going to regret writing.

Update: Departed YL Ventures

I’ve now officially left YL Ventures. Technically, I was done on June 27th, but I wanted to wait until after July 1st (the company’s annual vesting date for carry, in case there was a change of heart on the other side) to give the update about what I’ll be doing next. I’ll be working independently for a while, although I’m happy to discuss retained services with interested folks. Interspersed in this newsletter are some of my ongoing projects (plus, I just moved, so a big project is “settle into the new house”).

(Don’t) Be a Goldfish

There’s a common piece of advice used in elite professional sports: “Be a goldfish.” Most recently, this shows up in Ted Lasso:

The idea is that you shouldn’t remember failures, because they’ll take your edge off in the future.

This is, frankly, awful advice, but with a nugget of utility. In context: in a high-stakes, high-risk elite environment, when you’re going to get multiple, rapid-fire attempts to compete, and you’re going to have a high failure rate (in professional sports, elite athletes like cornerbacks have a failure rate around 30%), and you don’t have the opportunity to review and learn from your failures between tries, then, yes, be a goldfish.

But in almost any other domain? Don’t be a goldfish. You have time between attempts to learn from your mistakes, and your counterparties aren’t just adversaries. If you think they’ll just forget your unforced errors because you’ve moved on, you might be surprised at how your reputation will precede you.

New Project: Value-Add Advising

Now that I’ve left YL Ventures, time to announce what I’ll be up to for a while. I’ll be doing value-add advising, across all stages of the corporate lifecycle. My aim is to connect with teams in need of cybersecurity, leadership, product, and marketing brilliance, in either transactional, engagement, or retained services.

What does that mean? Perhaps you just need a spark for your organization: a leadership keynote for an all-hands or kick-off, a sales training lesson on selling to CISOs, a host for an executive dinner, or a quick diligence review of a new product/startup idea. Or instead you want to light a fire: an inclusive leadership workshop for your executive team, a hands-on-pitch review and sales practice for your SDRs and AEs, refining your messaging and building out a thought leadership program, or a cybersecurity executive program review. Possibly instead you want something ongoing: mentoring and developing your leadership team, guiding your content team, an independent director, or something else entirely.

What you’re looking for is someone to come in and connect the dots for your existing team, helping push them higher than they’d achieve without the very particular set of skills I have acquired over a very long career. Interested? Reach out now and let’s chat!

One Minute Pro Tip: Make Apologies Real

While execs have figured out that apologies are cheap, all too often their apologies are just empty words. You act in a way to maximize your own advantage at the expense of your counterparty (perhaps laying them off right before their options vest), and when they point it out, you apologize. Perhaps you claim that it was an accidental oversight, and you’re sorry, and you offer to give them part of what you deprived them of.

That’s not how apologies work. First, make them whole. In this example, either extend their termination date to accommodate the vesting, or accelerate their vesting. Second, go a step beyond that, as an apology for your actions and your behavior. The words of an apology are free–but repairing the harm you’ve caused isn’t free.

New Book Project: 💩 Leadership

In my head, that emoji reads as “Shitty Leadership”, and who knows where we’ll end up when the book proposal goes out, likely later this summer.

What’s it going to be about? All the ways that people leverage what sounds like great leadership advice, and ride it so hard that they end up destroying value for their organizations. I’m still structuring how it will be laid out–some anecdotes from folks I’ve worked with (yes, I have too many stories of awful leadership), some hypotheticals, and some book reviews of leadership pop culture–so it’ll be a while. I’ll tease some of the leadership anti-patterns here in the Duha One newsletter.

Ongoing Projects: CISO Series, How to CISO

As long time fans of the CISO Series know, it’s been a pet project of mine to help uplevel all CISOs: both today’s and the future’s. That’s continuing on the CISO Series podcast, as well as with How to CISO. This summer, I plan on getting out the next volume of How to CISO: Risk Measurement and Scoring. It’s already at 9000 words, so I’d like to wrap it up before it becomes its own novel. I’d also like to write up a spinoff, How to CMO: Hiring a Field CISO, to give CMOs practical ways to engage with hiring security professionals and setting good expectations.

AI engagement-bait

Here’s the prompt: “I'm going to give you the text of a newsletter I'm about to send out. I'd like you to suggest some recent news stories that have a leadership lesson near them that might resonate.” Here’s ChatGPT’s contribution, included verbatim. I make no promises about their accuracy.

Recent News Stories with Leadership Lessons

1. OpenAI Board Turnover and Strategic Tensions

Leadership Lesson: Don’t be a goldfish—reputations have memory.
OpenAI’s continued reshuffling of board members and strategic direction raises questions about governance, transparency, and internal trust. For leaders, this is a reminder that how you handle internal disagreements—especially when they become public—can linger longer than you think.

2. Salesforce’s AI Strategy Pivot

Leadership Lesson: Don’t oversell the vision—align it with execution capacity.
Salesforce made a splashy AI announcement last year, but internal reports suggest adoption across customer orgs is lagging. There’s a gap between leadership hype and front-line execution. This connects with your 💩 Leadership theme: when leaders press vision without supporting infrastructure, they can erode trust.

3. Shein IPO Filing & ESG Blowback

Leadership Lesson: Real apologies aren’t press releases.
Shein is trying to rebrand with sustainability promises and new governance practices as it prepares for an IPO. Critics argue it’s too little, too late. This maps cleanly to your “Make Apologies Real” section—how organizations and execs apologize without making amends.

4. Julian Assange's Plea Deal and Return

Leadership Lesson: Narratives of accountability differ by perspective.
The legal resolution of Assange’s saga brings up competing views of whistleblowing, leadership transparency, and institutional response. For leaders, it’s a prompt to reflect on who defines reputational harm—and how your actions today might be reinterpreted in tomorrow’s narrative.

5. Google’s Workspace “AI Mandate”

Leadership Lesson: Tooling ≠ transformation.
Google reportedly made heavy AI usage in Workspace a KPI for internal teams, leading to some performative adoption. The leadership lesson? Forcing adoption without clear value may drive short-term metrics, but it can also create long-term cynicism—another 💩 leadership move.