I spent more than 25 years in the Israel’s Defense Forces (IDF), moving up the ranks of Unit 8200 to lead a Cyber Department, and eventually became CISO, retiring as a Brigadier General. One of my final projects was to implement security for Project Nimbus, the IDF’s move to the public cloud. That effort forced me to confront the limitations of cloud runtime security, an experience that impacted me deeply enough that I decided to do something about it. I may have made the leap from the military to a private sector founder on an extended timeline, but the transition was easier than I expected. 

Well…mostly. 

In the private sector there are many different motivations for becoming an entrepreneur: The challenge and thrill of building mission-critical software, financial success, the desire to change the world. These are also motivators, but different from the singleness of purpose that usually accompanies a career in the military. My motivation today is more self-driven. I still feel a tremendous sense of urgency, but let’s face it — building a product and defending a nation are apples and oranges. Sometimes I really have to bring it. 

That said, there’s a lot I like about helming a scrappy young start up. Hands down, the best part is that I’m learning so many new things. As a CEO, there are so many aspects to running the organization that I was never on the hook for as a CISO — for example, decisions about how to manage our sales pipeline, when and how to ramp up marketing, how to build and expand our offering and why.  Because we’re building the company from the ground up, I am much more hands on than I’d be in a larger organization.

Another fundamental shift I have made as a leader since becoming a CEO is how I perceive and handle failure. While I understand the Silicon Valley parable that failure is a part of success (i.e. Steve Jobs being fired by Apple), cybersecurity is a high stakes game. Even more so when it’s being done to protect a nation state. Say what you want about failing fast, but coming up as a leader in the military, failure isn’t tolerated. Coming up as a leader in the military, in cybersecurity, the only one who should be failing is the adversary. Period. 

The private sector, however, has a greater tolerance of failing in certain contexts – you lose a deal, make a bad hire, miss a key development milestone, etc. Such failures come with the territory. If you are going to fail then fail fast, move on, and recognize the lesson. Making mistakes can lead to valuable lessons, but repeating the same mistakes again and again is a recipe for systemic failure, which is not ok. Navigating those waters for the benefit of my team, customers, investors and partners has absolutely made me a better leader. 

It hasn’t all been sunshine and rainbows, though, I’ve had to make plenty of adjustments. One of the biggest differences has been the lack of structure. It’s been a good thing to no longer have to deal with the frustrations of an outsized bureaucracy, but on the flip side, the structure and discipline of the military can set soldiers up to be extraordinarily productive and high functioning. Another major adjustment was that as CISO for the entire military, I had plenty of resources, including a team of 2200 cybersecurity specialists and a healthy budget. And because Israel has mandatory military service, I’ve had the honor of working with so many talented young people as they developed their skills and grew into their own. Hands down, that was my favorite part of the job. Working with great people on important things. 

Thankfully, I am still working with great people to accomplish great things. The ability to dream big but also execute quickly and effectively was part of the culture we created while serving in the IDF. I strive to nurture that same mindset as a CEO. For me, there is nothing more fulfilling than walking into a room and registering the team’s excitement and belief in our success. Going from the IDF to a scrappy startup is like switching from driving a semi-truck to a motorcycle. They are different enough to require different kinds of drivers licenses, but even so, driving is still driving. For me, the experience has been familiar enough for me to proceed with confidence but new enough to remain teachable and enjoy the ride.

Sometimes you can teach an old dog new tricks!