What does it mean to possess radical empowerment? And what goes wrong when it’s defined and measured incorrectly top-down? These are the topics I am exploring today in terms of both security vendor and security team leadership, because as I personally look at job descriptions on the hunt for my next career milestone, I’ve seen radical empowerment as a character to possess.
In the wise words of Inigo Montoya, “You keep using that word, I do not think that word means what you think it means.”
I went to some experts on the topic.
“I don’t see a trendy business buzzword—I see a fundamental and often intimidating shift in organizational psychology,” said Dr. Stacy Thayer, Ph.D., Professor of CyberPsychology at Norfolk State University. “Essentially, it means handing over the keys: giving the people on the front lines the maximum possible authority, budget, and access to data so they can solve problems fast. The ‘radical’ nature of this lies in its ability to tap into something in us all—the need for agency and mastery. When you truly empower someone, you’re boosting their intrinsic motivation, and that is your most potent form of cultural rocket fuel.”
Despite this definition, it’s still seen, and misdefined, in a lot of places. On one job board I saw: “Must possess radical empowerment and feed everything up to the CEO.” On another job board I saw: “Leadership requirements include good camaraderie with all team members to create radical empowerment.”
Again, I am not an expert, but that doesn’t jive.
“[Radical empowerment] can only start at the top,” Dr. Thayer said. “The CEO has to surrender power actively, which is counterintuitive to most corporate wiring. If the CEO models this trust, openly taking the hit when an empowered team messes up, they build the psychological safety that allows people to be bold. This is what separates success from disaster. If you delegate responsibility but keep a tight grip on budgets, resources, and approvals, that empowerment curdles into radical abandonment. You’ve basically told your teams, ‘The outcome is your fault, but the solution isn’t your choice.’ That quickly creates a terrified, paralyzed workforce. To succeed, leadership must redesign the system to make it structurally safer to innovate and learn from mistakes than to be cautious and slow.
However, the job board listings I found jive with the errors that I’ve seen called out elsewhere, such as LinkedIn. For instance, Stuart Henderson, Senior Managing Director, US Products Client Group Lead, Global Management Committee at Accenture wrote this LinkedIn post five months ago:
“Too many leadership teams are built for comfort, not performance. People the leader likes—or just gets along with—instead of the people who will push, challenge, and drive growth. Over the years, I’ve been lucky to gather wisdom from clients, colleagues, and mentors.”
That led to his explaining his “RADICAL” framework, which you can read more of in his post, but most of the key tenets for a radical leader include diverse thinkers who are different than other leaders, the importance of character, leaders who tell the truth no matter what, and making sure you have the right person in the seat vs. any person, because no just any person can fit the “RADICAL” framework. And being “besties” with people is not the way to go about it: that’s a cult of personality.
I’m writing about this for three different reasons:
- Educate top leaders like CEOs and COOs how radical empowerment should be facilitate
- Educate job seekers who are trying to determine if a recruiting company truly groks it
- My own education, as I am always seeking honest feedback to be a better leader – and honesty and forthrightness are key in radical empowerment vs. radical abandonment
While Dr. Thayer and Mr. Henderson makes some pretty straight forward remarks on what is and what isn’t radical empowerment, I wanted to switch it up and get a take from a former colleague with a strong background running legal in cybersecurity and technical environments.
“Radical empowerment, for me, isn’t about handing people a seat at the table. It’s about making sure they know the seat is already theirs,” said Trenika Fields, Business Legal, AI Leader at Cisco, MIT Sloan EMBA Class of ’26. “I set the vision and I trust my team to execute in ways that are anchored in the mission and tied to real business outcomes. But trust without depth doesn’t work. That’s where leading with empathy comes in. It’s my secret sauce, and it has to be real. You can’t fake it. People know when it’s performative. Real empathy builds confidence, and confidence fuels bold, decisive execution. When people feel seen, trusted, and strategically aligned, they lead like builders, not bystanders. Strip that trust and empathy away, and radical disempowerment moves in fast. Voices go quiet. Momentum dies. Innovation flatlines. But when you get it right, you don’t just build teams. You build powerhouses that set the standard and raise the bar for everyone else.”
Why, given how simple this is, is it so hard for senior leadership to do versus say? I worked in an environment years ago when “radical candor” was the theme du jour rather than “radical empowerment.” An executive over an executive over my boss was explaining radical candor, which very simply put, being constructive and forthright with empathy to help others grow. In this particular meeting the senior executive said, and I summarize, “There are some limitations to this, however. Apply this to your peers, but when coming to me only bring solutions without criticism or feedback.” Huh?
Which takes me to a great blog from Tom Brown called “Six Reasons a Leader Won’t Empower.” The first three he calls understandable, and can be taught with practice, communication and practice:
- They don’t know how: Often when someone has been promoted too quickly
- They will lose control: Often when someone may do it well but not the leader’s way
- They don’t trust their team: Often when people can’t trust others as much as you trust yourself
Brown then talks about the “darker reasons” leaders do not empower.
- Jealousy: Feel resentment that someone else is getting glory that should have been theirs
- Insecurity: Lack confidence and worry another’s success will shine a light on what they can’t do
- Ego: They want all of the focus on them
“A leader who is charged with the growth of an organization, and more importantly with the growth of the people, is doing a disservice to both if they don’t embrace empowerment,” Brown wrote.
At RSA Conference this year I talked about putting courage into your career path whether you’ve been in unhealthy workplaces, suffer impostor syndrome, can’t regulate your personal trauma to not affect your career outcomes, and what happens when you suffer under a leader who doesn’t respect you or empower you. I talked the room through how to build a courage plan, and I can say from personal experience it’s very helpful and you grow immensely, but it doesn’t take away the hurt when dealing with any of the above situations from leaders who disempower rather than empower – radically.
Rounding things out, finally I talked to Bryson Bort, Founder and CEO of Scythe and frequent speaker, teacher, and community leader inside and outside cybersecurity.
“Empowerment comes from two aspects of trust: safety and operational competence. Safety is foundational: do you feel valued? Does your organization, from leadership down to the folks you work with daily, have your back?,” Bort said. “Many practitioners struggle because they burn out trying to improve the company the way they see it vs. the walls and restrictions they run into.
“Then, there is operational competence: are you able to excel in the work itself? This can be as simple as improved on-boarding, creating buddy teams, real mentorship, and making training available. But, the harder part is a leadership commitment to the employees through what I call the “Rubik’s Cube Model”: giving enough information that an employee can make their own calls and adjust through the inevitable changes on the ground instead of having to come back each time for additional guidance. Many leaders keep this information to themselves to feel important at the expense of employee empowerment.”
So, why are we talking about this specifically in a security publication? Because there are few fields where team alignment, structure, autonomy, trust, communication fueled through empowerment are critical. Whether it’s how the CISO manages the security team all the way to the incident responder or the way the CEO manages the go-to-market team of a vendor, both require true “letting go” for empowerment for any of the people involved to complete their mission with satisfaction, achieved goals, and company-wide success.
Related: Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure
