Part 1 — The Leadership Pattern I Could No Longer Ignore
Over the past few months, I’ve had a number of leaders reach out with a similar kind of curiosity. Not the transactional kind. Not the “send me the brochure” kind. It’s been more reflective than that.
They’ve read the blogs and watched the posts unfold. They sense that when I speak about risk, leadership, alignment, and accountability, I’m not just talking about frameworks.
And eventually the question surfaces:
“What exactly is the Risk Rebel Leadership Pathway?”
I’ve realised that what they’re really asking isn’t about structure or steps.
They’re asking what sits underneath it.
Why it exists.
Why it feels different.
The honest answer is this: the pathway didn’t begin as a product idea. It emerged from years of watching a pattern repeat itself — across industries, across countries, and across leadership levels.
And at some point, I realised I needed to be brave enough to bring this pathway forward.
Because it had been needed for a long time.
The Pattern I Kept Seeing
Over the past decade, through various engagements and projects — some of the first of their kind in Australia — working alongside teams in risk, cyber, data security, governance, and particularly insider threat environments, I began to notice something that unsettled me.
Senior leaders would speak about risk management as though they understood it and their role in it — yet it seemed to live somewhere else in the organisation.
In governance teams.
In risk and compliance functions.
In ICT security.
It felt like an unspoken rule that risk could be delegated — outsourced to a function.
And with that delegation, accountability quietly drifted downward. It became more about compliance than leadership.
I understood the instinct. Policies create structure. Governance frameworks create predictability. Technology offers the promise of control.
These are all valuable tools.
But one truth kept surfacing for me — and I’ve written about it many times since:
You cannot outsource accountability.
Royal Commissions have certainly awakened certain sectors to this reality over the years.
What I saw in real incidents — the breaches, misconduct, ethical fractures, cultural breakdowns — often didn’t stem from a missing policy.
They stemmed from human moments.
A decision made under pressure.
A workaround to meet a KPI or deadline.
A corner cut because the system impeded their work and made the right thing hard.
A conversation avoided.
A click on an email link because their level of care had diluted.
A concern not raised out of fear.
A leader stretched too thin to notice early signals.
A misalignment or poor behaviour tolerated just a little too long.
No matter where I pulled the thread, it led back to people.
And more specifically, it led back to leadership.
What was tolerated.
What was ignored.
What was dismissed.
What was deflected.
What was weaponised.
Not reckless leadership. Not incompetent leadership.
Often very intelligent, well-intentioned leaders.
But leaders who, over time, had developed a complicated — and sometimes adversarial — relationship with how they saw and understood risk.
Sometimes it showed up as avoidance.
Sometimes as over-control and micromanagement.
Sometimes as distancing — allowing risk to remain technical rather than relational.
It wasn’t malicious.
It was human.
But it was also dangerous.
The Disengagement Pathway
What struck me even more deeply was the pattern within the people involved in these incidents.
When you traced the threads backwards — from incident to individual — the stories sounded eerily similar.
Employees who once felt excited to be part of their organisation.
People who were engaged, committed, and proud.
And then, slowly, something changed.
It was as if something chipped away at them — because it had.
Processes became harder rather than smarter.
KPIs overshadowed judgement.
Speaking up felt risky.
Being the messenger felt dangerous.
And then there were the behaviours everyone could see, yet a blind eye was turned — until silence slowly became mistaken for acceptance.
A common theme across many of these organisations was that they did not operate as they preached. Their stated values and purpose were not integrated into how the organisation actually showed up.
The conflict appeared daily for employees — sometimes in small ways, sometimes in significant ones.
This is why you often hear me speak about disillusionment being on the pathway to disengagement.
So employees adapted.
In many ways, they subtly stepped back.
They stopped raising concerns.
They cut corners to survive unrealistic expectations.
They told themselves, “This is just how it works here.”
And over time, disengagement takes root.
Once disengagement settles in, behaviour shifts.
Lines are stepped over that they once would never have crossed.
Or more quietly — they simply stop caring.
I have heard so many versions of justification, but the undertone is often the same:
“If the rules are broken, that’s a them issue. After all, they made the rules and created the broken systems and bottlenecks.”
Watching that transition — from engaged employee to disengaged risk — is sobering.
Yet most organisations miss it until there is a real issue.
That pathway is rarely about bad people.
It is about environments shaped by leadership decisions that have significant consequences for their people.
The Moment Everything Simplified
Around this time, a number of years ago, I was wrestling with what I was observing — and yes, I was frustrated by the attitude and what appeared to be a lack of accountability.
I remember a key meeting and conversation I had around this time with someone I respected deeply, Glen. He listened as I unpacked what I was seeing — the complexity, the patterns, the human dynamics behind so-called “risk events.”
Also the dismissive attitude around accountability and understanding the associated risks. It was easier to blame others.
Then Glen paused, looked straight at me, and asked a simple question:
“Can you make something that others have made so complex… simple? So that anyone could understand it? And I mean anyone.”
There was no hesitation in my answer.
“Yes. Absolutely.”
Because I had already been doing exactly that.
I was acutely aware of the issue, and I could see how our work was benefiting organisations — I just hadn’t yet packaged the thinking in a way that others could easily follow.
Because underneath the jargon, the layered frameworks, and the smoke and mirrors, the truth was simple:
Risk starts and ends with people.
That conversation also became the catalyst for my first book. It gave me the opportunity to unpack years of experience and connect the dots in a way leaders — not just risk professionals — could understand.
Richard Branson’s words echoed in the background of that season, and still do today:
"Any fool can make something complicated. It is hard to keep things simple.”
Risk had become complicated — because we, as people, made it so.
But the core truth never was.
And that realisation reshaped not only my work — but how I began to see leadership itself.
The Leaders Who Reach Out
Over the years, I’ve sat with many executives and leaders who are highly capable, intelligent, and deeply committed to doing good work.
On paper, they are strong performers. Their organisations function. Targets are met.
And yet, when the conversation slows and becomes more honest — often within the safe zone we create for our sessions — something else surfaces.
A quiet heaviness.
Not burnout.
Not failure.
But a sense that leadership feels more draining than it should.
That compliance conversations feel procedural rather than purposeful.
That risk management has become reactive rather than strategic.
Sometimes there is an unspoken admission that they are no longer leading with the same clarity or conviction they once had.
That somewhere along the way, they adapted to systems that didn’t sit right — and that adaptation slowly became the norm.
The focus became “Systems before People.” Instead of “Systems for People.”
I recognise that experience because I’ve lived it.
And now, with such a heavy organisational focus on AI, this challenge — and the associated risk — is becoming even more pronounced.
There were seasons in my own leadership journey where I chose pragmatism over challenge.
Where I focused on protecting my team from flawed systems rather than confronting those systems directly.
Where I told myself I was simply being realistic.
It wasn’t weakness.
It was fatigue.
And fatigue reshapes standards if you’re not careful.
It softens edges.
It narrows perspective.
It makes survival feel more practical than alignment.
That subtle shift — that quiet internal compromise — is something many leaders experience but rarely talk about openly.
And it is one of the reasons the Risk Rebel Leadership Pathway eventually took shape.
Not as a quick fix.
Not as another framework.
But as a way to create space for reflection — and the courage to step forward into becoming the type of leader people know they are capable of being.
The type of leader their teams deserve.
A Conversation Worth Continuing
Over time, I realised that helping leaders reconnect with that alignment required more than conversation alone.
It required a way to guide them through the uncertainty that leadership and risk inevitably bring.
Because the truth is, the most important leadership work rarely happens in places that feel comfortable or predictable.
It happens in places that feel uncertain.
Places many leaders instinctively avoid.
Which is why, in the next part of this reflection, I want to share the analogy I often use to explain this journey — and why it resonates so strongly with so many leaders.
It begins with a simple idea:
The cave you fear to enter holds the treasure you seek.
In Part 2, let me explain the cave — and why so many leaders sense the treasure inside it, yet hesitate at the entrance.
