If you’re a Chief Information Security Officer (CISO), you’re essentially running a startup—every single day. That might sound dramatic, but the parallels are striking. Paul Graham’s essay on “Founder Mode” describes the constant juggling, problem-solving, and navigating through the uncertainty that founders face. Swap out “founder” for “CISO,” and you’ll agree with nearly every word!  Like founders, CISOs operate in an environment of ambiguity, where the stakes are high, the resources are limited, and the landscape changes at breakneck speed. Here’s why CISOs are always in Founder Mode—and why embracing this mindset is crucial for success:

1. Uncertainty Is the Job Description

Paul Graham writes that founders must operate without a clear roadmap. The same is true for CISOs. Threat landscapes evolve faster than we can adapt, regulatory environments shift overnight, and executive priorities often conflict with security goals. Consider the SolarWinds attack in 2020. CISOs across the globe scrambled to identify exposure, manage responses, and calm executive teams—all while lacking clarity about the scope of the breach or the best mitigation strategies. In moments like these, CISOs don’t have the luxury of waiting for more information; they must act decisively with incomplete data. As one CISO told me recently, “We’re in the business of making decisions in the dark. You learn to develop a sixth sense for risk and prioritize without perfect visibility.” This ability to make rapid, informed decisions mirrors the agility of a startup founder trying to survive in an unpredictable market.

2. Pulled in Every Direction

Graham notes that founders are pulled in multiple directions: product, customers, fundraising, and hiring. For CISOs, the pull comes from all sides of the business.

• Engineering needs help securing their pipelines
• HR worries about phishing attacks on employee data
• Legal demands airtight compliance for upcoming audits
• The Board wants to know the ROI of your security investments yesterday

Real-world example: During my last CISO role, I found myself explaining API-level security to developers in one meeting, outlining GDPR compliance measures to legal in the next, and preparing a breach response plan for an executive tabletop exercise right after lunch. And that’s before handling the inevitable 4 PM alert from our SIEM about a potential phishing campaign. CISOs, like founders, must be generalists with a knack for context-switching. You’re not just steering the ship; you’re also patching leaks, navigating storms, and occasionally calming passengers.

3. The “Company is Always on Fire” Feeling

Startups often feel like they’re perpetually on the edge of disaster. Founders operate in a state of controlled chaos, constantly triaging crises. For CISOs, this is daily life. The “fire” might be a zero-day vulnerability, a missed compliance deadline, or an executive asking, “Why can’t we just turn off 2FA for this one client?” These challenges demand not just technical expertise but also diplomacy, communication, and leadership skills. One CISO I know described his role as “playing whack-a-mole with a flamethrower.” Eevery issue feels urgent, but prioritizing the right fires to extinguish can mean the difference between a resilient organization and a catastrophic breach.

4. The Startup Within the Company

Even in large organizations, CISOs operate like entrepreneurs within an enterprise. They must “sell” security to stakeholders, rally cross-functional teams, and secure resource buy-in. When proposing a new budget line item for threat intelligence, a CISO isn’t just requesting funds—they’re pitching a vision. They’re answering tough questions, addressing skepticism, and convincing leadership that the investment is worth it. In a sense, every CISO runs a startup: the “Security Company” within the larger organization.

5. Lessons from “Founder Mode” for CISOs

So, how can CISOs thrive in Founder Mode? Here are some takeaways inspired by both founders and security leaders:

• Learn to Prioritize Ruthlessly: Not all fires need extinguishing. Focus on what moves the needle for the organization’s security posture.
• Communicate Like a Visionary: Founders sell their vision. CISOs need to do the same—translate technical needs into business outcomes.
• Embrace Ambiguity: Just as founders navigate uncharted territory, CISOs must be comfortable operating without perfect clarity.
• Build for Scale: Whether it’s tooling, processes, or teams, consider how today’s decisions will hold up as your organization grows.
• Cultivate Relationships: Founders succeed by building networks of allies, investors, and mentors. CISOs need similar alliances across the C-suite and beyond.

6. Conclusion

CISOs and founders are kindred spirits. Both roles demand resilience, adaptability, and vision. The next time you’re faced with chaos and uncertainty, take a page from the startup playbook: Stay focused, keep building, and never lose sight of the bigger picture. After all, Founder Mode isn’t just a mindset—it’s a way to thrive in the unpredictable, high-stakes world of cybersecurity. Let’s keep those fires controlled.