The Integrity Audit.
Why intelligence and energy are dangerous liabilities without ethical leadership.
Dean Kastelic
Principal Consultant
Warren Buffett famously said: “We look for three things when we hire people. We look for intelligence, we look for initiative or energy, and we look for integrity. And if they don’t have the latter, the first two will kill you.”
In my conversations with CFOs and CEOs recently, I’m realising how dangerous this specific gap is in cybersecurity.
“We often assume breaches happen because of a lack of technology or skill. But increasingly, the real vulnerability isn’t technical, it’s the integrity of the decision-making.”
The Leadership Danger Zone
The Silent Budget Killer
The lack of integrity shows up in two specific, expensive ways:
1. The “Echo Chamber” Hire
A new CISO imports their old crew. Loyalty trumps competence. The result is groupthink, blind spots, and a team that won’t challenge the boss’s bad ideas.
2. The “Comfort Zone” Buy
Choosing tools based on relationships, perks, or “what we used last time” rather than defensible, outcome-based criteria. This is Vendor Favoritism disguised as strategy.
This is exactly what Buffett meant. A brilliant, energetic leader without integrity will use their intelligence to rationalise bad decisions, not to fix them.
The CFO’s Question
Don’t just ask your cyber leaders what they are buying. Ask them how that choice stands up to independent scrutiny.
“Integrity is the cheapest, most effective control you can enforce.”
Audit Your Leadership Integrity
Download the briefing for Finance Executives to spot “integrity gaps” and wasted ROI.