In a conversation at Security Edge, David Gee and Daryl Pereira explored how CISOs rebuild trust and resilience after major cyber incidents.

David Gee, former CIO & CISO, opened the session by reflecting on the stories behind his newly released book, A Day in the Life of a CISO.

The book brings together first-hand experiences from security leaders across Australia, Asia, Europe, and the United States, including executives from Suncorp, Fidelity, QBE, Coca-Cola, and PayPal.

Davod said his goal was to document the lessons CISOs wished they had known earlier, structured as a practical roadmap: from advice for newcomers to advanced recovery frameworks for veteran leaders.

Joining him, Daryl Pereira, APJ Head of the Office of the CISO at Google Cloud, focused on one of the book’s most urgent themes, how to recover after a major breach.

Daryl is often brought in when an organisation has suffered a catastrophic cyberattack, and his account from a nation-state incident revealed how leadership, not just technology, determines recovery speed and credibility.

The early hours are defined by confusion and political tension, he explained, as internal blame falls quickly on IT teams.

His priority is to stabilise relationships, starting with the board and executive team, to secure sponsorship for the recovery programme.

Daryl noted that the most successful remediation efforts are those led by executives with personal accountability.

In one case, a CEO personally fined millions by regulators became the programme’s sponsor, transforming a crisis into a moment of shared ownership.

For Daryl, resilience requires both technical rigour and emotional intelligence, as security leaders must unite technology teams and business leaders under one recovery vision.

David added that stories like these reveal why leadership and culture shape the long-term impact of a breach more than any framework or tool.

The book’s “Yoda Masters” chapters, written by industry veterans, reinforce that experience, humility, and cross-functional trust are what separate those who simply survive incidents from those who strengthen their organisations through them.

 

Key takeaways:

  • Shared lessons from global CISOs: David’s new book brings together insights from cyber security leaders worldwide, offering practical advice for new and seasoned CISOs through real-world “war stories” and strategies for building resilience after major incidents.
  • Leadership under pressure: Daryl’s experience rebuilding after a nation-state cyberattack highlights the importance of understanding internal politics and maintaining unity between technology teams and business executives during crisis response.
  • Executive sponsorship is critical: Successful recovery depends on having the right leader backing the remediation effort, ideally someone with direct accountability and “skin in the game,” such as a CEO personally impacted by the breach.
Contributors
Daryl Pereira APJ Head Office of the CISO at Google Cloud
Steering Google Cloud’s ‘Office of the CISO’ in the Asia Pacific, Daryl works with CISOs, CIOs, CROs, regulators and government officials to... More

Steering Google Cloud’s ‘Office of the CISO’ in the Asia Pacific, Daryl works with CISOs, CIOs, CROs, regulators and government officials to elevate cybersecurity maturity at both a national and global level. The ‘Office of the CISO’ is art of Google’s internal security team & COO function, and is comprised of former CISOs/CIOs tasked with advocating for better cybersecurity, AI risk and digital trust outcomes.

Daryl has 30 years of technology experience including an initial 8 years in the Australian Public sector in Canberra, followed by 9 years in Banking in Sydney and Singapore, and 11 years as a senior Partner at KPMG Management Consulting. While at KPMG Singapore, Daryl founded and led the Cyber Consulting practice, growing the team to over 120 cyber consultants and leading 5 Partners (owner-operators).

At Deutsche Bank, Daryl’s last role was as global head of Program Management Office for the Global Banking IT division, overseeing governance for a €500M portfolio and 150 project managers based in Singapore, Frankfurt, London and New York.

Daryl began his career working in the Australian Federal Government in Canberra as an outsourced technology contractor at the Australian Customs Service, followed by positions with the Department of Agriculture, Department of Home Affairs/Immigration and Department of Veterans Affairs.

Nurturing the next generation of Cybersecurity and Governance leaders is Daryl’s passion, leading him to volunteer at ISACA Singapore where he was the President of the Board of Directors, the American Chamber of Commerce, and the Institute of Internal Auditors where he is currently a Board member.

Daryl is an Adjunct Lecturer at the Singapore Management University – Singapore Institute of Directors, where he leads the Cybersecurity module for “SID’s Directorship Programme”. This program certifies Company Directors as Boardroom-ready for their organisations. He is also a Guest Lecturer at the University of Canberra (Australia) on the topic of Cyber Strategy.

Daryl was awarded a B.Commerce (double major in Accounting & Information Systems) and M.InfoTech from the University of Canberra, and a MBA from Manchester Business School. He is also a certified CPA (Australia), CISA, CISM, CRISC.

Less
David Gee Former Global Head Technology, Cyber & Data Risk, Macquarie Group
David J. Gee has 20+ years experience as CIO and CISO. He joined Macquarie Group in early 2021 as Global Head Technology,... More

David J. Gee has 20+ years experience as CIO and CISO. He joined Macquarie Group in early 2021 as Global Head Technology, Cyber and Data Risk. David is responsible for protecting Macquarie Group using his significant expertise in technology and cybersecurity. He has served as CISO for HSBC Asia Pacific, based in HK and responsible for the most critical and profitable countries for this large investment bank. David drove the cybersecurity maturity uplift and led all aspects of cyber for HSBC in these 19 countries. Prior to HSBC, David had an extensive Transformational CIO experience across numerous significant roles.

At MetLife Japan, David was Statutory Executive Officer, Senior Vice President and CIO. This is the second largest market for MetLife – a US$70B enterprise. David led the digital transformation for this large insurer with a significant focus on digitizing end to end customer engagement processes. At MetLife Japan managed a team of 230 IT Staff supported by 1200-1300 external resources, with an Annual IT spend in excess of U$300m.

David is Board Advisor to Sekuro, a successful cybersecurity company. A number of other Advisory roles are to be announced.

He is also past CIO at Credit Union of Australia where he successfully led a major transformation of all systems and technology. In this role he won CIO of the Year for Financial Services in Australia.

David has also been Executive Advisor for large scale transformation with KPMG, Ernst & Young and ICG. He has deep experience with Fintech and innovation ecosystems. Mentor at Stone & Chalk and Tyro Fintech Hub. Venture Partner with Sapien Ventures and Advisory Board of Venturetec.Accelerator. David also has been Fintech Advisor for a number of startups.

He is a digital industry thought leader and regular columnist with ITnews, CSO (Cyber), CIO Magazine and Computerworld, with more than 100+ articles published.

David was Information Officer and CIO for Lilly USA ($12B sales) & member of Lilly USA management. He has also enjoyed international expatriate assignments in Tokyo, Shanghai, Hong Kong and Kobe and in the USA.

Less
security leadership culture