Speaking to Rooms Where You're Not the Expert

I recently spent a week helping facilitate AWS CISO Circle discussions for senior security executives in Asia-Pacific. One session was in Bangkok, Thailand; the second was in Singapore during the same week I attended Black Hat Asia 2026.

That contrast made the week sharper. One part was full of talks, briefings, and hallway conversations. The other asked me to sit in a room of CISOs and help create a useful discussion.

These were security leaders from financial institutions, airlines, telecommunications companies, and critical infrastructure providers. People whose programs protect systems that entire economies depend on.

For context, AWS CISO Circles are closed-door forums that bring security leaders together by region, industry, or shared concern to discuss the topics they are actually wrestling with: emerging threats, ransomware, Zero Trust, AI and security, board pressure, incidents, governance, and the rough edges that appear when strategy meets reality. They are designed less like conferences and more like peer working sessions. Participants are under NDA, Chatham House Rule is in effect, AWS Security leaders moderate the discussion, and members help shape the topics.

That design matters. It creates a room where people can speak candidly without attribution, compare experiences across industries, and learn from peers who are carrying similar risks in different environments. It also means the facilitator's job is not to deliver another briefing. The job is to create enough structure, trust, and useful tension for the room to learn from itself.

I am not a CISO. I lead security engineering and operations teams. My daily work is building automation, running response workflows, leading response and development teams, and making sure the systems that protect infrastructure actually function under pressure. Different altitude, different problems.

So before I could prepare anything useful, I had to answer a simple question: why would this room benefit from hearing from me?

The Wrong Answer: Be the Expert

My first instinct was to prepare like I was giving a technical briefing. Fill up on data. Memorize the latest threat report numbers. Have a polished answer for every question. Walk in ready to demonstrate that I belonged.

By day three, I realized that approach was wrong.

Not because the data did not matter, but because the audience already had most of it. CISOs at organizations of that scale have threat intelligence teams, vendor briefings, board-level reporting, and peer networks. They were not short on information. They were short on perspectives that cut across the stack in ways their own reporting structures do not always provide.

The hardest part of preparation was not the research. It was accepting that I was not there to have all of the answers.

The Right Answer: Bring Your Vantage Point

The value I could bring was not domain expertise in their industries. It was the cross-cutting view from operating at a different layer.

When you spend your days in security operations, you see things that do not always surface in executive reporting: how automation breaks down at the edges, where human processes create gaps that tooling cannot fill, and what patterns emerge across hundreds of security events that any single event does not reveal.

That is the perspective a room of CISOs does not always get from their own teams, because their teams report up through a lens that naturally smooths out the operational texture. A practitioner from a different organization, operating at a different layer, can reintroduce that texture in a way that sparks useful conversation.

This realization changed how I prepared. Instead of building a presentation designed to impress, I built a framework designed to provoke. Public data synthesized into patterns. Operational realities that complicate the clean narratives. Questions that I genuinely did not know the answers to, and that I wanted the room to help me think through.

What I Learned About Preparation

Synthesize, do not summarize. The room does not need you to recite a threat report they have already read. They need you to connect findings across multiple sources and your own operational experience into something they have not seen before. The work is in the connections, not the data points.

Lead with questions, not answers. The most productive moments in senior discussions happen when someone frames a question that changes how the room thinks about a problem. A well-chosen question is more valuable than a polished slide. I spent as much time crafting the questions I wanted to pose as I did preparing the content I wanted to share.

Prepare for the conversation, not the presentation. In a room of experienced leaders, the real value happens in the discussion, not the monologue. Preparation means anticipating where the conversation will go, having depth ready for the tangents, and being comfortable saying, "I do not know, but here is how I would think about it." Rigid preparation for a set presentation will break the moment someone asks something unexpected.

Facilitation skills matter as much as content. The goal is not to impress the room. It is to create space for the room to learn from each other, with you as the catalyst.

Why You Should Seek These Rooms Out

Early in my career, I avoided situations where I might be the least experienced person in the room. It felt like exposure. Like everyone would notice I did not belong.

I have come to see it differently.

Those rooms are where the most growth happens, precisely because they are uncomfortable. When you are presenting to people who know more than you about their domains, you cannot coast on confidence or credentials. You have to bring genuine value. And figuring out what that value is, when it is not "I know more than you," is one of the most useful professional exercises there is.

It forces you to get honest about what you actually know versus what you have absorbed through proximity. It reveals whether your ideas hold up when pressure-tested by people with different contexts. And it builds a kind of professional confidence that is sturdier than the kind you get from being the expert in a room full of people who report to you.

The Takeaway

Your value in any room is not determined by whether you are the most senior or most experienced person there. It is determined by whether you bring a perspective the room would not have without you.

The rooms that stretch you most are the ones where you are not the smartest person there. Seek them out. That discomfort is where the growth happens.