Lester Chng's Linkedin Analytics

Harsh truth abt LinkedIn and opportunities: No one is looking for you. There are 1 billion users on LinkedIn. Do you think someone is going to pop into your DMs and say.... "Lester, we love your service and product, where do I pay?" - You need to position - You need to participate - You need to leave no doubt - You need to be discoverable Especially founders and CEOs. STOP hiding. Allow yourself to be discovered. And the best way is to start posting. Here is how to start. 1. Plan out your content calendar. 2. Post 3 times a week 3. Draw your ICP list. 4. DM + Calls. 5. Close. The mix of post type depends on the problem that your product/service solves. Known problem = More authority posts Unknown problem = More awareness Trust post = Personal stories Trust post = Client stories Sales post = Not salesy P.S Can you afford to sit out on LinkedIn?

Typical Cyber CEO and Founder profile 2022: 2 posts, 30 reposts 2023: 4 posts, 10 reposts 2024: 6 posts, 20 reposts "LinkedIn doesn't work. I'll leave it to marketing." Have you really tried to make it work? Let's work together and make 2025 different

Harsh truth: If I didn't write on LinkedIn: - I would not have multiple job offers - I would not be invited to podcasts - I would not have written a book - I would not be invited to speak - I would not be asked to coach Stop lurking. Start writing "It will open doors", is an understatement. Writing on LinkedIn can transform yr Biz - Widen your potential client base - Transform cold leads into warm - Get millions of impressions - Gain industry credibility - Earn trust of experts - Improve outbound - Increase inbound Don't neglect this huge opportunity. Your business needs this boost.

This is one method that I swear by that helped me about 1 topic across 233 posts. Decide what problem your product solves. That is your core topic. 𝙈𝙞𝙣𝙙𝙢𝙖𝙥 𝙞𝙩. Break it down into sub-categories. - tools - risks - benefits - problems - resources - processes - roadblocks - stakeholders - advice to give - best practices - transformation - worst mistakes - contrarian take - success stories - advice received - lessons learned - personal stories - general opinions - key success factors Too much work? No one said it was easy. P.S Anyone else uses mindmaps for writing?

4 Vital aspects cyber CEOs should refresh. Even before typing a single word in a post. 𝙍𝙚𝙛𝙧𝙚𝙨𝙝 𝙮𝙤𝙪𝙧 𝙚𝙣𝙩𝙞𝙧𝙚 𝙥𝙧𝙤𝙛𝙞𝙡𝙚 𝙥𝙖𝙜𝙚 𝗣𝗿𝗼𝗳𝗶𝗹𝗲 𝗣𝗶𝗰𝘁𝘂𝗿𝗲 If you look nothing like your pic, pls swap it. You don't want people to do a double take when you jump onto a call, or when you meet someone at a conference. You are Lester?? Wow, some years have passed. Rough. This has not happened to me. Fingers 🤞 𝗛𝗲𝗮𝗱𝗹𝗶𝗻𝗲 CEO@XYZZZ works fine. But give it some pizzazz. I help X accomplish Y with Z. Is another alternative. Stick with being as clear as possible. No emojis, please. Flag is fine. 𝗕𝗮𝗻𝗻𝗲𝗿 This is Above the Fold prime real estate. Pay someone for a banner. Use your company visuals. Add your personal CTA. This is an opportunity to show who you are. 𝗔𝗯𝗼𝘂𝘁 𝗦𝗲𝗰𝘁𝗶𝗼𝗻 When was the last time you read someone's entire about section? What drew you in to keep you going? Use it to speak to your target audience. 1 reader. 1 message. 1 objective. And LinkedIn moved the About Section up. Time to pay some attention to it. 𝗙𝗲𝗮𝘁𝘂𝗿𝗲𝗱 𝗦𝗲𝗰𝘁𝗶𝗼𝗻 Make it so simple for your reader to act. Have 1 or 2 Calls to Action. Keep it on brand. Simple. Do this before you even start posting. It is more important than posting. Think of it as your landing page. Your first impression. The new biz card. 24/7 marketing. Starts here. P.S Which do you think is the most impt?

Harsh truth: Cyber CEOs and Founders. Your reluctance to post on LinkedIn is costing your organization $$$$ - missed opportunities for lead generation - struggling to differentiate from competition - overspending on advertisements to get 👀 - paying $$ for lackluster conference results - sponsoring cyber caviar and whisky nights Here is what an alternative looks like. When you revamp your LinkedIn profile, optimize your sales funnel, and start posting here: - increase leads - targeted outreach - early qualification of prospects - answer sales qns and reduce friction - build trust and credibility in the market - be invited to speak and share experience - enhance awareness of you and company Don't ignore this powerful channel any longer, it is costing you more than you think.

There are only two ways to know if your company is ready for a cyber crisis: 1. Experience a devasting cyber attack and survive 2. Enhance resiliency through rigorous cyber exercises You have invested significantly to establish your cybersecurity controls. XDR, DLP, SIEM, SASE, NGFW, UEBA. 24/7/365 Security Operations have been stood up to guard your business. Incident Response Plans are in place. You hired the industry's best minds to accelerate your cybersecurity program. And yet there is this nagging feeling that keeps you up at night. Are we ready to handle a crisis? The news is relentless. Company XYZ suffers from a significant cyber attack. City of ABC emergency services disrupted by ransomware attack. Your boss gives you a call. "I know there is no 100% protection, but how confident are you in our ability to respond?" We have the best people on the job, procedures, and plans are in place, and we just launched XXX tool. "Just give it some thought. I have the board and investors breathing down my neck to assure them." Thoughts race through your mind. Are we really ready to handle a crisis? The team has recently gone through a tremendous transformation. New tools New people New team structure New critical vendors New concept of operations But they have not been put through the fire. Are our tools tuned to detect the latest IOCs? Is our SOC manager going to perform under pressure? Does our enterprise risk team know their role in an incident? How reliable are our critical partners and will they respond in time? You reach out to your trusted cybersecurity consulting firm. "You need to demonstrate all these capabilities through a comprehensive cyber exercise program." "Let's run a simple tabletop to assess the readiness of your team. Then we can go from there." The proposal comes in your mailbox Monday morning. One tabletop exercise: $50,000 Multi-series exercise plus the establishment of a cyber exercise program: > $200,000 Here's where I can help. I executed >50 exercises for a top North American financial institution. I established a comprehensive cyber exercise program detailing drills, tabletop exercises, and live ex I ran the Naval Wargaming & Simulation Centre and have been running exercises for >15 years I distilled all that knowledge into this book. The Essential Cybersecurity Exercise Playbook. You will learn all that you need to run exercises and establish a cyber exercise program. Invest in your readiness today.

Do this exercise today for a reality check. Ask a neutral connection to review yr profile Here are a few questions: 1. Does it look professional? 2. Is it clear what my company does? 3. Am I credible and would you trust me? Why is this important you may think? Especially for CEOs and Founders. When I worked in the finance sector, the GRC team was looking for training solutions and sent me a proposal for my opinion. Guess what was the first step I took. I looked at their website. Then immediately went to their founders' LinkedIn page. Mediocre profile. Incomplete. Not aligned with their company. No posts. No presence. I told the GRC team. I can't figure out the company or their team. They agreed and tossed the proposal. How many times have you been ghosted? There may be some clear reasons why. Do the exercise at the top of the post.

5 Steps of a cyber exercise program. Do this and get leadership buy-in. 1. Alignment with overall Cybersecurity prog 2. Leverage risk identified by enterprise risk 3. Socialize the value of an exercise prog 4. Establish roles and responsibilities 5. Create an exercise lifecycle Let's expand on this. 1. 𝘼𝙡𝙞𝙜𝙣𝙢𝙚𝙣𝙩 𝙬𝙞𝙩𝙝 𝙤𝙫𝙚𝙧𝙖𝙡𝙡 𝘾𝙮𝙗𝙚𝙧 𝙥𝙧𝙤𝙜 The complexity and focus of your exercise program should meet the maturity of your overall cybersecurity program. It should not be disjointed or disruptive to what you are trying to build out. For example, if you know that there are certain gaps in your DLP capabilities, there is no point harping on those questions. If your SOC is experienced, there is no point in asking basic incident escalation questions. If your Cybersecurity program is at its infancy, there is no point in asking advanced DFIR questions. Interview the CISO, Head of Risk, Head of SOC and understand how your exercise program can meet and address the current gaps of the program. 2. 𝙇𝙚𝙫𝙚𝙧𝙖𝙜𝙚 𝙧𝙞𝙨𝙠 𝙞𝙙𝙚𝙣𝙩𝙞𝙛𝙞𝙚𝙙 𝙗𝙮 𝙚𝙣𝙩𝙚𝙧𝙥𝙧𝙞𝙨𝙚 𝙧𝙞𝙨𝙠 A robust exercise program will have the support and engagement of the enterprise risk management team. They have put in a considerable amount of research on the threats and they know the opportunities and gaps of the teams. Leverage their risk assessment and use your exercise program to help demonstrate how the teams involved have addressed some of the risks identified. If your program is executed well, your AAR and overall program reports will be used to by various teams in their response to regulators and other stakeholders. 3. 𝙎𝙤𝙘𝙞𝙖𝙡𝙞𝙯𝙚 𝙩𝙝𝙚 𝙫𝙖𝙡𝙪𝙚 𝙤𝙛 𝙖𝙣 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚 𝙥𝙧𝙤𝙜 Exercises have a bad name. In some cases, people will not understand why there is a need for exercises. That is your fault. You need to explain why exercises are vital. - demonstrate maturity of people, process - validate that technology works as stated - provides safe space for difficult qns - allows clarification or roles and res - brings together different teams - scenario + risk awareness - educates first responders - active risk mitigation Hold separate briefing sessions for teams. If they are disengaged, yr prog will fail. 4. 𝙀𝙨𝙩𝙖𝙗𝙡𝙞𝙨𝙝 𝙧𝙤𝙡𝙚𝙨 𝙖𝙣𝙙 𝙧𝙚𝙨𝙥𝙤𝙣𝙨𝙞𝙗𝙞𝙡𝙞𝙩𝙞𝙚𝙨 Here are some roles to consider: - Exercise program sponsor - Exercise committee - Exercise owner - Exercise planner - Exercise facilitator - Exercise participants - Exercise stakeholders 5. 𝘾𝙧𝙚𝙖𝙩𝙚 𝙖𝙣 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚 𝙡𝙞𝙛𝙚𝙘𝙮𝙘𝙡𝙚 This demonstrates governance and sustainability of the program. How will you decide the scenario? How will you show progress and impact? P.S My book will give you more insights

7 ways a strong personal brand can boost awareness of your cybersecurity product. - Enhanced brand and founder credibility - More referrals and recommendations - Increase impressions on your posts - Authority within the community - Thought leadership in niche - Collaboration opportunities - Trust and likeability CEOs and Founders. You are the face of your firm. Take the lead in driving leads. Start sharing your insights on LinkedIn. You don't have to be good with words. You don't have to be an extrovert. Prospects want to hear from you. P.S Who is sick of cold calls? Ans: Your prospects

These are the top 5 questions I get from Cybersecurity CEOs regarding LinkedIn. 1. Why is my post not getting engagement? 2. Why do I need to post from my account? 3. Do I need to talk about my personal life? 4. How do I reach my ideal client profile? 5. What should I be posting about? Let's dive deep into answering these qns. 1. 𝙒𝙝𝙮 𝙞𝙨 𝙢𝙮 𝙥𝙤𝙨𝙩 𝙣𝙤𝙩 𝙜𝙚𝙩𝙩𝙞𝙣𝙜 𝙚𝙣𝙜𝙖𝙜𝙚𝙢𝙚𝙣𝙩? Many reasons but here are a few. - You posted generic pleasantries - You posted at irregular times - The post is formatted poorly - The post is all about you - You have 3 connections - You posted and ghost - You post once a year This point alone is a 3-hour course 😀. But here are some quick tips. Plan for an overall LinkedIn campaign. Decide what your content pillars are. Each individual post has 1 purpose. 1 Post = 1 Message for 1 Person. Create a content calendar. Learn basic copywriting. Format for mobile. Interact actively. Keep at it. 2. 𝙒𝙝𝙮 𝙙𝙤 𝙄 𝙣𝙚𝙚𝙙 𝙩𝙤 𝙥𝙤𝙨𝙩 𝙛𝙧𝙤𝙢 𝙢𝙮 𝙖𝙘𝙘𝙤𝙪𝙣𝙩? Your clients would love to hear directly from the CEO. It establishes a deeper connection and draws awareness to you as a leader, and also to your company. Your personal account is a lead generation machine that has untapped potential. Your stories, insights, and experience are far more impactful than paid adverts or cold email and phone outreach. Time to set the lead flywheel in motion. 3. 𝘿𝙤 𝙄 𝙣𝙚𝙚𝙙 𝙩𝙤 𝙩𝙖𝙡𝙠 𝙖𝙗𝙤𝙪𝙩 𝙢𝙮 𝙥𝙚𝙧𝙨𝙤𝙣𝙖𝙡 𝙡𝙞𝙛𝙚? You don't have to. You can keep it purely business but still weave in personality and charisma with your words. Story-telling techniques can bring out the essence of your experience through a main character in the episode. If you are comfortable with peeling back the curtains in your day-to-day, that will certainly help establish trust and familiarity. But it is not a show-stopper to establishing your authority in your field of choice. 4. 𝙃𝙤𝙬 𝙙𝙤 𝙄 𝙧𝙚𝙖𝙘𝙝 𝙢𝙮 𝙞𝙙𝙚𝙖𝙡 𝙘𝙡𝙞𝙚𝙣𝙩 𝙥𝙧𝙤𝙛𝙞𝙡𝙚? Use a mixture of attraction and persuasion. Position yourself as a trustworthy thought leader and you will start to attract them. Combine selective targeting and generosity and you will start to nurture them. 5. 𝙒𝙝𝙖𝙩 𝙨𝙝𝙤𝙪𝙡𝙙 𝙄 𝙗𝙚 𝙥𝙤𝙨𝙩𝙞𝙣𝙜 𝙖𝙗𝙤𝙪𝙩? The easiest and logical option would be the domain in which you aim to dominate. Why talk about threat actors when your product solves an IAM conundrum? Why opine about the job market when your solution is a transformative GRC platform? Choose 1-2 topics. Align with a problem you solve. Overwhelmed? If it was easy, everyone would be a authority and thought leader. 2 ways I can help. - I'll coach you through this process - I'll ghostwrite your posts Let's chat.

"I don't have time to figure out LinkedIn." "It's just marketing. I'll hire a lead-gen firm." CEOs have 1000 other things better to do than spend time figuring out their personal brand position and even less time to spend fiddling with LinkedIn and its fidgety algos. "I am focused on our next killer product." "I am behind sales target. That's where I am pouring adverts and cold calling." "I need to prep for our next round of capital" Often, it is an ounce of self-doubt. Not a lot. These CEOs are in their position because they believe in themselves. "What if shareholders dislike the attention?" "Do people really care about what I think?" "Can I spend time penning my thoughts?" "What do I even start writing about?" Those who are here for the long run know that they cannot afford to ignore building up a strong presence and reputation. Your business can do with: - increased awareness - long-term trust and reputation - thriving + active network of professionals But it can be confusing on where to start. That's why I created the LinkedIn Power Bundle for Cybersecurity CEOs. Designed for busy leaders who cherish and appreciate building a strong brand. Give me 60 mins. I'll help you step out of the shadows and start building a brand that represents your expertise and leadership DM me "Power" and I'll send you details.

Would you rather spend 10 mins posting? Or spend $10k on spamming InMail? It is not that you don't have time to keep up with LinkedIn and write engaging posts. You are unaware of the value of yr words. When you realize that your words hold the key to establishing yourself as an industry leader, won't you want to write more? When you realize that your words hold the key to building trust with your ideal client, won't you want to share more? When you realize that your words hold the key to turning cold leads into warm ones, won't you want to engage more? Your words are more important than ever. Let's use them to maximum effect. LinkedIn is the stage. Your words are the star.

The best Cyber exercise planners do this. And it is something that AI can't help with. 𝘿𝙚𝙚𝙥 𝙍𝙚𝙨𝙚𝙖𝙧𝙘𝙝 𝙖𝙣𝙙 𝙋𝙧𝙚𝙥𝙖𝙧𝙖𝙩𝙞𝙤𝙣. They conduct interviews to understand the ins and outs of the business. They find out the most critical processes and impacts on the various teams. They study the current incident response plans, business continuity plans, crisis management plans & communication plans. They read up on regulatory requirements. The latest updates, notification periods, format, stakeholders, and processes. They dissect threat actors' TTPs, case studies, news reports, and industry papers. They replay the scenario and injects in their heads a hundred times. Fine-tuning it to ensure it is articulate in its purpose. They understand the exercise audience and appreciate the objectives. What questions will they have? Do we need pre-reading material? What level of understanding will they have? How to manage the pace of the exercise? And you thought it was as simple as asking ChatGPT for a scenario and injects, and rolling up on the day of the exercise? Good luck!

Only 1% of LinkedIn accounts post content. Even fewer Cyber CEOs and Founders do. This is your chance to move ahead. Whatever you think of social media, Will it harm to have 3,000,0000 views of your content each year? Will it harm to have 10,000 views of your profile each quarter? LinkedIn is not going away anytime soon. Your clients are here and consuming. Are you still sitting on the sidelines, watching others move ahead on this platform? Because you don't want to spend time learning about this channel? Think about the missed opportunities that 3,000,000 views could have brought. Don't take it from me. Ask your VP Marketing in the next meeting. "Should I start writing on LinkedIn?" If he or she says no need, good luck.

You can't ignore it anymore. Cyber attacks are happening to yr sector. Run those exercises today and get ready. The threat actors are not going to wait. Want to learn how to run them? These are the 7 documents to learn all about cybersecurity exercises. Here is the link to all the documents. The Essential Cyber Exercise Playbook - lnkd.in/gBS3G8P3 CISA Tabletop Exercise Packages - lnkd.in/gnsa5cxJ NIST SP 800-84 - lnkd.in/gcY_rNeJ FEMA HSEEP - lnkd.in/gEW4bad8 UK NCSC -lnkd.in/gFk_85ig FFIEC IT Exam Handbook - lnkd.in/gKH5-5eV OSFI I-CRT Framework - lnkd.in/ghtfXTv6. P.S How are your 1H exercises?

View my verified achievement from Cyber Leadership Institute.

Most successful people never stop learning. Here's my mini step to being successful. Over the last 8 weeks, I embarked on the Cyber Leadership Program by Cyber Leadership Institute. It involved hours of sacrifice and time away from cozying up with my wife and watching Korean dramas.   (we still did, just slept less 😂) The role of a CISO / Cyber Leader  Developing a cyber resilience strategy  Leading a cyber risk aware culture change Building/leading world class cyber function  Maximizing impact + influence as a leader Maintaining resilience, ops excellence Embedding agile cyber governance Stakeholder management With a Capstone Project Delivery of building a Cyber Resilience Strategy. My biggest takeaway was the awareness I gained of all the activities and workstreams in which I was involved during my time at the largest cyber programs at the banks. It all made sense and connected the dots. This is my mini step to being successful. Let's keep building. Cheers to Phillimon Zongo, Darren Argyle, and Jan Schreuder for building and leading this program. P.S What's your mini step this year?

Protecting the manufacturing sector. The supply chains are vulnerable. Glad to see a strong focus om protecting Canada’s production lines. Join us on Day 2 at ManuSec: Cyber Security for Manufacturing. Learn about our programs as Rogers Cybersecure Catalyst, Toronto Metropolitan University play our part to enhance Canada’s cyber resilience. - industry certification training - supprorting cybersecurity startups - TTXs and Cyber Range SIM exercises Probably the only Canadian booth 🇨🇦 P.S come say hi eh?

I look modest. She looks goddess. Yes I know I am lucky. Have a good weekend. Have you animated yourself?