Key Takeaways
- Tarah Wheeler entered cybersecurity “by accident,” describing the field as something that dragged her in and never let her go.
- Her background in social science and writing shapes how she views security, emphasizing human behavior and collective risk management.
- Wheeler has held diverse technical roles—red team, purple team, SecOps, physical/digital/social security—before moving into risk, compliance, and leadership.
- She believes effective cybersecurity leadership requires subsuming one’s ego, enabling others to excel, and maintaining cross‑disciplinary interests to improve communication with non‑technical stakeholders.
- Wheeler warns that burnout stems less from personal mismanagement and more from systemic pressures of “late stage capitalism” that leave people feeling trapped and powerless.
- She advocates embracing failure as a learning tool, arguing that frequent, intelligent failure drives long‑term success.
- Wheeler’s greatest current concern is the lack of reliable, ground‑truth data in cybersecurity, which hampers evidence‑based decision‑making and fuels hype over facts.
- She calls for a national “Bureau of Cyber Statistics” to provide authoritative benchmarks, similar to how NIST once served as a trusted source before recent workforce cuts.
Background and Early Career
Tarah Wheeler’s path to becoming Chief Information Security Officer (CISO) at TPO Group was anything but planned. She jokes that she “fell backwards into” cybersecurity, describing the field as something that dragged her into an alley, struck her with a baseball‑bat‑like “cosh,” and declared her one of its own. Though born in Washington, D.C., Wheeler is presently studying at Oxford in the UK, a detail that underscores her transatlantic perspective.
Social Science Roots
At heart Wheeler identifies as a social scientist and writer. She finds cybersecurity an ideal laboratory for observing how people behave when they think they are unobserved, then measuring those actions with data. This lens lets her treat security as a stage for interpersonal dynamics—friend versus foe, collaboration, leadership, and international relations—making the technical work inseparable from the human element.
Technical Foundations
Wheeler’s hands‑on experience spans red teaming, purple teaming, Security Operations (SecOps), and physical, digital, and social cybersecurity. She notes that each role adds a layer of understanding that persists when she shifts focus. Today she spends more time on risk and compliance, appreciating how these areas reveal the large‑scale impact of individual actions and how policy can steer 50,000 employees toward safer behavior.
Writing and Thought Leadership
Her love of writing has produced notable works, including a 2018 Foreign Policy feature titled In Cyberwar, There are No Rules and the book Women in Tech: Take Your Career to the Next Level with Practical Advice and Inspiring Stories. Wheeler has also authored policy papers for the Council on Foreign Relations and Harvard’s Belfer Center, blending her social‑science rigor with practical security insights.
Leadership Philosophy
Wheeler argues that the transition from individual contributor to leader hinges on the ability to subsume one’s ego. A true leader helps others perform the tasks they once did—better than they ever could—while claiming no personal credit. She believes anyone can lead if they are comfortable letting their victories appear as others’ successes.
Cross‑Disciplinary Interests
Outside interests, Wheeler insists, are not distractions but assets. Engaging in intellectual puzzles, flying planes, or motorcycling refreshes the mind and supplies analogies that make complex security concepts accessible to non‑technical executives. The more varied one’s pursuits, the better they can translate technical realities into risk‑based decisions for business leaders.
Burnout and Systemic Traps
When asked about burnout, Wheeler shifts focus from personal self‑care to structural causes. She describes burnout as the feeling of being trapped in an exhausting, inescapable situation—often a product of “late stage capitalism,” a term she uses to critique modern market economies that prioritize profit over human well‑being. The remedy, she argues, is not a bath‑ bomb prescription but identifying and dismantling the invisible traps that leave people feeling powerless.
Mentorship and Advice
The best personal advice Wheeler received came from a boss during a crisis: “In two years, this is going to be a story you tell yourself about something that once happened to you.” This reminder that challenges become history and do not define a person has guided her resilience. Technically, Jon Callas taught her to focus on what truly moves the needle—explaining technology to others—rather than wasting time on low‑impact tasks like constantly rebuilding drivers.
Embracing Failure
Wheeler encourages others to “fail hard and fail often.” She estimates that she fails about seven out of ten attempts, yet she views each failure as data that refines future efforts. By increasing the number of attempts and maintaining a healthy ratio of acceptable failures to successes, she believes one can achieve extraordinary outcomes without shame.
Current Concerns: The Truth Gap
Today Wheeler’s primary worry is the scarcity of reliable, ground‑truth data in cybersecurity. Without industry benchmarks or statistics, professionals struggle to answer basic questions: how many phishing tests to run, what ROI to expect from cyber insurance, or how many attacks to accept versus mitigate. She attributes this vacuum to a deluge of media hype, corporate marketing, and government white papers that lack scientific rigor.
The Need for a Cyber Statistics Bureau
Wheeler points to the recent downsizing of NIST—over 700 jobs lost since 2025, including key encryption‑validation staff—as evidence that even the last bastion of irrefutable evidence is under threat. She advocates for a dedicated Bureau of Cyber Statistics in the United States, analogous to other federal data agencies, to provide authoritative benchmarks and curb the substitution of Gartner quadrants for factual analysis.
Conclusion
Tarah Wheeler’s career illustrates how a non‑linear entry into cybersecurity, rooted in social science and writing, can produce a leader who values human behavior, cross‑disciplinary learning, and systemic thinking. Her advice—embrace failure, check ego, seek truth—offers a roadmap for professionals navigating an increasingly complex threat landscape while resisting the burnout and hype that plague the field. The push for reliable data, she argues, is not merely academic; it is essential for sound, risk‑based decisions that protect critical infrastructure and the people who depend on it.

