Alright – so today we’ve got the honor of introducing you to Usman Mustafa. We think you’ll enjoy our conversation, we’ve shared it below.

Usman, thanks for taking the time to share your stories with us today We’d love to hear about the best advice you’ve ever given to a client?

A global organization with operations in several regions had started rapidly adopting Software-as-a-Service (SaaS) applications to help drive agility and efficiency. This transition was happening, however, without any consultation from security teams, as different business units subscribed to SaaS solutions based on their immediate needs, and often without security reviews at all. It led to a widening gap between security and business goals. Operating with a traditional “gatekeeper” mentality, the security teams were seen as an obstacle to innovation, demanding strict control over every deployment. Business leaders, meanwhile, viewed these security measures as obstacles to their lucrative pursuits that created friction within the company.

Meanwhile, leadership knew full well the security risk of unfettered SaaS adoption but was under tremendous pressure to keep pace with digital transformation. As a result, IT teams were a bridge and pressured to quickly deploy tools to address business needs without the appropriate security review. Some teams took shortcuts to get everything done on time, inadvertently putting the organization at risk for data privacy violations and shadow IT and compliance issues.

When the organization turned to me for guidance, I suggested a radical change in perspective: instead of functioning as a gatekeeper that held back progress, security should instead take on the role of a business enabler. The answer is to pivot away from reactive consent processes and incorporate security into the SaaS adoption model from the ground up. Security teams, therefore, needed to be proactive instead of reactive and offer clear, predefined guardrails that business units could work towards and making it easier than ever for them to choose and implement SaaS tools without wasting time.

To help accomplish this, we created a SaaS security framework that grouped applications by risk. This enabled business units to self-service lower-risk tools while making sure security teams were involved in vetting high-risk applications. We also implemented automated security and compliance checks that would continuously validate new deployments to verify that security was embedded into the process without introducing unwanted friction to the way business got done.

In less than six months, the nature of the adoption of SaaS in the company could not be more different. Business and security teams were strategic partners, not foes, and leadership was confident that security was a hurdle they no longer needed to overcome but rather a facilitator of innovation. A new way of onboarding SaaS tools has slashed onboarding time, allowing for secure adoption of SaaS-based on its utility while giving the organization to maintain a strong security and compliance posture that would eliminate the risk of shadow. The tension between departments had dissipated into something more collaborative that balanced security with business agility. This change showed that security and business goals don’t need to be at loggerheads. If approached properly, they can work together and reinforce one another and allow organizations to innovate in confidence without security taking a back seat.

Usman, love having you share your insights with us. Before we ask you more questions, maybe you can take a moment to introduce yourself to our readers who might have missed our earlier conversations?

I started out as a software developer, but a few years in I discovered that I was much more interested in the greater scope, specifically as it relates to infrastructure and cyber security — how does everything connect, how does data flow, and most critically, how do we make it secure? A curiosity that caused me to hone in on a focus at the start of my career and began a journey into helping enterprises traverse the complex landscape of digital transformation without security being an afterthought. As someone who has held strategic roles in global organizations such as Hewlett Packard Enterprise (HPE) and Gulf Business Machines (GBM) over the years, I have been fortunate to gain an in-depth understanding of how businesses grow and scale securely. And today, at Orange Business, I’m working with some of the biggest organizations on the planet; supporting them to harness technology in order to help them both scale, and keep resilient in the face of a security threat landscape that’s forever changing.

The most rewarding part of my work is that it delivers real-world solutions that solve real-world problems that affect businesses and people. Security can be perceived as a roadblock, something that stands in the way of everything we want to do, but for me it should be an enabler — a springboard for a business to get at the sort of emerging technologies they want to implement without worrying about whether their suppliers, partners or customers are going to hold them to accountable to a higher standard. My entire career has been about striking that delicate equilibrium–assisting organizations to embrace AI, cloud, and digital transformation with confidence without concern for obfuscorous threats. Over the years I’ve had the chance to give back to the industry in a meaningful way, whether it’s meeting my research, writing articles, or mentoring other people in the field. I am a coauthor of AI Powered Development: A Cybersecurity Handbook, a reviewer for International Journal of Science and Research (IJSR), and a winner of awards such as the Claro Gold Award for AI 2024 and most recently the Top Achiever of the Year award at Orange Business. My learning process does not end there, I stay engaged with the global Cybersecurity and AI community through organizations such as ISC2, ISACA, IEEE, AAAI and ACM to name a few, where I also continue to learn from and exchange insights with fellows.

Outside of work, I have a deep love for adventure and exploring the world. Living in Dubai has given me the perfect playground to indulge in dune bashing across the vast deserts, where the thrill of navigating the shifting sands feels like a perfect metaphor for tackling challenges in my professional life. I also love traveling to new places, experiencing different cultures, and finding inspiration in the way people across the world approach technology, security, and innovation. At the heart of it all, I believe in staying curious, embracing challenges, and helping others navigate this ever-changing digital landscape—whether it’s businesses securing their future or individuals finding their path in tech.

Can you tell us about a time you’ve had to pivot?

In my early days, I was heavily involved in designing, implementing, and securing enterprise infrastructure, as well as hands-on building of technically sound and resilient solutions. I loved the puzzle of delivery, the troubleshooting challenges, the optimizations to make, and the systems that needed to run like clockwork. However, the more experience I got, the more I realized that delivering real impact was not simply a matter of building solutions; it was actually about helping organizations understand and adopt the right technology in a way that really shifted their business. This general dissatisfaction with the current position inspired me to shift from the role of delivery to one of sales and strategy advising organizations at an earlier phase of their digital transformation. Rather than merely helping enterprises to implement, I started working with them on comprehensive strategies for cybersecurity, AI, and digital infrastructure, encouraging them to adopt not just any solutions that worked but those that would catalyze their business objectives.

Transitioning into sales was not just a move up the career ladder, it was a chance to shape the industry on a much broader, more impactful level. Always passionate about technology, I could imagine enterprise-wide transformation initiatives in this new role, sitting across the table from key decision-makers, and executing them to stimulate meaningful change at scale. In this evolution, I had to elevate my skills, infusing deep technical knowledge with an understanding of enterprise-backed business solutions, negotiation, and strategic planning, enabling organizations to design solutions that were not only secure but sustainable and industry-throughput as well. And now, as Director of Strategic Accounts at Orange Business today, I support some of the largest organizations in the world to tackle AI, cybersecurity, and digital transformation challenges. Hindsight is higher, and this shift empowered me to make a larger impact across the industry to ensure companies do not just implement expertise but actually use it as a genuine enablement device for innovation and growth.

Have any books or other resources had a big impact on you?

Of the many books impacting my management philosophy and approach to leadership, Linchpin, by Seth Godin, is one of my top pics. The book disrupts the traditional notion of pursuing a linear career path and promotes the concept of becoming indispensable, which is not simply someone who can follow orders but a person who takes the initiative thinks outside the box and makes things happen. But, this idea hit home for me when I went from being an architect on the ground plan to one high off the ground in a sales leadership role. It reaffirmed my sense that I don’t believe the impact is about doing the things that you are supposed to do; it’s about bringing new insight, adding unique value, solving real problems, and delivering more than expected.

Godin’s concept of a linchpin, someone who assumes responsibility, leads through creativity and isn’t afraid to question the status quo, has shaped my approach to both leadership and client relationships. In my work, I focus not solely on selling a solution, I work with enterprises to develop their AI, cybersecurity, and digital transformation strategies and approaches to execute these initiatives in ways that create enduring business impact. It is not about applying a playbook; it is about understanding unique challenges, thinking outside the box, and have decisions that create real value. For me, Linchpin proved that some of the best leaders and innovators are not those who conform to a system; they are the ones who push past it, and that’s the approach I take to my work every day.

Contact Info:

• Linkedin: https://www.linkedin.com/in/umh/

Image Credits

Usman Mustafa