In This Episode

This episode features Dd Budiharto, Founder of Cyber Point Advisory, LLC

You can learn more about the conversation and the guest below.

Tune into the audio version of this episode by clicking the player below:

Tune into the video version of this episode by clicking the YouTube player below:

About the Guest

Dd Budiharto is the founder of Cyber Point Advisory, LLC, a leader in fractional CISO firm that provides cyber security advisory services to startup, emerging, and global organizations. She partners with executive teams, business stakeholders, and IT leaders to develop strategy and road map to enhance the organization’s cyber security posture.

Her expertise in IT and OT security has been instrumental in delivering significantly enhanced information and cyber security for companies including Phillips 66, Baker Hughes, Marathon Oil Corporation, and Halliburton. Dd has been a digital security visionary for over 30 years. As an industry leader, she worked closely with the White House on Critical Infrastructure Cybersecurity initiatives.

She served as chairman of the American Petroleum Institute (API) IT Security Subcommittee, where she collaborated with the White House, and is currently a Governing Member of Gartner and SecureWorld CISO Executive.

Dd is passionate about building ⭕️Cybersecurity Circle⭕️, an inclusive community for cybersecurity enthusiasts at all levels. She serves as a Board of Director of LINK Houston and has remained active as a speaker, moderator, mentor, and advisor for Hou.Sec.Con., Exec.Sec.Con., Women Executive Forum, T200, 50/50 Women On Boards, ISSA, Minorities in Cybersecurity, Cyversity and at multiple universities over time, including the University of Houston, Baylor University, Houston Christian University, University of St Thomas, and Rice University Baker Institute.

Dd was the recipient of the 2024 ORBIE Houston CISO Leadership Award, and a nominee for Team8’s 2025 Cyber25-Women of Impact.

Full Episode Transcript

Jess Vachon: 0:34

Hello, Welcome to another episode of the Voices of the Vigilant podcast. My guest today is Dd Budiharto, founder of CyberPoint Advisory LLC. Dd, so happy to have you on my podcast, Welcome.

Dd Budiharto: 0:55

Thank you, Jess. I've been excited joining you in this podcast.

Jess Vachon: 1:00

Yeah, I know we've known each other for a few years and you're an extremely busy person, so I'm glad we could connect and get you on the podcast. I know you, but our listeners may or may not know you. Why don't you tell them a little bit about yourself, what you're up to right now and a little bit about your background?

Dd Budiharto: 1:15

Sounds good. Thank you, yeah, so I go by Dd Budiharto. My legit name is Katarina, but you know, as cybersecurity you always have an alias and mine is so simple capital D, small d, and I'm basically the cybersecurity equivalent of a Swiss army knife. But instead of opening cans, I'm closing security gaps. I'm closing security gaps by day. I'm a fractional CISO, bouncing between a one-person doctor's office and global oil and gas company, because I learned that hackers or bad actors I shouldn't say just hackers, bad actors they are equal opportunity troublemakers. They don't discriminate their victims. So I'm on a mission to defeat those cyber criminals, one hack at a time, like some sort of digital superhero. My cape is like a two-factor authentication or multi-factor authentication, but I have a superpower, which is I'm able to convince people to start doing cybersecurity hygiene Like, hey, let's change your password, let me help you do that.

Dd Budiharto: 2:36

I spent years as a CISO gas global company where protecting critical infrastructure is at a different scale and level. It's like herding cats. There are politics involved, there's a budget restriction, all the cultural elements of it. But then at the end of the day, from the outside, I learned. Someone told me, gave me the feedback that cybersecurity is so mysterious, it's so intimidating that only tech elite can understand. So I decided to form a community-based meetup last year called Cybersecurity Circle. This is where everyone, coming from complete beginners don't know anything about cybersecurity to seasoned pros, where we all can learn together.

Dd Budiharto: 3:32

I want to turn everyday people into cybersecurity warriors because, let's face it, we need an army, not just generals, not just CISOs like us. So my goal is to make cybersecurity as normal as locking your front door. I mean, we've seen many, many establishments, even our house Wi-Fi broadcasting saying that, hey, free Wi-Fi here, and I wanted to change that. So, yeah, let's buckle up To make cybersecurity accessible, relatable and, my gosh, I love the F word fun, fun, not intimidating. So that's me.

Jess Vachon: 4:20

I wasn't sure which F word we were going for.

Dd Budiharto: 4:28

You said cussing is welcome.!

Jess Vachon: 4:28

So, a lot to unpack there. If I heard correctly, you were a CISO for oil and gas companies and now you're a fractional CISO. That's the first part of what I want to concentrate on. So you know, having been on both sides of that CISO dynamic, what are your thoughts, you know in-house versus fractional? What do you see as positives and negatives? Or maybe, instead of positives and negatives, the challenges of each of those?

Dd Budiharto: 5:09

Okay, no, very fair. Many people think, including management, think or believe in their mind, have an idea that CISO is a unicorn, that they can do everything. They can just spread their magic pixie dust and then boom, all the cybersecurity threats and problems are solved. So even as an internal CISO, they need help.

Dd Budiharto: 5:38

I have been a CISO in three oil and gas companies. I had a need for a deputy CISO. I need all kinds of deputies from the operation, perspective, strategy and everything, because as a CISO, you have to be able to communicate sideways, upward, downwards, outside, internal, and there's only so much time in a day that you're able to accomplish that effectively without burning yourself up. So even as a fractional CISO in a global oil and gas company, I'm helping the current CISO with the execution of some of the projects because I've I'm bringing in my expertise and experience as a CISO from a different oil and gas companies, so we actually complement each other.

Dd Budiharto: 6:33

The decision making is still at the CISO level. I'm here to execute and pointing out and putting the perspective. Hey, this is not how we're going to report to management or to the board, or this is not how the business is going to accept the proposed change that we're trying to push. So that translates into yeah, challenges. CISOs can't do everything, being strategic, being operational, and, you know, they need help, and so the opportunities as a fractional CISO is to help in those areas. And it's ideal for people who've had the CISO experience, because then you are, especially if you're a burnout CISO like me, you're not on the calls day to day or on the weekends and everything else, but you're making sure that your client actually look good and able to fulfill their goals, meet their goals and objectives so that they can function better as a CISO.

Jess Vachon: 7:50

Yeah, I think you have some great observations on that whole difference between the in-house and the fractional CISO and the benefits the fractional to brings to the table . I know as a CISO myself, with all the demands you have on you, it's hard to keep all the information coming in that you need about common threat vectors, tools, the evolving IT infrastructure, and to be doing the management, the protection, and the innovation, all at the same time. So I wonder, and I'm going to ask you as the fractional CISO, do you find that being in the fractional role gives you more time to do all that knowledge development, initiative development, research that you might not have been able to do when you were in the permanent CISO position?

Dd Budiharto: 8:46

Very good, so I forgot to mention that. That's a very good point because, as a fractional CISO, I don't have to deal with the admin of meetings, doing performance management and everything else. So, yes, I'm now able to do more research, more initiative development, like you were saying research, more initiative development, like you were saying, more outreach, more talking to the people, executing, connecting the dots. For that reason, because that admin responsibilities are removed from the fractional CISO perspective, I wanted to add too I don't want to leave behind the other side of the enterprise level businesses, because that's one of the reasons I also became a fractional CISO, because I wanted to have the small to medium-sized businesses because they can't afford a full-time CISO.

Dd Budiharto: 9:39

Since I'm mission-driven, my objective is to defeat cybercriminals. I don't want cyber criminals to win, so I want to make sure that, again, the one person doctor's office that I'm helping I don't want, I don't want the cyber criminal to get a hold of her patients data and and whatever information. They're looking or even you know infiltrating the payment process. They're looking or even you know infiltrating the payment process. So it's that small to medium-sized business. They understand they need some kind of cybersecurity protection, but they don't know where to begin, and many times they don't have the budget to have a full-time cybersecurity professional. I wanted to point them out because, remember, those cybercriminals are equal opportunity troublemakers, so we need to protect this world to medium-sized organizations too.

Jess Vachon: 10:33

Yeah, and that's a key point. I know when I do consulting to nonprofits and the same small to medium-sized businesses, they need a protection and, to use your example of a doctor's office, a doctor's office that can't process insurance claims is out of business in a week or two. It's that quick because they're that reliant on getting the insurance reimbursement so that they can pay their staff and maintain their electronic health records. So it's really critical that they have that help and they do benefit from someone who has had broad corporate experience. Because, as you know, when we're presenting to public companies, we are thinking about costs, we're thinking about right sizing, we're thinking about justifying the security that we're bringing to bear in the appropriate way based upon the company to keep it competitive.

Jess Vachon: 11:32

So there's an art to it, a nuance to it, and to do it at a smaller scale, I think, is even more of a challenge because you've got to target the most essential item of operation for that business. First, get that protection in place and then you start looking at you know what other nice to haves are there. Maybe it's browser isolation, so that they're not clicking on anything, and then maybe it's training for the staff a little later on so they understand why not to click on stuff? So you've done both of those. I'm wondering, how did you scale from corporate size to small to medium business and then keep going back and forth between those two entities? Actually, maybe that's a superpower because you've flexed that muscle so much. But tell me a little bit about that.

Dd Budiharto: 12:30

Oh no, I go crazy too sometimes. But how do I scale that? Moving back and forth, well, answering your first question first, right, helping small to medium-sized business with a limited budget improving their cybersecurity posture. You hit the nail on the head, because I usually ask what is the most important transaction that you have in your office, right? So I do have that doctor's office. I also have a medium-sized business about 150 employees, but they do retail selling at a high scale. So even those two different businesses have different approach of securing their posture. Yeah, so there's no cookie cutter.

Dd Budiharto: 13:20

And, like you said, though, luckily, having had the experience having to manage and cut budgets and everything else to maintain cybersecurity operations, I kind of have that playbook in my head. For this small business, one person, operational. I need to focus on third party first, because sometimes they can't even articulate what they need, right? So you have to have that conversation. What they're not sure, usually in the doctor's perspective, is I don't even know whom I'm dealing. I don't know when I. You know when an email comes in asking for me to pay an invoice or insurance, you know dealing with that. It's real or phishing things like that. Again, there's no cookie cutter for that we start with the third party risk management for that one and then, whereas for the medium sized business, I started with the business impact analysis even before going into. "Yeah, Dd, I need everything. Now let's just figure out business impact analysis. What is your highest priority? I've had to hire two employees to help me because then they remember I want to close the gap. I see the gaps and the people I've hired they have no cybersecurity background. So I'm still in front of the clients documenting my interviews and everything else, and I'm training my employees to document them in a playbook manner so they learn, they get exposures, they get to in a way hands-on. We're not doing anything technical, we're not doing scanning, we're not doing any pen testing because they don't need it at this point. So, yeah, luckily the small to medium-sized business are less stringent in terms of schedules. I'm the one who is very much, "I need to get this done more competitive towards myself, whereas in my large oil and gas client they have deadlines, they have project. You know, everything is driven by timeline. So that's, I've been fortunate to be able to scale the schedules and the on the resources and everything. That way it's. It's quite flexible on the other side. Yeah.

Jess Vachon: 15:41

I like, and I I can't quote it exactly, but you just said it. I think it had to do with scanning. "We don't do it for them because they don't need it at this time, and I think that is such a key part of what a CISO brings to the table is knowing what is needed and when it is needed. We are approached so often by vendors in the security space saying, well, you need this and you need this and you need this. Well, that's not necessarily true. If you looked at corporations as this one entity and said every corporation should have X, y and Z, well, sure, but in reality we as the CISOs, we have to become the experts in the business which you're doing and understand what is appropriate, and we do that at scale. It doesn't matter if it's a one-person company or if it's a 10,000 or 20,000-person company, it works the same way. So I love that you're able to scale it depending on your client and bring them just what they need. I'm sure that's something that they deeply appreciate and that's the value of the CISO as the advisor.

Jess Vachon: 16:56

I'm glad we've had such a big discussion on CISO and fractional CISO.

Jess Vachon: 17:00

I see them as one in the same, whereas some people in our industry say, "well, fractional CISO doesn't see them as one in the same, fractional CISO doesn't have the same investment in the company, they're not in the fire. I think you've proven that that is a falsehood that you do. I mean, essentially, your business survives on delivering on your commitments to those companies and you live and die by the success of multiple clients instead of one client. So, for those of you out there who wonder where I sit, I look at fractional CISOs as the same thing as a CISO. It's the same skill sets, it's the same advisory services, it's the same challenges and if you don't perform, whether you're a fractional CISO or an in-house CISO, they find someone who can perform. And performance isn't just based on the protection. It's based on how smart you are in terms of the money that the business has to invest in cybersecurity, because, at the end of the day, they need to generate revenue. They exist to generate that revenue.

Dd Budiharto: 18:03

Exactly, exactly. You articulated better than I did.

Jess Vachon: 18:08

I got to listen to you, the expert, and just summarize it a little bit. You touched earlier upon the Cybersecurity Circle Initiative, which I think you started and championed, which blends beautifully with what you're talking about. Just in the services you provide, the companies you support, you have to be able to talk up and down and sideways and scale your conversations to those that have a lot of knowledge about cybersecurity and those that don't have any. Tell me about your passion for starting that. Tell me about how that feeds your soul starting that.

Dd Budiharto: 18:54

Whoo, how that feeds my soul. Um, back to being at the enterprise level, CISO enterprise level. When you know, I had my security clearance, I got the briefing from the FBI or all the three other three-letter agencies about threats and intel against our critical infrastructure. And then, at the same time, you know, I also have a very dear friend whose mom was scammed for $850,000 okay, through cyber means and the mom was too ashamed to share it with my friend who was also in cybersecurity. And here I was living in the two worlds enterprise. And then my friend's mom's story. I just said we have to do something about it. At the end of the day, we are being targeted by these cyber criminals about it. At the end of the day, we are being targeted by these cyber criminals. But who is actually gathering the community on the personal level to make sure that our vulnerable population is immune? Get the immunization from all these scammers.

Dd Budiharto: 20:19

So anger started fueling me first. How about that? The fact that, hey, she couldn't get any of the money back. She reported it to the law enforcement and everything. So it started with the anger. And then I said how do I channel my anger to be more productive? So I decided to say, okay, I need to build a community. I need to build a community that is welcoming to everyone and break down that myth that cybersecurity is only for the techie, the elite, the elite level, that it's too intimidating. I want to break down those silos. I want to build a bridge instead of creating silos. So that's how I started.

Dd Budiharto: 21:02

And there's a community here in Houston called "Cup of Joey very clever. And then Joey, joey Sanchez, the founder, always starts when you meet with him, it's free. You meet every Friday. It's free. You just connect networking for all walks of life. He always asks what is your purpose? And when he asked me that question the first time I showed up, I was nervous my gosh, what is my purpose? But since I was still angry from my friend's mom being scammed, I just said I want to defeat cyber criminals. I just kind of stopped him. He said yeah, let's do it together. I'm going to share my platform. You can have your sub-community here within my big circle. You know, the Cup of Joey, whatever you want to call it, have the meeting at the same time. We will support you.

Dd Budiharto: 22:00

So that was about a year and a half ago, and the cybersecurity circle has been growing, growing and, yeah, so it's it's. Now we have a theme every week, so that, through talking about the theme whether or not it's about phishing, whether or not it's about, uh, this upcoming one, security on a on a shoestring budget, or what are they talking about hey, what's your favorite cyber security related movies or books, or whatever? We talk about it in a circle, each one of us sharing the information. Now, the byproduct of that is the beautiful networking that they form among each other. They get to know each other. We've had some of the members who came from completely different backgrounds psychology, sales, comedian. Now they are starting to learn more about cybersecurity and we share resources on what's free and what's not. So, yeah, these cybersecurity warriors are being trained

Jess Vachon: 23:13

That's amazing and you are really making a difference, because you're having the discussions, and there's no "I know more than you. What I really like is when you post on LinkedIn after you've had the event. There's so many people and they're all smiling. Sometimes you see pictures of events and half the people are just frowning or seem disengaged, but the people that are in the photos that you're taking all seem like they're energized. It comes right through. It must be amazing to actually be there and participating. I wonder is this something that you think, over time, can scale out to other communities, because I think the benefit's probably tremendous outside of just the Houston area.

Dd Budiharto: 24:05

Yeah, absolutely. I've been asked a lot. A lot of people want to volunteer as well. It's now. It's about my time scaling, running a business and multiple clients right and running this cybersecurity circle Absolutely, yeah, it's in the book. I just don't know when, yet. I do need to take care of myself as well, to take a breather and then so that I can visualize how we want to take it together. Yeah, I'm looking into that, but I'm open to ideas. I'm open to people who want to do it in other areas, absolutely.

Jess Vachon: 24:54

So at the, at the end of the podcast, we'll tell people how to get a hold of you and hopefully people who are listening will reach out and it won't just be something in the US, but maybe people across the globe who are listening will decide that they want to find out how to do this locally. And again, I think it's something that's just wonderful.

Jess Vachon: 25:16

When we first met a few years ago, I think there was a few of us and we told our backstories and I found your backstory just fascinating and inspiring. So I'd like to put you in the "Wayback Machine and have you tell everyone about your college and how you started out and how you got to where you are today.

Dd Budiharto: 25:40

Yeah,. I need to get to the time then. College seems so long time ago. Yeah, I came to the States in 88, graduated from high school, my parents sent me here to learn English, because English is a universal language, also to distract me from wanting to be a doctor back home. I was born and raised in Indonesia, by the way, Anyway, so I came to the States,the abbreviated version is is, I didn't speak English. I chose accounting as a major because it was the first thing on the list and I didn't have money to actually go full time from just learning English. So I worked as a janitor on campus. So that was my story. But I promised to be the best janitor on campus and I did.

Dd Budiharto: 26:38

And then fast forward. I did not want to go home after graduation because that would have meant to get married, so I decided to go to graduate school. So, I went to DC to get my Master's of Accountancy, again, because I really didn't know what I wanted to do. That was actually the launchpad for my career path to what becomes cybersecurity.

Dd Budiharto: 27:07

Now, when the public aid accounting firm were doing their campus recruiting, one of them asked me what I wanted to do. And I said well, I have an accounting co-op job, cost accounting, calculating hospital beds, square footage and everything else. I said I don't like it, but my colleague always asked me to help them with computer and I love doing computer things, but I really don't know anything about computer. So I wanted to combine computer and accounting together. And the partner said oh, we have just the right position for you, the right role. It was called EDP auditing, which I had no idea what it was, as you and I probably know that EDP word is the precursor of IT, it's electronic data processing. It was pretty much IT audit, but since IT word was not even used yet, we were still in the mainframe environment then. So that's how I learned about security controls from the audit perspective.

Dd Budiharto: 28:24

Fast forward, auditing became too boring for me. Not in the sense that because I just felt we needed more. I always saw a gap, you know, when we're doing audit, because what I noticed? That people would do their "just enough to pass the audit, but it did not equate to security. So I saw that gap. I said, okay, there's got to be something on the other side how we can actually develop the security controls to do the right thing versus just to meet the audit requirement. So I moved on to become an information security analyst for Halliburton at that time, and so that's how I started in my oil and gas journey. That also it was the first formalized cybersecurity or information security department that they created, and within that role I did many things because, you know, when you pioneered the program with the CISO the CISO was also the first time to be hired there you pretty much did everything. You have to learn everything, from the technical to all the way to security awareness.

Dd Budiharto: 29:56

As you probably notice and some people who know me my personality I can't just sit still. This is what we're doing. This is enough. I'm always outspoken, and Halliburton was part, or still part, of a big company, an organization, -- - Institute, American Petroleum Institute where my " would say hey, why don't you go to the meetings? We met quarterly. So in the meeting I was always speaking up what about this, what about that? Hey, we can't apply patches when the drill is going on, you know, because we would stop the drilling and then we would lose money. And again, when you have a big mouth like that, always speaking out, and then they said, didi, I need you to chair the API IT Security Committee so that you can gather people, so we can get initiatives going. So, yeah, I became the chair of the American Petroleum Institute IT Security Subcommittee and that was my exposure to work with lawmakers in DC, with the White House especially so.

Dd Budiharto: 30:56

When President Obama issued the executive order to protect critical infrastructure, I was working closely with his team, with the DOE, and so when he was ready to communicate that to top 10 business in the country, the company I was working for was invited to be in that top 10.

Dd Budiharto: 31:22

And that company was Marathon Oil. It's been acquired by another company, but only two oil and gas companies were invited to the table to meet with the president in The Oval Office, Exxon Mobil and then Marathon Oil, which is a very small company then, and so that was a nice experience in a way that I had to work a lot with The White House Chief of Staff and everything to prepare my CEO to meet with the President, a job that I never dreamt that I would ever do, that they would get me there. I never went to the White House for that function, but it was a privilege to be able to brief my CEO and then ask what question to the President. And then so when he came back, he said, ", I asked the question you asked me. And then the president said, well, good question. So that question, the question was ask the president what is the definition of critical infrastructure?

Dd Budiharto: 32:28

Put him right on the spot.

Dd Budiharto: 32:30

Yeah, of course he did. President, "good question. Yeah, he didn't have the answer, even though it was the executive order that he um that he issued. Right, uh, yeah. So since then I've been recruited to be cso for multiple different oil and gas companies. But this is what I want to bring to the personal level. Right, I'm human, I'm a mother of two. My mother lives with us and you know, my husband, we had to juggle our career Initially, when I started with you know, when I left the public accounting firm, started with Holly Burton, my husband went back to school so he could be the breadwinner and I could stay home because we had our first child then, so I could stay home.

Dd Budiharto: 33:23

You know, become a stay-at-home mom. That's what I wanted to do then and it didn't happen. The universe had different plans. So my career kept going up and also demanding, with all this White House involvement and everything else. So he decided to be the one to back off with the career and taking the kids all multiple the doctor's appointments, sports, whatever. All the extracurricular activities, appointments, sports, whatever all the extracurricular activities.

Dd Budiharto: 33:52

So when I had reached the position of I've been a CISO three times, the pandemic happened. My kids were going through hard times transitioning. One was in high school, one was in middle school. I didn't want to do a CISO job anymore, so I took a job as a number two, as a Chief Security Architect, where I didn't have to be on the call 24 by 7. So, yeah, so the last two companies before I started my own firm. I was not a CISO, I was a cybersecurity architect. Let me tell you the ego hurt, "architect. Let me tell you the ego hurt when you've always been on the number one spot. All the vendors always wanted to talk to you. You know all this facade that being a CISO is top of the world, the best of the best. And I made a conscious decision not to become a CISO. So I had to get my ego down, to talk it down and say, "hey, remember, we're doing this together, we, my ego and I Right that this is for the family. This is not about what the people view us, it's about myself and my family, myself and my family, and so that that kind of like. It was a good humbling experience. Another humbling experience. Then, when I decided to become a business owner, I started my own firm. Now I'm no longer considered a revenue generator by vendors, so I got uninvited. From all these invitations that I've been invited to, literally I watched it getting uninvited, but by then I had matured enough. Now I belong to the we Do Not Care Club. I love it.

Dd Budiharto: 35:49

I don't work for you, you cannot invite me, but I work for myself and for the mission, right? The mission is , I want to defeat cyber criminals. So that is kind of the journey. The journey. Of course, I thought this is my book and running my business and everything else.

Dd Budiharto: 36:09

But soon I have an announcement that I'm transitioning to another role that I never thought that I would actually have. Again, I want to announce it later, but yeah, my point and my message is don't stop at your career, because you know, because that's what you think you're going to do.

Dd Budiharto: 36:33

Be open-minded If the universe wants you to keep growing, be flexible, move with the flow, keep reinventing yourself. Another way of saying it, too, is future-proof yourself, right? Because at the end of the day, all of us are just numbers, no matter, you may be the number one in the company, but when the board or stakeholders decide to say we don't like you anymore, you don't fit with our mission anymore, you're going to go. But since we're not number ones, we don't make that much money. We need to make sure that we have our cushion. We don't have the golden parachute, but we built our own cushions. So that's what I mean by future proofing yourself against all this unknown in your career journey.

Jess Vachon: 37:27

Yeah, thank you for sharing that, because I think it's important for us individuals in information security, regardless of where they're at in their career path, to understand one that it's an evolution, it's a marathon, not a sprint, but also that you can have an impact at every level and, if you are confident enough in yourself, sure enough in yourself and your abilities, that you can, just by showing up, participating, influence the options for your career, which, in addition to that, as you pointed out, grant you allowances for how you want to live your life. And I'm glad that you touched upon that because I think for a lot of people, it's important for them to understand you can have your professional career and you can have what you want for your family life as well, and that you don't necessarily have to make compromises but you have to adjust your flow. So sometimes it's more towards the professional side and sometimes it's more towards the family side. I'm personally one of those people that thinks that you know you work to live, not live to work. So it's good to hear how you balance that.

Jess Vachon: 38:47

But I also I work with so many people that are starting out from different careers or you know, they're just coming out of college and they they're like "I don't know how to make a living, I don't know how to get started, and it's any way you can, it's any. It literally is any way you can do what you can do the best at what you can. People will see that value that you bring to the table and then you'll start to get those opportunities and when you get those opportunities, make the most of them. So your story just encompasses that whole thing and now I know at some point after the podcast people will get to see more of your story and hopefully that just continues to inspire them more than what you've just shared with us.

Jess Vachon: 39:32

So I can't miss this, because I assume a lot of people are going to listen to this episode because of one thing that we kind of promoted, which is that we don't scare you. Why don't we scare you?

Dd Budiharto: 39:46

Yeah, you don't scare me, because my mother lives with me. My mother is full of wisdom. It's full of wisdom. I mean, if we're talking about I was just trying to see you know the wording, the relatability like social engineering, right? Oh, we're so afraid of being social engineered. I think my mom invented social engineering. She had so many ways to manipulate me to be scared of her, to be, to be, you know, to do my chores, and um, uh, when I said a lie, she would, she would just spot it immediately, and so it's.

Dd Budiharto: 40:27

It's, at the end of the day, is about grounding myself, right, when I, whenever I feel arrogant on top of the world or the opposite, scared and despaired and everything else, my mom is the compass who would say that, hey, life is just like a wheel when you're on the top it feels good, but don't forget what it feels like when you're on the bottom. And when you're on the bottom, don't despair, because you're going to move back up and it just continues like that. And so I always remember that when I'm usually that okay, I'm so down, done I'm, so this is I'm angry, I'm frustrated, I'm depressed, whatever. And I'm so blessed he lives with us. And so she'll just say remember, you're going to get back up, so take your time, grieve, vent whatever you need, or do nothing just to cry, but you're going to get there. So that's one of the ways that she always grounds me.

Dd Budiharto: 41:37

One other thing I took a question about her way of, you know, always empowering, but not necessarily. Oh, she can be overbearing too. That's just all mothers. But whenever I feel scared, she reminds me, say, hey, these are the different things that you should not be scared of because you have all this. Let me find an example. Um, yeah, she, she knows when I lie. So to this day, when you know, I was trying to make a surprise for her. So I I was rushing, trying to get balloons or cakes and everything, and she said where are you going? Uh, how come you're not dressed up to go to work? Um, you know this is always inquisitive. So, um, let me see, let me see, let me see I think a whole episode with just your mom and you oh, my goodness.

Dd Budiharto: 42:53

Oh, I guess the yeah, the oh, but the embracing technology, right? Many of us especially remember when the proliferation of iPhones coming to the enterprise world, oh my gosh, the privacy lawyers, the operation people, we were all scared. We're going to mingle corporate data and personal data. And then now it's AI. Right, be scared of AI and everything else. But my mom, no, she has a way for making me not afraid of all this technology or anything else, because I remember what's scarier than being scared of AI and all this technology is the guilt of disappointing her. So if I think about okay, am I gonna feel guilty and am I going to get scolded? Yeah, that scare factor, it's higher than the technology fear of technology factor.

Dd Budiharto: 44:08

So let's just put it that way.

Jess Vachon: 44:11

I love it! Alright. So we covered a lot. Before we transition to the end of the podcast, I like to ask my guests what I call an Empowering Question. So I'll read it, but it's you reflecting on yourself and answering as honestly as you feel you can, or if you can't, feel free to just, you know, move us to a different subject. So the question is, "How often do you give yourself permission to enjoy life, and how do you feel when you do that?

Dd Budiharto: 44:45

How about this? I'm a hypocrite in this one, but I'm also giving myself grace to do better. Every day I tell my mentees, I tell my other people pretty much my friends yeah, give yourself grace, be kind to yourself, slow down. I have not. Unless I put intentionally on a sticky note do nothing, I don't do that. So I need a little reminder visually to manifest my goal. One of them is “do nothing” because I'm naturally restless. How often do I do that? Not often enough. How often do I do that? Not often enough, and so I don't mind being reminded by other people hey, have you done? Do nothing yet.

Jess Vachon: 45:50

Yeah, yeah, and I think that's important. I think all of us have to put that onto our own personal schedules, because our lives these days are so fast and so furious and things change so often that we don't take the time to smell the roses and we don't take the time to appreciate the path that we're on, and I think we don't want to regret. You know, we get to the end of our path and say, oh my, I missed all those opportunities to be present.

Jess Vachon: 46:28

So that's good advice that we got from you. Thank you for being my guest today. Folks, if you like the podcast, please subscribe and rate it in your favorite podcast app. When you do that, it helps to support the program and helps me bring inspiring guests like Didi. So thank you for listening to this episode. Until next time, everyone, bye, bye.

Want to get notified when new episodes are released?

Click the button below to subscribe: