Archistry

Survivability by Design™ since 2006

You are here: Home / Archistry Daily / “The business” doesn’t care about cybersecurity

“The business” doesn’t care about cybersecurity

I recently had a conversation with someone who was lamenting about how difficult it was to connect and to communicate with “the business”—you know, the “everyone who isn’t in IT or Security” part of the organization…

…that same organization you’re busting your backside every day to protect and keep safe.

Yeah, those people.

Now maybe you don’t have this problem. So if that’s the case, you can stop reading now. The rest of the email isn’t going to matter to you.

However, if you do have this problem, the good news is that it’s solvable. And actually, while it’s easier to say than it is to do, it’s not really all that hard to do either.

Instead of talking to “the bidness” about security, information security, cybersecurity, breaches, vulnerabilities, phishing or any of those things at the forefront of our minds and on the tip of our tongues…

Stop.

Just stop. Take a deep breath, and think for a minute.

Think about what is of value to the people you’re trying to connect with. Do you know? Have you asked? Have you done your homework?

Have you figured out what commitments they’ve made to everyone else that they might not be able to meet if they don’t have your support?

If not, do not pass go, do not collect $200, and do not do anything else—I mean ANYTHING else…until you’ve figured that out.

If you don’t know where to start, or how to formulate some great questions about what they value, you can find some practical guidance in the September print issue of the Security Sanity™ newsletter.

It goes into some common questions about really connecting and engaging with stakeholders, da bizness and those pesky customers security has but finds it hard to give enough love. Questions like:

  • How do I know who to interview?
  • Where am I supposed to find the information to prepare for the interview?
  • What to do if they won’t meet me?

and the biggest one that is the ultimate key to being able to understand, communicate and deliver the value of security, effectively and consistently—all the time:

How do I know what questions I should ask?

So if you’d like to have the answers to those questions, then I suggest you scoot on over to this link and subscribe: https://securitysanity.com

That “magic connection to the business” pill isn’t just going to be offered to you by some guy in cool sunglasses and a long leather jacket. You need to take it when you find it.

Stay safe,

ast

Andrew S. Townley
Archistry Chief Executive