Archistry

Survivability by Design™ since 2006

  • Home
  • About
    • Who Is Andrew?
    • C2T System™
    • The Agile Security System™
  • Contact
You are here: Home / Archistry Daily / Get more security by talking about it less

August 7, 2019

Get more security by talking about it less

As you probably know, there’s no context-free definition of security (and if you didn’t, let this be a wake-up call for you). And one of the key things I talked about in last month’s issue of the newsletter is that the ultimate mission and purpose of security isn’t about you.

I know…shocker, right?

But yet, if you were a fly on the wall in most conversations between “security” and any kind of “non-security” stakeholder, in my experience it’s a lot like that classic Far Side Cartoon:

What security says:

“We need to make sure your sensitive data is encrypted so we don’t have a data breach due to some unpatched vulnerability somewhere in our infrastructure. Where do you keep your data?”

What the stakeholder hears:

“We need to……breach…your…data?”

And that’s if they’re still sitting in the room with you. Which they might be, if they’re checking their phone, answering emails, watching cat videos or checking FacedIn because you lost them at the 3rd word…

Or, they’re dead.

The key to successful stakeholder interviews is: it’s all about them. Everything you do in your mission and purpose as security is about doing something to support everyone else in the organization.

So I want you to think back to the last 1…2…or even 3 conversations you’ve had with a non-security stakeholder, and then I want you to tell me who did most of the talking.

If it was you, you’re doing it wrong.

To do better, pay attention to all the goodness oozing from the pages of the September Security Sanity™ newsletter where I talk all about the right way to engage with stakeholders so you actually can figure out what matters to them…

…so you know what you’re actually supposed to be spending your time doing.

And another hint: standing on the parapets swinging away at the green, scaly mutant dog-like cyberattackers like some Medieval Matt Damon is NOT what you’re supposed to be doing with the majority of your time.

Instead, if you change your stakeholder engagement ways like I describe in the September issue, you’ll have a much easier time focusing on what your customers want and earning the support and respect you deserve for doing your best to keep your organizations safe.

Subscribe now to make sure you get the September issue here: https://securitysanity.com

And stay safe,

ast
—
Andrew S. Townley
Archistry Chief Executive

Article by Andrew Townley / Archistry Daily / Stakeholder Credibility, Stakeholder Interviewing

  • Email
  • LinkedIn
  • Twitter
  • YouTube

EMAIL NEWSLETTER

Want to get DAILY email tips on how to build a more effective security program so you can prove your security investments deliver value to the business?

You can always unsubscribe at any time, and we won't sell your data to third parties.

About Us

Archistry works with you to ensure what you want to achieve actually gets done, linking strategy, risk, governance and compliance to enable sustained exceptional performance Read More…

Testimonials

Andrew is a highly skilled and experienced information systems architect and consultant, which in my view is a rare thing. He is innovative in his thinking and merits the title of 'thought leader' in his specialist domains of knowledge—in particular the management of risk. Andrew has embraced SABSA as a framework and, in doing so, has been a significant contributor to extending the SABSA body of knowledge."

— John Sherwood, Chief SABSA Architect

"Fabulous person to work with. Very engaging and insightful. Extremely good technical knowledge with ability to relate concepts together and overcome differing opinions. Makes things work."

— Kevin Howe-Patterson, Chief Architect, Nortel - Wireless Data Services

"Andrew was able to bring clarity and great depth of knowledge to the table. His breadth of thinking and understanding of the business and technical issues along with a clear and effective communication style were of great benefit in moving the process forward towards a successful conclusion."

— Doug Reynolds, Product Manager, MobileAware

"Andrew is a fabulous consultant and presenter that you simply enjoy listening to, as he manages to develop highly sophisticated subjects in very understandable way. His experience is actually surprising and his thoughts leave you without considerable arguments for any doubts in the subjects he covers."

— Biljana Cerin, Director, Information Security and Compliance

Recent Posts

  • If you want better security, you’d better have a better security architecture
  • The ultimate security song to keep you focused on what you’re doing
  • Security heroes
  • There’s always a people problem
  • Putting your data flow diagrams out to pasture…for good

Looking for something else?

  • Home
  • About
  • Contact

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Copyright © 2006-2025 Archistry Incorporated or its affiliates

"Archistry", the stained glass window logo, "Pragmantix" and the Pragmantix™ logo, "Archistry Execution Framework (AEF)", "Archistry Execution Framework, Cybersecurity Edition (ACS)", "The Agile Security System", "The Agile Business System", "Baseline Perspectives", "Architecture Wall", "Archistry Execution Engine", "Renegade Security", "Renegade Security System", "Security Value Delivery System (SVDS)" "Collapse-to-Traction", "Collapse-to-Traction System", "Adaptive Trust & Governance Model (ATGM)", and "Adaptive Trust & Governance Model for Organizations (ATGM4O)" are trademarks of Archistry Incorporated or its affiliates.