Effective communication skills are probably the most important attributes a cyber security professional or any senior leader can have: here’s why. I wrote this article to explain how ineffective communication can erode your credibility with the C-suite, and explain how a good communicator, who delivers succinct and accurate briefings to the executive, will command respect and engender belief in the security team. Let’s start with a situation…
THE INCIDENT
You’re the information security manager for a large corporation. It’s just turned 4 pm on Friday afternoon and you’ve taken your team to the pub for a well-earned beverage. Your mobile phone rings – it’s your service delivery manager – something’s happened at one of your major sites. Users are reporting issues accessing their files. You ask, “OK, so how is this a security issue? Have you spoken to the infrastructure manager?” The reply is the last thing you want to hear, “We thought it best to call you because the error message said, ‘Your personal files are encrypted.’ The message may have looked something like the dialog shown in Figure 1.
“Figure 1 – Typical Ransomware Dialog Box Demanding Ransom”
You sigh, thinking to yourself, finally, it’s happened. You’ve been protesting for years that your organisation is vulnerable, but you now have a fully blown incident on your hands. What could you have done differently? Why wouldn’t they listen to your warnings? Are you now going to be able to say, “I told you so!”. It’s time to stop and take a deep breath. Could it be your own fault that you’ve been unsuccessful in getting your initiatives over the line? Let’s go back and take a look.
LOOKING BACK
For years, I’ve worked very closely with IT security professionals. At times, I have even walked in their shoes. Years ago, these dedicated crusaders didn’t get much airplay with the executive, since security was a backroom activity for the true geeks of the IT team. Some would say this is still the case today, however, security has always had somewhat of an antagonistic relationship, even confined within the IT organisation…Click HERE to find out more about this article
