Security Unlocked 7.28.21
Ep 38 | 7.28.21

Talking Security With Non-Security Professionals

Show Notes

Every occupation has its unique jargon that allows professionals to speak their own language and understand each other’s shorthand.  Those of us in the world of cybersecurity are no exception as we frequently toss around acronyms and abbreviations, but how can we cybersecurity professionals communicate all of this crucial ingrained knowledge to people who haven’t the faintest idea about technology, security, or what our conversational shorthand even means?  

In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla speak with Microsoft’s Chief Security Advisor, Sarah Armstrong-Smith, about the most effective ways to communicate high-level security topics with non-security professionals. In order to create a more secure world, it’s paramount that the non-tech savvy are equally informed and protected, and Sarah has some excellent tips in achieving that goal. 

In This Episode You Will Learn: 

  • How important it is to define ‘risk’  
  • Why it's a mistake to think of cyber protections as a necessary evil in a corporation
  • The value of introducing topics by asking questions rather than lecturing 

Some Questions We Ask: 

  • Who should be driving security conversations in an organization? 
  • How should we introduce cybersecurity concepts non-cybersecurity professionals? 
  • What are some tips for complex organizations introducing their teams to cybersecurity concepts? 

Resources: 

Sarah Armstrong-Smith's Blog post part 1

Sarah Armstrong-Smith's Blog post part 2

Sarah Armstrong-Smith's Blog post part 3

Sarah Armstrong-Smith's Blog post part 4

Sarah Armstrong-Smith's LinkedIn

Microsoft Security Blog

Related:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked: CISO Series with Bret Arsenault 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  


Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.