Talking Security With Non-Security Professionals

Every occupation has its unique jargon that allows professionals to speak their own language and understand each other’s shorthand.  Those of us in the world of cybersecurity are no exception as we frequently toss around acronyms and abbreviations, but how can we cybersecurity professionals communicate all of this crucial ingrained knowledge to people who haven’t the faintest idea about technology, security, or what our conversational shorthand even means?  In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla speak with Microsoft’s Chief Security Advisor, Sarah Armstrong-Smith, about the most effective ways to communicate high-level security topics with non-security professionals. In order to create a more secure world, it’s paramount that the non-tech savvy are equally informed and protected, and Sarah has some excellent tips in achieving that goal.  In This Episode You Will Learn: How important it is to define ‘risk’  Why it's a mistake to think of cyber protections as a necessary evil in a corporationThe value of introducing topics by asking questions rather than lecturing  Some Questions We Ask: Who should be driving security conversations in an organization? How should we introduce cybersecurity concepts non-cybersecurity professionals? What are some tips for complex organizations introducing their teams to cybersecurity concepts?  Resources: Sarah Armstrong-Smith's Blog post part 1Sarah Armstrong-Smith's Blog post part 2Sarah Armstrong-Smith's Blog post part 3Sarah Armstrong-Smith's Blog post part 4Sarah Armstrong-Smith's LinkedInMicrosoft Security BlogNic’s LinkedInNatalia’s LinkedIn Related:Listen to: Afternoon Cyber Tea with Ann JohnsonListen to: Security Unlocked: CISO Series with Bret Arsenault Discover and follow other Microsoft podcasts at microsoft.com/podcastsSecurity Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  Hosted on Acast. See acast.com/privacy for more information.