Communication is the core of any organization, department, or process. It’s a topic I talk about extensively in the world of cybersecurity. That’s why it’s step four of the Secure Methodology and why it’s a critical aspect of every effort.
In this post, we’ll go in-depth on step four. You can read up on the first three: awareness, mindset, and acknowledgment. We’ll start with a recap of the Secure Methodology.
The Secure Methodology: Turning Technical People Into Solid Communicators and Collaborators
Before we jump into communication, here’s a recap on the Secure Methodology. It’s a seven-step process I developed as part of my book, The Smartest Person in the Room. I designed it as a guide for cybersecurity leaders to help improve interpersonal and people skills so that they can work together to combat cybercrime. It’s not about technical aptitude but rather empowering cyber professionals to look beyond the ones and zeroes by being honest communicators. It’s a reframing of cybersecurity culture to be collective and collaborative in solving challenges.
So, let’s dive into step four.
Technical Staff Aren’t the Best Communicators
It’s a total stereotype that logical thinkers are bad communicators. Except, in this case, it’s mostly true. I’m not making a blank assertion, but I’ve been in the business for a long time and witnessed this to be accurate time and time again.
When I talk about poor communication, it’s not that someone isn’t articulate or functions with a limited vocabulary. It also has nothing to do with intelligence. The problem is that there’s a communication gap between technical people and company leadership. It’s so bad that they might as well be speaking another language, and they kind of are with geek speak and jargon.
Why do they do this? Well, it helps them validate to themselves that only they know about the technical world. Those who are outside of it couldn’t dare understand what they do. It keeps them in a place of feeling superior. They’re in this club, and no outsiders are allowed. Except those outsiders are running the company and hold all the budget dollars. When technical workers fail to communicate effectively, they alienate their internal or external customers.
Keeping Geek Speak Alive Assuages Insecurity
At the core of geek speak is insecurity. Most technical people believe they hold the title of the smartest person in the room. If they have this “coded” language, few can make sense of it, so there’s less chance that someone will push back. Speaking in normal terms could expose the fact that they aren’t sure, which would be the worst thing for these people. They never want to admit that they don’t know.
Different stakeholders may request that they simplify the message around cybersecurity because it impacts more than just IT. Cyber attacks are considered a primary risk for any business, so their management and impact are enterprise-wide. All tech people will take away from this is that they need to dumb it down.
Another issue is that cybersecurity training and certification reinforce this by providing pages and pages of acronyms to memorize. Every industry has its shorthand, but this is taking it to a new level that’s not consequential to their ability to be equipped cybersecurity professionals.
Communication also has much to do with listening, just as much as talking. Most technical people don’t score well here, either.
Poor Communicators Are Poor Listeners
Being an effective communicator isn’t just about what you say and how you say it. It’s also about listening! In a fast-paced, dynamic world, attention is fleeting, and the consequence is people who don’t pay attention. It can be hard to stay present and observant.
In addition, many people only listen for agreement or rebuttal. They aren’t taking in what someone is expressing and are simply waiting to give their response either in agreeance or to dispute and argue.
Without active listening in cybersecurity, we can’t fully understand the problem. That creates massive challenges in the field.
Dysfunctional Communication Has a Major Impact on Cybersecurity
As I’ve said, we (the good guys) are losing the cybersecurity war. The defeat isn’t because technical skills, innovation, or tools are subpar. I’d argue it has more to do with the fact that communication is in a state of brokenness. It goes back to the gap referenced above.
If technical people aren’t more inclusive with language to decision-makers, they aren’t likely to get the responses they expect or need. The excuse of “they just don’t get it” isn’t helping matters. They have to get it. If they don’t, then risk increases and resources decrease. That’s the crux of the communication gap between technical people and company leaders — they need to speak about cybersecurity in terms of risk to the business.
Leaders want to protect data and networks. They realize the threat landscape is widening with cyber-attacks in the daily headlines. This group knows that if it happens to them, it will cost them a lot of money and harm their reputation. They are hungry for the facts but not in sentences that don’t sound human. It’s the responsibility of technical teams to express risk and threats in a way that makes sense to anyone and what steps need to be taken to mitigate them.
That becomes the hardest part — getting technical people to first realize their communication is ineffective and then get them on board to make changes.
Why Technical Employees Struggle to Evolve Communication Styles
As noted, the jargon and tech speak are a place of comfort for cyber professionals. They act as a veil over uncertainty. They are also logical creatures that see their work as black and white, so they immediately think they don’t need to improve communication or people skills. They know what’s best, and all the non-technical folks can’t grasp the fundamentals.
Continued thinking in this way will only lead to failures and mistakes. To be a great communicator, you have to be flexible, which seems foreign or negative to them. It’s very uncomfortable for them to be vulnerable in their communication because it might reveal that they don’t know everything. Of course, they don’t because no one does, but change is even more challenging if people can’t see this as a possibility.
So, what can you do in a leadership position to incite people to embrace transforming their communication styles?
How to Support Technical People on a Journey to Being Better Communicators
If your technical team improves its communication skills, it can be the best weapon you have in the cybersecurity war. It’s more potent than new technology or the highest technical aptitude. Here are some key things that can make a difference.
Awareness is the first step of the Secure Methodology and is something to revisit. Communication isn’t effective without listening. But you can’t do that until you have a level of awareness, which requires putting yourself in the shoes of others. So, encourage them to practice awareness with communication.
Communication is effective based on the result. The point of communicating something is to receive a response. When you reframe the concept for technical people in this way, they can have an “aha moment” as they understand the results and objectives.
Simplify the Message
There is always a way to simplify the point. Technical people don’t need the comfort of their acronyms to emphasize what matters. Instead, urge them to consider who they are discussing subjects with and how to express things in a way that translates to the non-technical people of the world. They need to refrain from going into cyber talk because they aren’t going to get the result they need or expect.
Bring it back to the purpose and the idea of building rapport with others. Remind that listening for insight helps everybody. The bad guys aren’t sitting in the room with them — the people who can help them are.
Foster a Culture That Appreciates Communication and Sharing
Another part of improving communication is ensuring you create a culture that welcomes it. Your people need to know that if they are trying to share information effectively, you will support them. They’ll certainly make mistakes and revert to old habits, so you’ll want to remember acknowledgment factors — praise them when they communicate well. When they don’t, speak to them privately.
If you create a team that is certain you welcome change, they may be more apt to try harder. Remember, these people don’t like to fail and crave certainty. Of course, change disrupts these patterns, but they’ll do much better if they feel you have their backs.
Moving Forward: Communication Is the Center Point for Cyber Success
Communication is really part of every step of the Secure Methodology. It’s that essential, and it will come up again and again. By focusing on it, your technical people can make great strides in their journey to be better at their jobs and life. You can find more strategies along with exercises to build communication skills in my book, The Smartest Person in the Room, available now, or in my People Skills for Smart People course.