\u00a0 Over the past few months I've discussed\u00a0security topics with professionals from across America. I keep hearing the same questions: How do we build (or rebuild) the case for improving cybersecurity during this economic downturn? Why aren't more companies (or governments) hiring certified security professionals right now? Why can't my security\u00a0program get any respect from upper management? Should I just sit back and ride out the recession\u00a0by waiting? Why doesn't my management get it? Or, getting even more personal, why can't I find a security job?\u00a0 Bottom line,\u00a0with all of the ID Theft, fraud and hacker stories, why are they cutting my security budget? No doubt, much of what is going on is out of our control. Layoffs, furlough days, and salary cuts are common across industries. Most technology and security projects are getting hit hard. Where good ideas used to require a 3-5 year ROI, getting approval for new initiatives may now\u00a0mean near-real-time\u00a0cost savings\u00a0- or at least same year hard savings.\u00a0 Yes, there are plenty\u00a0of good answers.\u00a0Hundreds\u00a0of articles and white papers have been written over the past few years\u00a0on\u00a0return on investment\u00a0(ROI) for security, \u00a0the fear, uncertainty and doubt (FUD)-factor, focusing on risk assessments and\u00a0ways to\u00a0leverage HIPAA and other compliance\u00a0efforts.\u00a0I've used each of these approaches over the years to sell security projects, and we still need to apply\u00a0similar arguments. \u00a0 But can we be doing more to improve our chances? More important, should we\u00a0act differently moving forward?\u00a0 I\u00a0think we need\u00a0to focus on our language. What\u00a0are the\u00a0enterprise priorities and the words we say to describe those priorities?\u00a0Good\u00a0security execs\u00a0have\u00a0learned that\u00a0they need to be discussing how to\u00a0enable not disable\u00a0and offer secure alternatives, but what are we enabling? \u00a0I was intrigued by this New York Times blog by Saul Hansell\u00a0entitled: The Nation's CTO Lays Out His Priorities. Saul had a chance to sit down with Aneesh Chopra\u00a0recently.\u00a0Saul describes the key areas that will drive\u00a0Mr. Chopra's\u00a0next few years:Economic growth through innovation Addressing presidential priorities through innovation platforms Building the next-generation digital infrastructure Fostering a culture of open and innovative government\u00a0\u00a0I know, Aneesh Chopra is not the President's new Cyber Czar. He's doesn't even mention the word "security" in his four mentioned priorities.\u00a0But if you read these and say "so what," I suspect that you may need to change your language in describing the benefits of security. Perhaps you should even consider rebuilding your approach to gaining wider executive buy-in.\u00a0Gaining\u00a0the required\u00a0support for\u00a0security requires\u00a0us to use the same words that our most senior leaders use - whether in government or in the private sector. Take another look at the list. The case can be made that cybersecurity is an integral component to each of\u00a0Aneesh Chopra's\u00a0stated priorities, but I'll leave that\u00a0argument\u00a0to be made on\u00a0another day.\u00a0\u00a0My point is that we need to rethink the words we use to sell security\u00a0(or any other technology initiative) in this new environment. Despite their validity, the old\u00a0arguments for security\u00a0often fall short today when everyone is cutting. Success\u00a0usually starts with the right words on the agenda\u00a0for important meetings with key stakeholders. Use the wrong words, and that\u00a0urgent threat discussion may never even occur.\u00a0\u00a0I'm not talking about spin, but allowing\u00a0security\u00a0and risk to be incorporated into hot projects. Focus on\u00a0their agenda, and you will be more successful. Most of all, watch your language.\u00a0\u00a0\u00a0What are your thoughts? Any good war stories\u00a0about selling security to execs?