• United States




How to turn cyber babble into a language we all speak

May 23, 20184 mins
IT Leadership

In today’s digital age, assuming everyone speaks the same language will leave everyone frustrated and babbling, including you.

Conceptual images of a woman listening to a stream of abstract letters.
Credit: siphotography / Getty Images

There’s a lot of cyber babble out there that creates AI confusion, drives poor cybersecurity decision-making and kills key safety initiatives. Part of the issue is that we assume we all speak the same language and thus are in alignment. On the other side of the coin, we sometimes feel foolish because we don’t understand the language being spoken and assume it’s our fault (see video below).

(Test your assumptions. Click on the video above)

The reality is that the language of AI and cybersecurity is both in its infancy and ever changing. For example, when people use the term “cybersecurity,” there is an assumption that we’re all talking about the same thing. However, this is not true. Case in point, even the experts can’t agree if cybersecurity is spelled as one word or two.

Or consider this: A chief marketing officer thinks of AI as chatbots to promote a brand, a business manager considers AI as a system for cutting overhead, a CSO thinks of AI as a defensive tool against malicious attacks, and the public sees it as Google Duplex.

Nevertheless, infosecurity-speak that was once confined within the tech world is making its way into everyone’s world because in the digital age, security is everyone’s concern. Business executives have to make budgeting decisions affecting cybersecurity projects. Boards of directors are now accountable for privacy guidelines. Consumers need to create strategies for protecting their IoT from hacking.

This means that the CSO’s role is expanding to include helping people throughout the organization speak the same language. When done successfully, this will drive alignment in thinking with management while minimizing dangerous assumptions that weaken security efforts. Here are three things you can do to enhance this type of alignment:

1. Try to see the situation through the other person’s eyes

We assume the world thinks just like us. Everyone thinks this way. This means that the more you can see the world through another person’s eyes, the better you can understand where that person is coming from. For example, one cybersecurity instructor tests future analysts on how well they cheat. The theory is that the best way to defeat the enemy is to think like them.

When you deal with management, understanding his or her thinking helps you speak in in their terms and increase the chances of getting a sign off for your budgets. This can be a frustrating process because you’d rather have others see the world through your lens. But the odds of this happening outside your immediate team are slim.

2. Think conceptual but talk concrete

As a CSO you get the big picture, but most non-techies don’t (and even some techies don’t). The “no-brainer” terms you use more often than not need to be spelled out in simpler terms. People don’t like to admit they don’t understand as the video above demonstrates, so don’t assume a shake of the head means they’re getting what you are saying.

3. Verify understanding

Part of your job is to verify key data, such as the stats on website breaches. Communication among people is a form of data that often goes unverified or tested. Instead of assuming that everyone understands what is being said, verify it. Ask them to share their thoughts on what you just said. Or, better yet, ask them to repeat what you just said but in their own words. Warning: People will get irritated having to clarify their thoughts, but they will eventually get used to it if it becomes your practice. The price you pay for a little irritation is a lot less than moving forward without verifying assumptions.

It’s safe to say that when speaking in binary code, the chances of misunderstanding a zero from a one is nil. But once you step outside these digits, language gets more confusing. In today’s digital age, assuming everyone speaks the same language will leave everyone frustrated and babbling, including you.


Andy Cohen is a cybersecurity and infosec thought leader, TEDx and Google Talks, West Point speaker and published author. His new book, Challenge Your Assumptions, Change Your World will be reviewed in the upcoming Army Cyber Defense Review in which Cohen is also a contributing columnist. He customizes his keynotes/workshops to infosec teams, organizational cyber awareness, CEO and senior leaders and to CIOs/CSCO and their teams.

Andy is founder of Andy Cohen Worldwide.

The opinions expressed in this blog are those of Andy Cohen and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.