The Discernible Blog
📬 Mailbag Reader Question
A reader asks: Where should security communications be on the organization chart?
My Top Takeaways from 2023 - and Your Resolutions for 2024
Here are three security communication patterns I observed the most often in 2023 and why you should resolve to address them in 2024.
📬 Mailbag Reader Question
A reader asks: How do you manage truthful communications about an incident while mitigating legal exposure?
“The solution is not buying another server, it’s having better communications.”
Q&A with DEF CON founder and CEO Jeff Moss on the value of security communications.
CUSTOMER CASE STUDY
Discernible was brought in by Twilio’s then CISO to find a creative and easily deployable solution to entice people from across the security organization to speak, blog, and generally share the good work the teams were doing and engage more deeply with their cohort outside the company.
A CISOs right hand on how security communications can build credibility across the organization
Jessica Walters is Senior Security & IT Program Manager at Tessian, and former Chief of Staff to the CISO of Cisco’s Security Business Group. I had the pleasure of working with Jessica in her former role and in this Q&A, she shares her perspective on how to use security communications proactively in building an effective security team.
Not Just Security: CISOs are Business Executives
New research shows effective communication strategy and execution is critical for CISOs to earn and maintain legitimacy with the business.
Keep Calm and Plan On: Expert Advice on Incident Response Communications
In this Q&A with Brooke Pearson, we discuss the relationship between internal and external communications as part of a comprehensive incident response program. Brooke is the former head of security awareness at Uber and Discernible advisory board member.
CEO Interview: “Words with Impact: Communication Tips for Privacy Technologists”
An interview with Discernible CEO Melanie Ensign and the Shifting Privacy Left Podcast.
Turning Incident Response Communications into a Sustainable Security Communications Program
The best incident response communications are built on a foundation of strong, ongoing security communications. Here are a few thoughts on how to do that.
Exercising Influence as the Security Team: Look for Friction Not Just Fuel
Sometimes in security, we try to win people over by pushing harder, missing the friction that prevents them from exercising the behavior or decisions we need.
Measuring Communication Effectiveness in Security and Privacy
Without effective communication, incident response is sluggish and chaotic, policies aren’t followed or enforced, business leaders make uninformed decrees, audits drown team morale, and confusion among external stakeholders breeds mistrust and resentment. If there was ever a time for security and privacy leaders to upgrade their communication skills and those of their team, this is it!
Resilience is a Team Sport Chief Security Officers Must Learn How to Coach
One of the most overlooked aspects of incident response is how the culture, communication, and resilience of security teams will change.
