Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in.

Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm
Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast
RSS: https://tripwire.libsyn.com/rss
YouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3

Tim Erlin: Welcome everyone to the Tripwire Cybersecurity Podcast. I’m Tim Erlin, vice president of product management and strategy at Tripwire. Today, I am joined by Dr. Eric Cole, who is a former CISO and founder of Secure Anchor Consulting. We’re going to spend a little time today talking about the importance of communication within cybersecurity. Welcome Eric.

Dr. Eric Cole: Thank you for having me.

How Communication and the CISO Fits into Infosec

TE: I want to start off with a straightforward question: why is this topic of communication an important part of information security as a whole?

EC: To me, it’s so important.

Very often in cybersecurity, we forget that we need to communicate to different people who speak different languages. I know many world-class security engineers spend their day talking to other world-class security engineers, but when you then have to talk to executives, business leaders, and managers, they speak a different language. And if you don’t understand their language and learn how to communicate, you’re not going to be very effective at accomplishing what you need to, which is securing the organization.

TE: Does the flip side of that also apply? Like if you’re in cybersecurity, should you expect others to come to you and speak your language?

EC: Two things there. One, we could make an argument that a CEO or a CFO needs to speak my language. But their job is running the business, and your job is to support them. (Read more...)