Poor Communication: Execs, Security Pros

Friday, May 24, 2013 @ 03:05 PM gHale

IT has its own language and the plant floor has its own language and unfortunately the two often don’t mesh.

They might be saying the same thing, but they just don’t understand each other’s lingo.

DHS Software Flaw Possibly Leaked Data
Port Scans Find Insecure Devices
Flaws in Universal Plug and Play
Firewall Passes Tough Testing

Now throw in the idea there is a difference in the way executive and non executive IT professionals communicate with senior leadership and you have a recipe for mass confusion and a potential for a disaster.

A Hanover Research survey of 131 information security professionals revealed:
• Only 38 percent of non-executive respondents use business-oriented language when communicating with senior executives
• 48 percent of non-executive respondents believe it is somewhat or very difficult to discuss information security with senior management
• 78 percent of executive respondents and 85 percent of non-executive respondents ranked risk management as the highest among key issues they need to communicate with executive leadership about.

“Information security risk is getting a lot of attention due to high-profile incidents and increasing pressure from the SEC, but the good news is this means critical security and risk conversations are occurring at very senior levels in the organization,” said Dwayne Melancon, chief technology officer for Tripwire.

The bad news is most IT security professionals haven’t developed the necessary skills to communicate effectively with non-technical executives.

“IT security professionals tend to focus on granular, technical information, but senior leadership wants to focus on how security can protect business goals like revenue growth, profit, competitive agility and customer satisfaction,” Melancon said.

“This ability to communicate the value of information security in terms easily understood by the rest of the business is a critical skill for career success in IT security,” he said. “Connecting security to the business is destined to become the new normal.”

Leave a Reply

You must be logged in to post a comment.