SlideShare a Scribd company logo

Effective Cybersecurity Communication Skills

Download as PPTX, PDF
Jack Whitsitt
Jack Whitsitt

Presentation describes the problems associated with communication with others - as an information receiver or provider - about cybersecurity and provides insights into how those problems may be overcome through structured communication, the use of positive and negative space, and the setting of perspective and context through lensing.

Education
1 of 44
Effective “Cyber” Security Communication Jack Whitsitt EnergySec |@sintixerr | jack@energysec.org 3/6/2015 1
3/6/2015 2
While developing this presentation, I realized I needed to clearly explain “Cybersecurity” a bit before we could learn to talk about it. So, I started looking up “Cyber” in Google images. A picture is worth 1000 words, right? So, “Cybersecurity”…what is it? 3/6/2015 3
Google Images: “Cyber” 3/6/2015 4
Google Images: “CyberSECURITY” 3/6/2015 5
Google Images: “Cybersecurity News” (Hey! I worked there!) 3/6/2015 6
Google Images: “Hacked” 3/6/2015 7
Google Images: “Washington Post” “Hacked”…Oops 3/6/2015 8
Google: “Cybersecurity” 3/6/2015 9
Google Trends: “Cyber” 3/6/2015 10
What do you think “Cybersecurity” is? 3/6/2015 11
Why does this noise matter? At some point, “Cybersecurity” will make its way into your life and, when it does, you will likely have to talk about it - to each other, to people you will never know, and to people who you might not know you’re communicating with. …And the present confusion creates skeletons and land mines… For Everyone.3/6/2015 12
Skeletons and Landmines?? Cybersecurity is also a new discipline – It’s not even a discipline – We can’t even spell it the same way every time – Combination of multiple disciplines glued together by marketing, myth, culture, and media – There are few common terms, perspectives, and definitions, even among “experts” – Even “Expert” is a tricky word…. Cybersecurity is exciting! Everyone wants in! That makes it a very noisy, confusing topic with misleading information as well as over and under reactions. 3/6/2015 13
Cybersecurity Experts (Really) • System Administrators • Malware Analysts • Incident Responders • Lawyers • CISO’s • Procurement Officials • Chairmen of the Senate Whatever Committee • Heads of the NSA • Senior Sales Engineers for Security Companies • Hackers • Children • Criminals • Terrorists • Journalists • Developers • Activists • Evolutionary Biology PhD’s • Diplomats • Control Systems Engineers • Civil Liberties Advocates • Regulators and Auditors • Emergency Managers • Citizens • Operations Staff 3/6/2015 14
And this is why it matters to you… Clearly, cybersecurity is *never* just an IT issue – you have a role to play Whether you are IT security or an Emergency manager or a Lawyer: – You will need to have a basic B.S. filter, at a minimum – Customers and constituents are going to ask you questions – There will be physical consequences of “cyber” activities – You will be in mixed teams – Legislation will affect you personally and professionally – The media always wants its next cyber-high Silence is often worse than poor communication 3/6/2015 15
So, what kind of an expert am I? • Open Source: Development Team: Hackers! • Commercial Security Company: Data Geek: Fake News! • INL/ICS-CERT: National Cyber Incident Response: Heh • TSA: Transportation SSA: Train Communications Wreck • Non-Profit: Energy Industry: NIST/Class • Independent: International, Twitter, Here! 3/6/2015 16
Why does it matter who we are? Grudge Holders Motivations, Goals, Resources, Partners, Enemies Fire Setters Vulnerabilities, Tools, Infrastructure, Tactics, Employer Fire Fighters Vulnerabilities, Tools, Infrastructure, Tactics, Employer Fire Code Writers Controls, Risks, Standards, Metrics, Maturity, Process Fire Code Inspectors Auditing, Controls, Metrics, Compliance Victims Privacy, Consequence, Compensation, Protection, Law, Emotion Asset Owners Risk, Likelihood, Compliance, Reputation, Cost Equipment Vendors Features, Controls, Reliability, Solutions Government Partnership, Assurance, Protection, Regulation Reporters Are they going to shut down the power grid like in that movie? Understanding Cybersecurity starts with Perspective 3/6/2015 17
But perspective needs contexts… …or lenses ...otherwise communication can go wildly sideways… 3/6/2015 18
First, what is “Communication”? • The imparting or exchanging of information or news. • The successful conveying or sharing of ideas and feelings. • The discipline of communication focuses on how people use messages to generate meanings within and across various contexts, cultures, channels, and media. • Two-way process of reaching mutual understanding, in which participants not only exchange (encode-decode) information, news, ideas and feelings but also create and share meaning. In general, communication is a means of connecting people or places. 3/6/2015 19
…And how can it go sideways? What could be wrong here? They know their perspectives? 3/6/2015 20
Communication Failures • Poorly Formed Message • Unexpected Message • Wrong Language • Fear • Inundation • Mismatched Need • Poor Timing They both needed to be more aware of the context at the intersection of their perspectives. Let’s call this context awareness “Lensing” 3/6/2015 21
Lensing? • In language, multiple words can be attached to similar objects. • These descriptions are labels. • Labels can be formal, be informal, develop organically, be created for a purpose, describe behavior, describe features, start out describing features but end up describing categories • Cybersecurity, as a label, is a bit of all of this and also contains unlimited labels • Lenses, for our purposes, are informal collections of labels and contexts to focus perspectives on common goals “Lenses” can be great communication tools Let’s explore a few Cybersecurity Lenses 3/6/2015 22
The Nature of Cybersecurity: A Parasite Lens 3/6/2015 23
The Nature of Cybersecurity: A Business Lens 3/6/2015 24
The Nature of Cybersecurity: An Attacker Lens (Source: http://www.commerce.senate.gov/public/?a=Files.Serve&File_id=24d3c229-4f2f-405d-b8db-a3a67f183883 via Lockheed Martin) 3/6/2015 25
The Nature of Cybersecurity: Cybersecurity: A Defender Lens Source: https://isc.sans.edu/diaryimages/a207889185ca6b4ccbf43d94e017a663 3/6/2015 26
The Nature of Cybersecurity: A Compliance Lens 3/6/2015 27
The Nature of Cybersecurity: A Government & Policy Lens Prosecute & Convict? Defend? Listen? Convince?3/6/2015 28
The Nature of Cybersecurity: Consequence Lens 3/6/2015 29
The Nature of Cybersecurity: A Scale Lens 3/6/2015 30
The Nature of Cybersecurity: A Bad Metaphor Lens 3/6/2015 31
The Nature of Cybersecurity: A Who Dunnit? Lens 3/6/2015 32
The Nature of Cybersecurity: A Human Lens 3/6/2015 33
The Nature of Cybersecurity: A Fear Lens 3/6/2015 34
For what it’s worth, what’s my Lens? • A Secure System is one that does no more or less than we want it to for the amount of effort and resources we’re willing to invest in it. • Cybersecurity is the enablement of an environment in which business objectives are sustainably achievable in the face of the continuous risk resulting from the use of cyber systems. • Cyber Risk is the possibility that actors will use our systems as a means of repurposing our value chains to alter the value produced, inhibit the value produced, or produce new value in support of their own value chains. 3/6/2015 35
So how do we talk about it? Pair structured lenses with Perspectives. …and so on… 3/6/2015 36
Essentials of A Structured Cybersecurity Communication Lens • Who is communicating? • What is their unstated origin context? • What context are they communicating with? • What perspective are they communicating to? • What are they asserting explicitly? • What are they implying? • What are they not asserting? 3/6/2015 37
REMEMBER: Use BOTH Negative and Positive Space • When dealing with a topic that is not fully defined, there can be unacceptable room for content interpretation • The use of negative space is helpful – By articulating what is not, we can learn what is – By articulating what might be and why we believe it is not, we retain control of dialogue about alternatives – By articulating what we don’t know, bad assumptions of knowledge are avoided – By articulating both positive and negative space, we increase the odds of the listener receiving the information we think we’re communicating This is a crucial communication tactic, especially with Media and Incident Response 3/6/2015 38
Perspective intersections can help illuminate applicable contexts Being Talked About GrudgeHolder FireSetters FireFighters FireCodeWriters FireCodeInspectors Victims AssetOwners EquipmentVendors Government Reporters Grudge Holders Parasites, Business, Attack Architecture, Defense Architecture, Compliance & Standards, Government Policy, Consequences, People, Skewed Scale,Broken Metaphor, Attribution, more Fire Setters Fire Fighters Fire Code Writers Fire Code Inspectors Victims Asset Owners Equipment Vendors Government Reporters3/6/2015 39
Parsing Communication: Things to Look for (In Positive & Negative Space) • Perspectives Represented – Source, Destination, Motivations, Inhibitors, Constraints • Directionality Described – Attack, Protect, Avoid, Recover, Enable, Present, Educate • Action Levers Requested – Technology, Tech Services, Policy, Law, Education, Money • “Real World” Context – Cybersecurity means nothing by itself • “Real World” Context – Cybersecurity means nothing by itself • Consequences & Audiences of Communication – Intended, Unintended • Tactics – The actual content itself • Alternative Theories – ALWAYS provide to recipient, or to yourself as a receiver, a valid alternate narrative • Sources – Where is their information coming from? 3/6/2015 40
Ask “Lensing” and “Perspective” questions of received information. Repackage into a structure Apply Positive and Negative Space Example: Receiving and Re-Sending Incident & Vulnerability Information The original information received was in unstructured, but formal paragraph form. It should also, but does not, discuss confidence and alternate situations 3/6/2015 41
Remember • First Principles Still Apply: – Cybersecurity isn’t magic and can *mostly* be managed like any other emergency – Communication should always be calm, honest, succinct, factual, and clear • Clarity, though, in cybersecurity, is difficult right now, for everyone, so remember: – Perspective – Context and Lensing – Positive & Negative Space – Structured Communications 3/6/2015 42
Media Examples (!!!) • Uncle Sam Wants 10,000 Cyber Warriors!!! • NIST (Voluntary) Cybersecurity Framework will be Mandatory!!! • Target Security Staff Didn’t look at Security Alerts!!! • Sony was compromised by North Korea and had Terrible Security!!! • Are Energy Grid is Being Attacked Daily!!! • NSA wants us to give them all our information (Re Information Sharing Bills)!!! • The Government is hacking my laptop!!! • Secret Obama Executive Order Leaked!!! 3/6/2015 43
Thank you! Jack Whitsitt EnergySec |@sintixerr | jack@energysec.org 3/6/2015 44

Recommended

Yours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceYours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem Space
Jack Whitsitt
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
Jack Whitsitt
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
Paul Di Gangi
 
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020Jessica Graf
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHSInsight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Government Technology and Services Coalition
 

Recommended

Yours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem SpaceYours Anecdotally: Developing a Cybersecurity Problem Space
Yours Anecdotally: Developing a Cybersecurity Problem Space
Jack Whitsitt
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
Jack Whitsitt
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
Paul Di Gangi
 
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020
The Role of Information Security Policy Jessica Graf Assignment 1 Unit 8 IAS5020Jessica Graf
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHSInsight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS
Government Technology and Services Coalition
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Government Technology and Services Coalition
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
Pukhraj Singh
 
A Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesA Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for Businesses
Advanced Imaging Solutions & Pinnacle
 
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh
 
"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity
Dean Iacovelli
 
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research
CSSaunders
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Pukhraj Singh
 
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks
 
CorpExecProfile
CorpExecProfileCorpExecProfile
CorpExecProfileChuck Brooks
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
Dawn Yankeelov
 
The Black Report - Hackers
The Black Report - HackersThe Black Report - Hackers
The Black Report - Hackers
Dendreon
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Joe Bartolo
 
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Pukhraj Singh
 
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
Pukhraj Singh
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
Sara-Jayne Terp
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
Sara-Jayne Terp
 

More Related Content

What's hot

Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Government Technology and Services Coalition
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
Christopher Dorobek
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challengemsdee3362
 
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
Pukhraj Singh
 
A Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesA Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for Businesses
Advanced Imaging Solutions & Pinnacle
 
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh
 
"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity
Dean Iacovelli
 
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research
CSSaunders
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Pukhraj Singh
 
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
Dawn Yankeelov
 
The Black Report - Hackers
The Black Report - HackersThe Black Report - Hackers
The Black Report - Hackers
Dendreon
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Joe Bartolo
 
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Pukhraj Singh
 
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
Pukhraj Singh
 

What's hot (20)

Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
DBryant-Cybersecurity Challenge
DBryant-Cybersecurity ChallengeDBryant-Cybersecurity Challenge
DBryant-Cybersecurity Challenge
 
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
Chuck Brooks, thought leadership on Homeland Security & Cybersecurity, and Em...
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
 
A Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for BusinessesA Guide to Disaster Preparedness for Businesses
A Guide to Disaster Preparedness for Businesses
 
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
Chuck Brooks Profile on Emerging Technologies, Cybersecurity, Homeland Security
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
 
"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity
 
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
Chuck Brooks Profile: Homeland Security, Cybersecurity, Emerging Technologies...
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research
 
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj Singh
 
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
 
CorpExecProfile
CorpExecProfileCorpExecProfile
CorpExecProfile
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
The Black Report - Hackers
The Black Report - HackersThe Black Report - Hackers
The Black Report - Hackers
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
 
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
Chuck Brooks profile on cybersecurity, homeland security, and emerging techno...
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
 

Similar to Effective Cybersecurity Communication Skills

disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
Sara-Jayne Terp
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
Sara-Jayne Terp
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of age
Sara-Jayne Terp
 
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptxCapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
CapitolTechU
 
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
Sara-Jayne Terp
 
CIL Stats Workshop April1 2022 Abram Silk.pdf
CIL Stats Workshop April1 2022 Abram Silk.pdfCIL Stats Workshop April1 2022 Abram Silk.pdf
CIL Stats Workshop April1 2022 Abram Silk.pdf
Stephen Abram
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk Metrics
Iftach Ian Amit
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
Sara-Jayne Terp
 
Agencies, networks and intermediaries: who does what in news?
Agencies, networks and intermediaries: who does what in news?Agencies, networks and intermediaries: who does what in news?
Agencies, networks and intermediaries: who does what in news?
Self-employed
 
Carl Miller
Carl MillerCarl Miller
Carl MillerMRS
 
Practical Opinion Mining for Social Media
Practical Opinion Mining for Social MediaPractical Opinion Mining for Social Media
Practical Opinion Mining for Social Media
Diana Maynard
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Kimberley Dray
 
Data and ethics Training
Data and ethics TrainingData and ethics Training
Data and ethics Training
Legal Services National Technology Assistance Project (LSNTAP)
 
The Ethics of Structured Information
The Ethics of Structured InformationThe Ethics of Structured Information
The Ethics of Structured Information
Nicholas Poole
 
Policy primer net303 study period 3, 2017
Policy primer net303 study period 3, 2017Policy primer net303 study period 3, 2017
Policy primer net303 study period 3, 2017
Steve Mckee
 
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
Claus Cramon Houmann
 
What-Do-We-Do-with-All-This-Big-Data-Altimeter-Group
What-Do-We-Do-with-All-This-Big-Data-Altimeter-GroupWhat-Do-We-Do-with-All-This-Big-Data-Altimeter-Group
What-Do-We-Do-with-All-This-Big-Data-Altimeter-GroupSusan Etlinger
 
What do you do with all this big data
What do you do with all this big dataWhat do you do with all this big data
What do you do with all this big data
CHARANJEET SINGH AHLUWALIA
 
#JTSMAsocial - a social media workshop
#JTSMAsocial - a social media workshop#JTSMAsocial - a social media workshop
#JTSMAsocial - a social media workshop
medavep
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
Tyrone Grandison
 

Similar to Effective Cybersecurity Communication Skills (20)

disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
 
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland2021-05-SJTerp-AMITT_disinfoSoc-umaryland
2021-05-SJTerp-AMITT_disinfoSoc-umaryland
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of age
 
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptxCapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
CapTech Talks--OSINT- Dr. Kellup Charles 10--6-22.pptx
 
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
2021 IWC presentation: Risk, SOCs and Mitigations: Cognitive Security is Comi...
 
CIL Stats Workshop April1 2022 Abram Silk.pdf
CIL Stats Workshop April1 2022 Abram Silk.pdfCIL Stats Workshop April1 2022 Abram Silk.pdf
CIL Stats Workshop April1 2022 Abram Silk.pdf
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk Metrics
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
 
Agencies, networks and intermediaries: who does what in news?
Agencies, networks and intermediaries: who does what in news?Agencies, networks and intermediaries: who does what in news?
Agencies, networks and intermediaries: who does what in news?
 
Carl Miller
Carl MillerCarl Miller
Carl Miller
 
Practical Opinion Mining for Social Media
Practical Opinion Mining for Social MediaPractical Opinion Mining for Social Media
Practical Opinion Mining for Social Media
 
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
Co-Presented: YOU are the Alpha and Omega of a Secure Future (Kottova / Dray)...
 
Data and ethics Training
Data and ethics TrainingData and ethics Training
Data and ethics Training
 
The Ethics of Structured Information
The Ethics of Structured InformationThe Ethics of Structured Information
The Ethics of Structured Information
 
Policy primer net303 study period 3, 2017
Policy primer net303 study period 3, 2017Policy primer net303 study period 3, 2017
Policy primer net303 study period 3, 2017
 
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
I am the Cavalry (The Cavalry Is Us) Sourceconf September 2015
 
What-Do-We-Do-with-All-This-Big-Data-Altimeter-Group
What-Do-We-Do-with-All-This-Big-Data-Altimeter-GroupWhat-Do-We-Do-with-All-This-Big-Data-Altimeter-Group
What-Do-We-Do-with-All-This-Big-Data-Altimeter-Group
 
What do you do with all this big data
What do you do with all this big dataWhat do you do with all this big data
What do you do with all this big data
 
#JTSMAsocial - a social media workshop
#JTSMAsocial - a social media workshop#JTSMAsocial - a social media workshop
#JTSMAsocial - a social media workshop
 
Creating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity ProgramCreating A Diverse CyberSecurity Program
Creating A Diverse CyberSecurity Program
 

Recently uploaded

Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Po-Chuan Chen
 

Recently uploaded (20)

Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
 

Effective Cybersecurity Communication Skills

  • 1. Effective “Cyber” Security Communication Jack Whitsitt EnergySec |@sintixerr | jack@energysec.org 3/6/2015 1
  • 3. While developing this presentation, I realized I needed to clearly explain “Cybersecurity” a bit before we could learn to talk about it. So, I started looking up “Cyber” in Google images. A picture is worth 1000 words, right? So, “Cybersecurity”…what is it? 3/6/2015 3
  • 6. Google Images: “Cybersecurity News” (Hey! I worked there!) 3/6/2015 6
  • 8. Google Images: “Washington Post” “Hacked”…Oops 3/6/2015 8
  • 11. What do you think “Cybersecurity” is? 3/6/2015 11
  • 12. Why does this noise matter? At some point, “Cybersecurity” will make its way into your life and, when it does, you will likely have to talk about it - to each other, to people you will never know, and to people who you might not know you’re communicating with. …And the present confusion creates skeletons and land mines… For Everyone.3/6/2015 12
  • 13. Skeletons and Landmines?? Cybersecurity is also a new discipline – It’s not even a discipline – We can’t even spell it the same way every time – Combination of multiple disciplines glued together by marketing, myth, culture, and media – There are few common terms, perspectives, and definitions, even among “experts” – Even “Expert” is a tricky word…. Cybersecurity is exciting! Everyone wants in! That makes it a very noisy, confusing topic with misleading information as well as over and under reactions. 3/6/2015 13
  • 14. Cybersecurity Experts (Really) • System Administrators • Malware Analysts • Incident Responders • Lawyers • CISO’s • Procurement Officials • Chairmen of the Senate Whatever Committee • Heads of the NSA • Senior Sales Engineers for Security Companies • Hackers • Children • Criminals • Terrorists • Journalists • Developers • Activists • Evolutionary Biology PhD’s • Diplomats • Control Systems Engineers • Civil Liberties Advocates • Regulators and Auditors • Emergency Managers • Citizens • Operations Staff 3/6/2015 14
  • 15. And this is why it matters to you… Clearly, cybersecurity is *never* just an IT issue – you have a role to play Whether you are IT security or an Emergency manager or a Lawyer: – You will need to have a basic B.S. filter, at a minimum – Customers and constituents are going to ask you questions – There will be physical consequences of “cyber” activities – You will be in mixed teams – Legislation will affect you personally and professionally – The media always wants its next cyber-high Silence is often worse than poor communication 3/6/2015 15
  • 16. So, what kind of an expert am I? • Open Source: Development Team: Hackers! • Commercial Security Company: Data Geek: Fake News! • INL/ICS-CERT: National Cyber Incident Response: Heh • TSA: Transportation SSA: Train Communications Wreck • Non-Profit: Energy Industry: NIST/Class • Independent: International, Twitter, Here! 3/6/2015 16
  • 17. Why does it matter who we are? Grudge Holders Motivations, Goals, Resources, Partners, Enemies Fire Setters Vulnerabilities, Tools, Infrastructure, Tactics, Employer Fire Fighters Vulnerabilities, Tools, Infrastructure, Tactics, Employer Fire Code Writers Controls, Risks, Standards, Metrics, Maturity, Process Fire Code Inspectors Auditing, Controls, Metrics, Compliance Victims Privacy, Consequence, Compensation, Protection, Law, Emotion Asset Owners Risk, Likelihood, Compliance, Reputation, Cost Equipment Vendors Features, Controls, Reliability, Solutions Government Partnership, Assurance, Protection, Regulation Reporters Are they going to shut down the power grid like in that movie? Understanding Cybersecurity starts with Perspective 3/6/2015 17
  • 18. But perspective needs contexts… …or lenses ...otherwise communication can go wildly sideways… 3/6/2015 18
  • 19. First, what is “Communication”? • The imparting or exchanging of information or news. • The successful conveying or sharing of ideas and feelings. • The discipline of communication focuses on how people use messages to generate meanings within and across various contexts, cultures, channels, and media. • Two-way process of reaching mutual understanding, in which participants not only exchange (encode-decode) information, news, ideas and feelings but also create and share meaning. In general, communication is a means of connecting people or places. 3/6/2015 19
  • 20. …And how can it go sideways? What could be wrong here? They know their perspectives? 3/6/2015 20
  • 21. Communication Failures • Poorly Formed Message • Unexpected Message • Wrong Language • Fear • Inundation • Mismatched Need • Poor Timing They both needed to be more aware of the context at the intersection of their perspectives. Let’s call this context awareness “Lensing” 3/6/2015 21
  • 22. Lensing? • In language, multiple words can be attached to similar objects. • These descriptions are labels. • Labels can be formal, be informal, develop organically, be created for a purpose, describe behavior, describe features, start out describing features but end up describing categories • Cybersecurity, as a label, is a bit of all of this and also contains unlimited labels • Lenses, for our purposes, are informal collections of labels and contexts to focus perspectives on common goals “Lenses” can be great communication tools Let’s explore a few Cybersecurity Lenses 3/6/2015 22
  • 23. The Nature of Cybersecurity: A Parasite Lens 3/6/2015 23
  • 24. The Nature of Cybersecurity: A Business Lens 3/6/2015 24
  • 25. The Nature of Cybersecurity: An Attacker Lens (Source: http://www.commerce.senate.gov/public/?a=Files.Serve&File_id=24d3c229-4f2f-405d-b8db-a3a67f183883 via Lockheed Martin) 3/6/2015 25
  • 26. The Nature of Cybersecurity: Cybersecurity: A Defender Lens Source: https://isc.sans.edu/diaryimages/a207889185ca6b4ccbf43d94e017a663 3/6/2015 26
  • 27. The Nature of Cybersecurity: A Compliance Lens 3/6/2015 27
  • 28. The Nature of Cybersecurity: A Government & Policy Lens Prosecute & Convict? Defend? Listen? Convince?3/6/2015 28
  • 29. The Nature of Cybersecurity: Consequence Lens 3/6/2015 29
  • 30. The Nature of Cybersecurity: A Scale Lens 3/6/2015 30
  • 31. The Nature of Cybersecurity: A Bad Metaphor Lens 3/6/2015 31
  • 32. The Nature of Cybersecurity: A Who Dunnit? Lens 3/6/2015 32
  • 33. The Nature of Cybersecurity: A Human Lens 3/6/2015 33
  • 34. The Nature of Cybersecurity: A Fear Lens 3/6/2015 34
  • 35. For what it’s worth, what’s my Lens? • A Secure System is one that does no more or less than we want it to for the amount of effort and resources we’re willing to invest in it. • Cybersecurity is the enablement of an environment in which business objectives are sustainably achievable in the face of the continuous risk resulting from the use of cyber systems. • Cyber Risk is the possibility that actors will use our systems as a means of repurposing our value chains to alter the value produced, inhibit the value produced, or produce new value in support of their own value chains. 3/6/2015 35
  • 36. So how do we talk about it? Pair structured lenses with Perspectives. …and so on… 3/6/2015 36
  • 37. Essentials of A Structured Cybersecurity Communication Lens • Who is communicating? • What is their unstated origin context? • What context are they communicating with? • What perspective are they communicating to? • What are they asserting explicitly? • What are they implying? • What are they not asserting? 3/6/2015 37
  • 38. REMEMBER: Use BOTH Negative and Positive Space • When dealing with a topic that is not fully defined, there can be unacceptable room for content interpretation • The use of negative space is helpful – By articulating what is not, we can learn what is – By articulating what might be and why we believe it is not, we retain control of dialogue about alternatives – By articulating what we don’t know, bad assumptions of knowledge are avoided – By articulating both positive and negative space, we increase the odds of the listener receiving the information we think we’re communicating This is a crucial communication tactic, especially with Media and Incident Response 3/6/2015 38
  • 39. Perspective intersections can help illuminate applicable contexts Being Talked About GrudgeHolder FireSetters FireFighters FireCodeWriters FireCodeInspectors Victims AssetOwners EquipmentVendors Government Reporters Grudge Holders Parasites, Business, Attack Architecture, Defense Architecture, Compliance & Standards, Government Policy, Consequences, People, Skewed Scale,Broken Metaphor, Attribution, more Fire Setters Fire Fighters Fire Code Writers Fire Code Inspectors Victims Asset Owners Equipment Vendors Government Reporters3/6/2015 39
  • 40. Parsing Communication: Things to Look for (In Positive & Negative Space) • Perspectives Represented – Source, Destination, Motivations, Inhibitors, Constraints • Directionality Described – Attack, Protect, Avoid, Recover, Enable, Present, Educate • Action Levers Requested – Technology, Tech Services, Policy, Law, Education, Money • “Real World” Context – Cybersecurity means nothing by itself • “Real World” Context – Cybersecurity means nothing by itself • Consequences & Audiences of Communication – Intended, Unintended • Tactics – The actual content itself • Alternative Theories – ALWAYS provide to recipient, or to yourself as a receiver, a valid alternate narrative • Sources – Where is their information coming from? 3/6/2015 40
  • 41. Ask “Lensing” and “Perspective” questions of received information. Repackage into a structure Apply Positive and Negative Space Example: Receiving and Re-Sending Incident & Vulnerability Information The original information received was in unstructured, but formal paragraph form. It should also, but does not, discuss confidence and alternate situations 3/6/2015 41
  • 42. Remember • First Principles Still Apply: – Cybersecurity isn’t magic and can *mostly* be managed like any other emergency – Communication should always be calm, honest, succinct, factual, and clear • Clarity, though, in cybersecurity, is difficult right now, for everyone, so remember: – Perspective – Context and Lensing – Positive & Negative Space – Structured Communications 3/6/2015 42
  • 43. Media Examples (!!!) • Uncle Sam Wants 10,000 Cyber Warriors!!! • NIST (Voluntary) Cybersecurity Framework will be Mandatory!!! • Target Security Staff Didn’t look at Security Alerts!!! • Sony was compromised by North Korea and had Terrible Security!!! • Are Energy Grid is Being Attacked Daily!!! • NSA wants us to give them all our information (Re Information Sharing Bills)!!! • The Government is hacking my laptop!!! • Secret Obama Executive Order Leaked!!! 3/6/2015 43
  • 44. Thank you! Jack Whitsitt EnergySec |@sintixerr | jack@energysec.org 3/6/2015 44