[et_pb_section admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”4_4″][et_pb_text admin_label=”Text” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]
The problem with security as a news hook is that when something actually happens, nobody rushes to the phone to tell the press. Consider it a moment. I was unlucky enough recently to have my mobile phone account hacked. All my money has been repaid but am I the only one? Funnily enough my provider hasn’t rushed to issue a release. Sometimes someone has to; many people will recall the hack of the Ashley Madison adultery site, in which so many details were made public that the company had to come clean and warn people.
This is the issue with reporting on some stories. You’re dependent on the “official version” and of course most of the commentators can’t comment on anything else. They may well have heard of something untoward going on but they won’t be in a position to comment on it unless you can demonstrate you’ve substantiated the story from elsewhere. Their position depends on being trustworthy.
This is why the masters of press commentary in the IT security industry are not the people who break the news but the people who are good at explaining stuff. One of the better ones was always on the News at 10 on the BBC, not because he had any particular insight into whichever organisation had just lost a load of details but because he could explain how it happened to individuals with no technical knowledge.
Communicating a technical subject without the aid of a lot of jargon is of course very difficult. It involves a lot of simplification and people can end up assuming you’re dumbing down or talking down to people. Consider this very blog entry; if I were to explain the workings of my computer and how exactly it’s then transmitted to the recipient and placed online, duplicated on every computer belonging to anyone who logs on, and go into detail about how every pixel on the screen is translated, people would lose interest. Tell the same people “I type the blog and you read it” and they’re likely to be affronted that I thought they needed telling.
You can amplify this a hundredfold when it’s something as complex as a DDoS attack, when the perimeter of an organisation is as fluid as a BYOD policy makes it or whether you need to explain the security issues around Big Data or the Internet of Things. Journalists are looking for two things from a good spokesperson. First, very obviously, we need knowledge; if you don’t know what you’re talking about we’ll find out. Second, though, we need the tools to explain complicated concepts to our readers in terms they will understand.
This means quotes. It means imagery, it means ditching the jargon and speaking plainly about a technical subject as if it weren’t technical at all. It’s a tough call but it’s essential.
How good would you be at explaining what you do to your family?