©2019 BY CLEAR SECURITY COMMUNICATION. PROUDLY CREATED WITH WIX.COM

CLEAR SECURITY COMMUNICATION

Reflections on information security from a social science perspective

May 20, 2018

A.P. Møller-Maersk's Chariman Jim Hagemann Snabe said on a panel at the World Economic Forum in January 2018 that "we were basically average when it comes to cybersecurity, like many companies, and this was a wake up call" he also said "we chose a very open dialogue ar...

January 30, 2018

Speaking the same language as your audience is important. In most cases you're already speaking the literal, high-level language of your audience but it's a lot more nuanced than that. Language at a lower level is one thing that trips people up on the way to understand...

January 16, 2018

There are a lot of ways to think about audiences of information security messages. Your relationship to your audience influences how you communicate with them. Why are they listening to you? Are you part of an internal team - are you communicating with your coworkers -...

December 13, 2017

Last post, I went over two methods for understanding or segmenting your audience. The first was based on the influence you have over your audience - why are they listening to you in the first place?

  • Affinity

  • Required to listen

    • Structural reasons

    • ...

November 13, 2017

There are a few more things you might want to consider when you're using benefit framing for infosec. These are slightly more advanced considerations but they're at least worth having on your mind.

"Topping out"

This is the idea that certain people won't respond to your...

November 6, 2017

Last time, I introduced the basics of gain-loss framing from health communication. I also discussed how this approach should be applied to infosec issues. Now I'm going to give you more detail on how to actually use gain-loss framing.

What needs to be manipulated

In orde...

October 26, 2017

I've spoken before about the need for infosec communication and persuasion to move in a more positive and proactive direction. (This isn't an original argument. @iMeluny and @jessysaurusrex have been saying this for a long time now, among others.) Fear isn't an effecti...

October 4, 2017

I don't want to hop on the meme-train here but the saga of Trevor gave me some ideas so here they are. Humor is rare in crisis communication but it's not unheard of. Rumor, on the other hand, is common. People seek information and explanation in a crisis and aren't as...

September 13, 2017

So, Equifax happened... this blog is not about that, even though it seems like it is. I wrote it before that news broke. Any resemblance to that situation is coincidence.

Previously, I went through the first two stages of CERC, pre-crisis and initial, and how they inter...

August 29, 2017

In a previous post, I presented a couple of cases in which communicative attribution (responsibility) and technical attribution conflicted. I selected those cases specifically to show that the public (media, employees, etc.) can pick and choose whether or not to incorp...

Please reload

Our Recent Posts

November 17, 2019

Please reload

Archive

Please reload

Tags

 

ABOUT THE BLOG

This blog is a place for me to explore issues in information security from a somewhat scholarly and very communication-centric viewpoint. Here I'll be talking about scholarly theories from my time in graduate school, best practices (both academic and not) from communication, and how they all play out in information security. I'll also be looking at specific cases and analyzing the communication around them. I'll include citations and links to relevant resources as appropriate in my posts so you can continue explroing some of these topics on your own.