Claire TillsNov 13, 20175 minOther considerations for benefit-framingThere are a few more things you might want to consider when you're using benefit framing for infosec. These are slightly more advanced...
Claire TillsNov 6, 20176 minHow to use benefit frames for infosecLast time, I introduced the basics of gain-loss framing from health communication. I also discussed how this approach should be applied...
Claire TillsOct 26, 20174 minPositive and Proactive: Benefit frames for infosec persuasionI've spoken before about the need for infosec communication and persuasion to move in a more positive and proactive direction. (This...
Claire TillsSep 20, 20176 minThinking about data after a breach: Fear, outrage, or apathy?Just in 2017, we've seen a lot of different types of infosec incidents gain major attention. With that attention, we've seen a variety of...
Claire TillsSep 13, 20176 minCrisis Communication and Incident Response pt. 2So, Equifax happened... this blog is not about that, even though it seems like it is. I wrote it before that news broke. Any resemblance...
Claire TillsSep 6, 20176 minCrisis Communication and Incident Response pt. 1In previous posts, I examined the use of communication at the more granular level of technical attribution, now I'd like to zoom out a...
Claire TillsAug 29, 20175 minMerging attributions: Using communication and technical attribution to drive narrativeIn a previous post, I presented a couple of cases in which communicative attribution (responsibility) and technical attribution...
Claire TillsJul 26, 20173 minFear appeals: what are they good for?Fear can be a great motivator but it can also be paralyzing. Scholars have examined the use of fear appeals in advertising and public...
Claire TillsJul 12, 20175 minAdvanced soft skills for InfoSec: EfficacyUPDATE: I gave a talk on this at BSidesDC and Delaware 2017. Here are my slides for that talk. I've wanted to cover efficacy for a while....
Claire TillsJul 3, 20174 minScared of flying but no breach response plan? Risk perception and information securityIt’s commonly known that we (humans) are bad a evaluating risk. We're consumed by worry about risks that are unlikely to impact us and...
