Ben's Book of The Month: Speak Security With A Business Accent: How to communicate Cybersecurity Concepts Clearly, Ease Friction with Stakeholders, and Influence Decisions

Ben's Book of The Month: Speak Security With A Business Accent: How to communicate Cybersecurity Concepts Clearly, Ease Friction with Stakeholders, and Influence Decisions

Posted on April 08, 2026 by Ben Rothke

One of the mistakes Information Security technologists often make when presenting to the board or dealing with business leaders in their organization is speaking in the language of technology. Non-technologists don’t speak that language, and if used inappropriately, it can derail an Information Security project.

When it comes to information risk, Measuring and Managing Information Risk: A FAIR Approach, which I reviewed a few months ago here stands out as the definitive guide,. Its value lies in helping risk professionals communicate in the language of corporate boards and executives. By framing information security this way, Factor analysis of information risk (FAIR) enables it to be seen as a strategic asset rather than relying on alarmist statistics.

For those Information Security professionals looking to speak the language of business, which may be a second language to them,Speak Security With A Business Accent: How to communicate Cybersecurity Concepts Clearly, Ease Friction with Stakeholders, and Influence Decisionsdoes a great job of assisting the security pro in getting their cybersecurity message heard, by those outside of the information security group.

Author Joshua Mason writes that the book is for security professionals who are tired of being technically right but strategically ignored. Too many security people use jargon, screenshots from security tools, and other mechanisms that simply do not convey the important message.

The book uses a casual, real-world style, showing how to use effective language without alienating non-technical listeners.

When technologists, especially Information Security experts, rely on technobabble, they risk immediately alienating listeners. This can set a negative tone for meetings or projects and may ultimately derail them.

Mason argues that effective communication is not about oversimplifying your message. It is about connecting with your audience, who may be even more knowledgeable than you. Using language that resonates makes your message far more persuasive.

The book, told through Maya’s perspective, argues that security leaders should act as strategic business partners. Maya’s success stemmed from reframing security and risk in business terms, enabling her to open critical doors.

Some key points the book makes are to translate, not transmit. That means stopping the assumption that others will understand or even care about the speaker's security expertise. The job of the security leader is not to recite technical details, but to translate security issues into a shared understanding and actionable clarity.

Another valuable tool he suggests is to make security their idea. That means inviting others into the solution space. When people contribute to the outcome, they take ownership. But when you impose, they resist, even if they agree with the solution.

For the security professional who often struggles to be heard,Speak Security With A Business Accent is a great resource that finally, at last, helps you be heard, appreciated, and valued.

Contributors

Ben Rothke

Senior Information Security Manager, Tapad

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSAC™ Conference, or any other co-sponsors. RSAC Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs