Many decision makers in finance or marketing may be involved in IT/cybersecurity procurement, and understanding common IT jargon may be skewed…

Clear communication is everything today. We live in a time-starved world where everyone is lacking the time and energy to engage without knowing the true purpose of what they are doing

Similarly, when people do not understand cybersecurity, they cannot ask IT teams and potential vendors the right questions, challenge the suggested processes, and find solutions to cybersecurity issues within their organizations.

In the world of accounting, finance, legal and marketing, there are tried-and-true methods of communicating clearly to the non-technical management about professional topics. That is why Ethan Seow, co-founder, Centre for AI Leadership, Singapore, is rooting for ways to advocate for clearer communication strategies in cybersecurity matters as well.

To most users today, cloud is just a fancy word that means things are accessible through the internet. However, that is not the term fully encompasses. Once you start explaining that cloud is to be used by organizations to serve their websites and services using the cloud provider’s infrastructure rather than their own, it would make a lot more sense. But for the past 10 years, people have been throwing around the word as if it is some mystical thing that solves all problems.

Today, with information bombarding us from so many online sources, it is more important to be a trusted source of information amid a sea of misinformation and marketing messages that do not help people we work with, to make better decisions.

CybersecAsia: Why is it important for cybersecurity firms to minimize the use of jargon when communicating with clients and the general public?

Ethan Seow (ES): Cybersecurity is a complex and technical field that requires knowledge in software engineering, networking, development operations, cloud infrastructure, hardware, operating systems, etc. Each of these fields has its own definitions and jargon, and it is increasingly difficult for anyone to understand the lingo of each field, let alone a mix the terminologies from all the different fields.

As a result, it can be difficult for clients and general public to learn to trust what they do not or will not understand. This is why it is important to simplify to communicate. I am currently working on providing resources in this area in an open-source approach, where I want to start the ball rolling by providing everyone with the “translation” layer of cybersecurity and business terminologies, so that others can join in to contribute and make cybersecurity well-understood by non-technical people from the business side of organizations.

CybersecAsia: In what ways can simplifying language and avoiding jargon help cybersecurity firms to engage people about cybersecurity best practices and potential threats?

ES: Most cybersecurity firms have clients that believe cybersecurity is a very costly process.

Yes, it can be expensive to a large extent if the organization is a high risk target; but developing a good cybersecurity posture can start with the simpler stuff, such as implementing multi-factor authentication, choosing the right software tools, keeping track of user accounts and IT inventory and so on.

Also, choosing a great product that costs a little more may go a longer way than having many cheaper products when it comes to cybersecurity.

In the field of cybersecurity there is a lot of psychology required to really address the gaps that an organization may face: employee awareness about cybersecurity; how the policies are enforced, and how people utilize cybersecurity products.

By simplifying the language, and educating and engaging the clients, cybersecurity firms can greatly enhance organizations’ security posture while providing great products and services.

CybersecAsia thanks Ethan for sharing his professional views with readers.