Unlocking Funding for IT Security Projects: A Lesson in Effective Communication
As the role of technology in our daily lives becomes increasingly prominent, it has become more important than ever to ensure that our digital assets are protected from potential cyber threats. Securing funding for IT security projects, however, can be challenging. In this report, we examine the experience of Fred Kwong, chief information security officer at DeVry University, to draw valuable insights into how IT security practitioners can communicate effectively, build relationships, and develop elite presentation skills to unlock funding for important security initiatives.
Lessons from Fred Kwong
Fred had identified several serious gaps in the security posture of his organization and created a detailed justification requesting the necessary budget. He shared his findings with his director, but when his funding request was ultimately rejected by the CISO, Fred felt disappointed, invalidated, and frustrated. He had constructed a solution that he believed to be the best, using language and technical terms that he was comfortable with, but failed to understand that the CISO was not technical and did not see value in his request. Furthermore, Fred was new to the company and had not yet built any relationships with decision-makers, diminishing the credibility of his request.
Core Tactics for Effective Communication
Fortunately, there are three core tactics that IT security practitioners can use to ensure their message is effectively communicated and that they can unlock the funding they need to implement necessary IT security measures.
Tactic 1: Learn How to Tell a Good Story
IT security practitioners must learn to speak in the language of their business counterparts. Fred suggests using risk as the primary language of communication, as businesses understand financial, operational, compliance, and cyber risk. Secondly, complex technical jargon should be translated into layman’s terms, supplemented with relatable anecdotes and real-world scenarios. Finally, decision-makers must be shown the return on investment (ROI) of building out cyber programs.
Tactic 2: Build Relationships
Building relationships with stakeholders across various departments is crucial to gaining support and influencing decision-making processes. Establishing strong connections as a trusted advisor can deliver insight into organization priorities, enabling IT security initiatives to be aligned with business objectives effectively. By building relationships, IT security practitioners can show that they care about their work and want to support it, while collaborating with other departments to identify areas where IT security initiatives can contribute to their objectives.
Tactic 3: Develop Your Presentation Skills
Presenting project proposals in a clear, concise, and persuasive manner is critical to securing funding for IT security initiatives. Decision-makers must be engaged and confidence instilled, with project value and impact effectively communicated. Presentation skills must be tailored to the specific audience, with an understanding of their level of technical knowledge and language resonating with them. Visual aids such as charts, graphs, and infographics can be employed to enhance understanding, simplify complex ideas, and make them more accessible to decision-makers.
Final Thoughts
IT security practitioners must master the art of storytelling, build strategic relationships, and hone sharp presentation skills to effectively communicate the value and necessity of their IT security initiatives. By doing so, they increase their chances of securing the funding required to implement needed IT security measures, safeguarding organizations from potential cyber threats, and ensuring a secure digital future.
Editorial and Advice
IT security initiatives are fundamental in ensuring that digital assets are protected from potential cyber threats, with effective communication the key to securing the funding required to implement necessary security measures. IT security practitioners must ensure that technical jargon is translated into language that business counterparts can understand, build relationships across various departments, and hone presentation skills to effectively communicate project value and impact. By mastering communication skills, IT security practitioners can ensure that their initiatives are aligned with the priorities of the organization and demonstrate the importance of their work.
<< photo by The Coach Space >>
