I had the chance this week to speak at the 44CON Cyber Security conference on communication skills.
One of the take aways from my talk is that security professionals should always think CISSP when they are communicating. Not this CISSP (which is great) but they should think this CISSP when the communicate:
Clear
The single biggest problem in communication is the illusion that it has taken place.
– George Bernard Shaw
How many times have you thought you communicated something clearly only to see it blow up in your face because the words you said and the words they heard weren’t the same.
Making sure your communication is clear is on the most valuable communication skills you can work on.
Informative
The more informative your communication is the more persuasive it will be. It is why I am a big fan of the PoC||GTFO concept. You will be amazed at how fast you can get things moving if you can show someone a proof of concept of a bug.
Simple
sim·ple
ˈsimpəl
adjective
easily understood or done; presenting no difficulty.
When you communicate do you make sure you have done all the calculus of the problem and left the easiest problem available?
Succinct
I was talking to a marketing professional a few weeks ago and he average executive reads the first 3 lines of an email. If you are sending the CIO a 3000 word email on a XSS bug you found you have wasted 2900 words.
Passionate
“I have no special talents. I am only passionately curious.” -Albert Einstein
“You have to be burning with an idea, or a problem, or a wrong that you want to right. If you’re not passionate enough from the start, you’ll never stick it out.” ― Steve Jobs
If you make sure your communication is clear, informative, simple, succinct and passionate you will be amazed t home many more doors will be opened for you.
