Last week I spoke with Trica Howard about social engineering attacks and user education. Given that social engineering and poorly trained users are two of the biggest cyber security problems ever, it was a good conversation.
This week I spoke with another security communication specialist, tech writer Stacey Holleran. We both write about cyber security in a professional manner, but Holleran's work involves a number of different but crucial responsibilities.
Kim Crawley: Tell me about yourself and what you do.
Stacey Holleran: I see myself as a communicator for technology marketing. It's a bit different than a real marketer because I don't have everything to do with generating leads. My focus is on more thought leadership and promoting the company and its technology in the space in which it is located. So that's the situation nowadays.
KC: Wow. That sounds like what I do. I write vendor blogs for a living for cyber security vendor blogs. Is your work different from mine?
SH: It is that and more! At ControlScan I am responsible for two blogs and also for research studies in the industry, speaking engagements, PR and media relations … And other content such as customer responses, educational webinars, etc. I also monitor our social media channels.
KC: So our work overlaps! Fascinating. How did you get in?
SH: I have always liked to write, so I have my undergraduate degree in English with an emphasis in technical writing, minored in PR. Started my career as a technical writer, but switched to a marketing role when an opportunity arose. It was an internal move for me and just really in the right place at the right time!
KC: Minus the login details, we are very similar.
SH: Moreover, I had a mentor who had a positive impact during my time there.
KC: How was your mentor?
SH: I reported directly to him and he gave me a lot of leeway in my decision-making, although I was green in many ways. He also made it a point to defend my ideas against the higher groups. And I always talked through mistakes without making me feel that it was all my fault or the end of the world.
KC: That is amazing. You were lucky that you had it. If someone had told me at the age of 16 that one day I would be considered a computer technology expert, I would not have believed them. Do you feel the same?
SH: What surprises me most about where I am now is the technology I use to communicate as part of my daily work.
I can work and communicate anywhere and share information to make things happen! I can transfer ideas and information to people or I can put it there and then attract it.
KC: Exactly. Does it bother you how we have a world of knowledge in our pockets and yet people choose to be ignorant?
SH: Absolutely! It bothers me. And I often think about it. It is difficult because for me people are looking for knowledge, but they are actually stopping in the wrong place. I don't think they choose ignorance. If you ask them, they will say they educate themselves. They simply adjust their own prejudice.
KC: With news sources that confirm their prejudices. Yep. Has sexism ever been a problem in your career?
SH: OMG yes. And more recently, ageism.
KC: Ugh. I recently turned 35. Do I also have to worry about ageism?
SH: Only when you are forty. You are suddenly seen as lazy without new ideas.
KC: Do you think that that kind of old age is more likely to strike women?
SH: Yes. I read somewhere that it is 40 for women and 50 for men. In my personal experience I have seen that as true.
KC: It is awesome. Our sexuality and fertility has nothing to do with the value of our technical ideas, but even beyond the realm of beauty and sexuality, ageism affects us more.
SH: Yes. It's the weirdest thing. Talking about a double-whammy for someone who wants to have children in their thirties …
KC: What are some of the misconceptions that people have about what you do?
SH: The biggest misconception is that there is no strategy behind it. The content I make and the conversations I follow are almost never & # 39; one-time & # 39 ;. In other words, every activity or output is part of a program designed to further embed or expand the reach of a specific message.
KC: How did you see cyber attacks and did the threat landscape change over time?
SH: Speaking from the point of view of my (no ControlScan): I have seen that ransomware is causing more and more problems for SMEs in the past year. While in the past the major concern was data breach, they still have to worry about those * plus * network acquisitions that may make them helpless.
KC: Are people outside cyber security more aware of cyber threats?
SH: Unfortunately, in the SMB room, no. ControlScan published a research report (written by Yours Truly) on Monday that addresses this topic.
KC: There is a big difference between your work and mine. None of my work has been paid.
SH: Hahaha is true.
KC: Do you have any advice for people who want to write technically?
SH: The ability to communicate effectively, especially in writing, is an incredibly useful and important skill. Regardless of industry, companies need individuals who can communicate their language to a wider audience through written content.
So if you like to write, my advice is to follow a course that will sharpen your ability to use it as a communication tool.
KC: I learned a lot from you, Stacey. Do you have anything else you would like to add before we leave?
SH: We haven't talked much about safety … but I want to say that I really like the infosec field. Of all the technical areas that I have experienced, this was the most fascinating for me.
In general, the thing I'm always looking for in a position is the ability to work for an organization that somehow improves society, that is, contributes to the greater good. ControlScan (and the infosec industry in general) does that in spades.
Last week Trica Howard