NuHarbor Security
  • Solutions
    Solutions
    Custom cybersecurity solutions that meet you where you are.
    • Overview
    • Our Approach
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • By Business Need
      • Identify Gaps in My Cybersecurity Plan
      • Detect and Respond to Threats in My Environment
      • Fulfill Compliance Assessments and Requirements
      • Verify Security With Expert-Led Testing
      • Manage Complex Cybersecurity Technologies
      • Security Monitoring With Splunk
    • By Industry
      • State & Local Government
      • Higher Education
      • Federal
      • Finance
      • Healthcare
      • Insurance
    Report 2022 SLED Cybersecurity Priorities Report
    2022 SLED Cybersecurity Priorities Report
    Read Report
  • Services
    Services
    Outcomes you want from a team of experts you can trust.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Security Testing
      • Infrastructure Penetration Testing
      • Application Penetration Testing
      • Vulnerability Scanning
      • Wireless Penetration Testing
    • Assessment & Compliance
      • CMMC Compliance
      • NIST 800-53
      • HIPAA Security Standards
      • ISO 27001
      • MARS-E Security Standards
      • New York Cybersecurity (23 NYCRR 500)
      • Payment Card Industry (PCI)
    • Advisory & Planning
      • Security Strategy
      • Incident Response Planning
      • Security Program Reviews
      • Security Risk Assessments
      • Virtual CISO
      • Policy Review
    • Managed Services
      • Managed Detection and Response (MDR)
      • SOC as a Service
      • Vulnerability Management
      • Vendor Security Assessments
      • Curated Threat Intelligence
    Report 2022 SLED Cybersecurity Priorities Report
    2022 SLED Cybersecurity Priorities Report
    Read Report
  • Partners
  • Resources
    Resources
    Explore reports, webinars, case studies, and more.
    • Browse Resources
    • Consultation Icon Consult with an expert
    • Blog icon Blog
    • Podcast icon Podcast
    • Annual SLED CPR icon Annual SLED CPR
    • Downloadable Assets icon Downloadable Assets
    Report 2022 SLED Cybersecurity Priorities Report
    2022 SLED Cybersecurity Priorities Report
    Read Report
  • Company
    Company
    We do cybersecurity differently – the right way.
    • Overview
    • Data Icon Resources
    • Consultation Icon Consult with an expert
    • Leadership
    • News
    • Careers
    • Contact
    Report 2022 SLED Cybersecurity Priorities Report
    2022 SLED Cybersecurity Priorities Report
    Read Report
  • Consult with an expert
  • Careers
  • Contact
1.800.917.5719
NuHarbor Security Blog
    • Compliance
    • Cybersecurity Technology
    • Security Operations
    • Industry Insights
    • Security Testing
    • Application Security
    • Managed Detection and Response
    • Advisory and Planning
    • NuHarbor
    • Threat Intelligence
November 21, 2022

Improve Your Argument to Move Past Cybersecurity FUD

Justin Fimlaid

In the past year we saw tremendous growth in cybersecurity, with many new professionals entering our industry. Looking to 2023 and beyond, I expect even more growth.

It’s always interesting to see newcomers find their own position on cybersecurity drivers, many of which we generally categorize as “fear, uncertainty, and doubt.” More commonly known as FUD, this emotionally charged strategy is commonly used by marketing and sales teams, polling groups, and public relations offices in nearly all industries. They’re trying to influence consumer perception of a product or priority by appealing to basic fear.

Personally speaking, when I see cybersecurity professionals that rely on FUD, I know it’s an indication of one of two issues. One, it’s someone new and fairly unversed in the industry, or two, it’s someone who really needs to work on improving their social persuasion and justification for the importance of cybersecurity.

If you’re in the first category, you’re a new player in the cybersecurity game – welcome! The cybersecurity industry needs you. As you’ll soon learn, FUD-based tactics are sadly commonplace, even cliched, in our industry. Some of these topics, like ransomware or advanced persistent threats, have been around for years, but some cybersecurity professionals keep noting such well-established vectors as new or newly worrisome. It’s like crossing a busy street on foot. Is it new? No. Is it something to be worried about? Yes, but for most of us over age 10, we know crossing the street can be dangerous and have already learned to look both ways first. We don’t make a big deal out of it, but for those that do, you’re sure to get weird looks from your soon-to-be-short-term friends. The rest of us are aware that the threat may exist, but it’s easily managed.

The same rings true for the world of cybersecurity. Once we’ve found a way to manage a known threat, there’s no need to fear it on a continuing basis. I’d encourage you, as a new member of our industry, to keep digging and improve your knowledge and experience with threats. We’ve all been where you are, at “the starting spot.” We all know that to level up your cybersecurity knowledge and chops, it takes practice, consistency, and work.

For those in the second category who have been around awhile and still highlight cybersecurity FUD, you’ve probably realized it has a diminishing effect. People start tuning you out when you repeatedly use FUD tactics because business is competitive, dollars are often scarce, and scaring people with cybersecurity FUD may work once or twice but will quickly become as effective as selling directions for crossing the street. This is true in all parts of business – IT, finance, human resources, technical support, sales, and the list goes on. If you can’t make solid business justifications based in facts, you’ll never get your agenda accepted by the organization you support.

You simply can’t rely on FUD tactics to be a long-term solution for convincing your clients that you deserve their trust. I’ve long held the position that effective cybersecurity leadership requires political savvy, and that need only increases as you advance in seniority. This is important: you can have the best idea in the world, but it won’t matter if you can’t persuade others to support it. If you don’t develop the capability to dive in and offer innovative solutions without using FUD, it will lead to feelings of frustration, resentment, and burnout in your career, in the company you work for, and in our industry.

How do I know? I’ve been there.

While I never allowed myself to peddle cybersecurity FUD, I did learn that I needed solid arguments if I expected anyone else to trust my recommendations for their organization.

To rise above using simple tactics like FUD takes hard work, and I’m personally thankful for the tough love I received as I found my own place in our industry. In time, as you move from the “top technical cybersecurity resource” to a “businessperson with top-notch cybersecurity expertise” you’ll build the social toolkit for a role in cybersecurity, and your job will get markedly easier.

The result of this no-FUD approach? Expectations are clear, your job has a well-understood purpose, and your organization is apprised of its cybersecurity posture. There will be no surprises, making budgeting and all other planning easier. As you work towards this success, watch for opportunities to re-educate and for communications that need to improve. The key is not falling back on simple FUD tactics to get there.

Included Topics

  • Industry Insights

Related Posts

Compliance 4 min read
Open Banking Directive and securing web application vulnerabilities Read More
Industry Insights 4 min read
Cyber Safety: Prevention, Protection, and Everything in Between Read More
Compliance 1 min read
Why Boutique Security Firms Will Lead in the Age of Guerrilla Cyberwarfare Read More

Subscribe via Email

Subscribe to our blog to get insights sent directly to your inbox.

Subscribe Here!

Latest Pwned episodes

Episode 183 - Making a New Cybersecurity Job Work
September 06, 2023
Episode 183 - Making a New Cybersecurity Job Work
Listen Now
Episode 182 - The Next AI Episode - With Diana Kelley!
August 23, 2023
Episode 182 - The Next AI Episode - With Diana Kelley!
Listen Now
Episode 181 - Breached Trust: Lazarus Making Friends
August 16, 2023
Episode 181 - Breached Trust: Lazarus Making Friends
Listen Now
NuHarbor Security logo
NuHarbor Security

553 Roosevelt Highway
Colchester, VT 05446

1.800.917.5719

  • Solutions
  • Services
  • Partners
  • Resources
  • Company
  • Contact
  • Privacy Policy
Connect
  • Twitter
  • Linkedin
  • YouTube
©2023 NuHarbor Security. All rights reserved.