I spent the first nineteen days of National Cyber Security Awareness Month giving some hopefully useful ideas on improving security in your organization. I’m going to spend the remaining days writing about us as IT and security professionals.
To implement change, we need to be able to influence others, such as our managers, our executives, our CEO, or our board of directors. Without the ability to communicate and influence change, our good ideas for improving security remain just that: ideas.
The way we write is often the first thing people learn about us. It represents the first impression of those we need to communicate with. The ideas we are trying to advance are inextricably linked in the minds of our readers with the way the message is presented. Based on what I’ve seen throughout my career, writing is a challenge for many people and I strongly suspect many good ideas fell victim to overly casual writing and a herd of punctuation and spelling mistakes.
Writing is a skill that takes practice. Not just practice, but “deliberate practice” as Anders Ericsson describes in his book “Peak: Secrets from the New Science of Expertise”. Candidly, improving my ability to write is one of the main reasons I started the infosec.engineering blog and in particular, why I challenged myself to write a post every day for NCSAM.
In summary, focus on developing your writing ability. You will benefit professionally, and your organization will benefit more from your ideas.