Of course, you probably want to know the “how” of better communications skills. This is a discipline unto itself, but there are a few rules of thumb.
Have an outcome in mind
First, before speaking with anyone, have a goal in mind. Do you want to persuade them to your point of view? Get them to comply with a security practice? Help them learn something new and retain it? Your goal should dictate how you communicate. For example, if a client is upset because they’ve been locked out of their machine due to ransomware, you need to calm them down while you fix the problem. Remain professional and reassure them you’re working diligently to fix the issue. If they’re on the phone with you, try to speak calmly and slowly—speaking slowly and calmly can lead to a relaxation response. If your goal is to explain a technical issue, focus on conveying information in the clearest way possible. Try to use non-technical terms with end users. While other technicians will want you to use technical terms to make things faster, they will only confuse and frustrate end users more in a crisis event. Ultimately, knowing your outcome should dictate your strategy.
Simplify and explain
Piggybacking off the previous point, security can quickly get complex. When speaking with end users, it’s important to keep things simple, clear, and concise. They don’t need to know everything—nor do they want to. If you have to use technical jargon, make sure to spell out any terms you need to use. In some cases, you may end up speaking to someone who knows their stuff. Still, try to cut things down into the most concise message possible.
Security can seem like magic to some people. Partly, it seems too complicated for people to think about. But fear plays a role, too. Few people want to think about how others can misuse or steal their data. It’s easy to think “out of sight, out of mind.” Fear may get their attention, but it doesn’t always change behavior—if it did, doctors would have a much easier time reducing heart disease with diet. Instead, one of the best ways to get users to change behavior is to give them simple tips and remind them security isn’t mysterious. For example, if they feel something is off about an email, they should check the sender before clicking any links.
Often, the format you use to communicate dictates how it’s received. When it comes to understanding information, some people will learn better via videos, some prefer to read, and others need hands-on practical information (so it’s good to mix all three when giving security training). In other cases, you may want to consider how displaying information matters to the audience. For example, many business executives and stakeholders are used to visualizing information in charts and graphs; telling them you’ve improved their security posture may not be as effective as showing data-driven graphs and visualizations. Often, a good RMM solution or security product will offer brandable reports to help you show your value to your customers.
Communicating with your customers and users
At the end of the day, technical skill obviously matters a great deal in security. However, when you get past a certain level of skill, your communication abilities can play a greater role in getting users to practice better security, team members to accomplish tasks more effectively, and customers to understand your value.
Of course, the tools you use should be designed to communicate information easily and clearly to your team. SolarWinds® Endpoint Detection and Response can help your team better protect endpoints from attacks and can give you clear visibility into threats via forensics, attack timelines, executive summaries, and other reports. Learn more today.
Kim Cecchini is Senior Director of Corporate Communications, MSP at SolarWinds