Become the Justin Bieber of Information Security
What is there to like about Justin Bieber? He is great at matching his message to his audience, and has received enormous financial rewards for doing that. Personally, I’m not a big fan of Justin Bieber’s and I won’t pay for his product. But, of course, I’m not his target audience.
There is a lot we can learn from Justin Bieber as information security professionals, at least when it comes to giving your audience what they want.
In most organizations, we rely on support and resources from the “core” of the business to fund our activities. However, I also see a lot of organizations who are unwilling to buy what infosec is selling. In other words, they keep deferring security spending in favor of other projects they understand more clearly or from which they see more tangible benefits (also known as ROI).
Are we trying to sell the “music” of information security in a way that doesn’t resonate with our audience? If so, why are we surprised that it is so difficult to get them to pay for what we’re offering?
Want to rock the house when it comes to getting your projects funded? Spend some time researching what your business cares about and find ways to relate your information security activities through that lens, and you might be able to create a few fans. You should also spend some time picking a few metrics or indicators that will help your fans feel more like they are getting something for their money.
You probably won’t pack a stadium with cheering business execs, but you just might get your millions to support your security program. If you become the Justin Bieber of Information Security, let me know – I want your autograph.