Skip to content ↓ | Skip to navigation ↓

Last week I spoke with Trica Howard about social engineering attacks and user education. Considering how social engineering and poorly trained users are two of the most significant cybersecurity problems ever, it was a great conversation.

This week I spoke with another security communications specialist, tech writer Stacey Holleran. We both write about cybersecurity professionally, but Holleran’s work involves some different but crucial responsibilities.

Kim Crawley: Please tell me a bit about yourself and what you do.

Stacey Holleran: I see myself as a technology marketing communicator. It’s a bit different from a straight up marketer in that I’m not all about lead generation. My focus is more thought leadership and promoting the company and its technology in the space it’s in. So that is infosec these days.

KC: Wow. That sounds like what I do. I write for cybersecurity vendor blogs for a living. Does your work differ from mine?

SH: It is that and more! At ControlScan I’m responsible for two blogs as well as industry research studies, speaking engagements, PR and media relations… And other content such as customer testimonials, educational webinars, etc. I also oversee our social media channels.

KC: So our work overlaps! Fascinating. How did you get into it?

SH: I always loved to write, so I got my bachelors degree in English with an emphasis in technical writing, minored in PR. Started my career as a technical writer, but transitioned to a marketing role when an opportunity arose. It was an internal move for me and just really in the right place at the right time!

KC: Minus the credentials, we’re very similar.

SH: Plus I had a mentor who made a positive impact during my time there.

KC: What was your mentor like?

SH: I reported directly to him and he gave me a lot of latitude in my decision making, even though I was green in many ways. He also made it a point to champion my ideas to the higher ups. And always talked me through errors without making me feel like it was all my fault or the end of the world.

KC: That’s amazing. You were lucky to have him. If someone had told me when I was 16 that I would be considered to be a computer technology expert one day, I wouldn’t have believed them. Do you feel the same way?

SH: What surprises me most about where I am now is the technology I use to communicate as part of my everyday work.

I can be anywhere working and communicating and sharing information to make things happen! I can bring ideas and information to people or I can put it out there and then attract them to it.

KC: Exactly. Doesn’t it bother you how we have a world of knowledge in our pockets and yet people choose to be ignorant?

SH: Absolutely! It does bother me. And I think about it a lot. It’s difficult because to me, people are seeking knowledge but They’re actually stopping at the wrong place. I don’t think they choose ignorance. If you ask them, they’ll say they’re educating themselves. They’re just applying their own bias to it.

KC: With news sources that confirm their biases. Yep. Has sexism ever been an issue in your career?

SH: OMG yes. And more recently, ageism.

KC: Ugh. I turned 35 recently. Do I have to start worrying about ageism too?

SH: Not until you get into your 40s. Suddenly you’ll be seen as lazy with no new ideas.

KC: Do you think that sort of ageism hits earlier for women?

SH: Yes. I read somewhere that for women it’s 40 and for men it’s 50. In my personal experience I’ve seen that to be true.

KC: It’s amazing. Our sexuality and fertility has nothing to do with the value of our technical ideas, but even outside of the realms of beauty and sexuality, ageism hits us sooner.

SH: Yes. It’s the strangest thing. Talk about a double-whammy for someone who wants to have children in their 30s…

KC: What are some misconceptions people have about what you do?

SH: The biggest misconception is that there’s no strategy behind it. The content I create and the conversations I pursue are almost never “one-offs.” In other words, each activity or output is part of a program designed to further embed or extend the reach of a specific message.

KC: How have you seen cyber attacks and the threat landscape change over time?

SH: Speaking from my (not ControlScan’s) vantage point: I’ve noticed ransomware giving SMBs an increasing amount of trouble over the last year or so. Whereas in the past the big worry was data breach, now they have to still worry about that *plus* network takeovers that can render them helpless.

KC: Are people outside of cybersecurity becoming more aware of cyber threats?

SH: Sadly, in the SMB space, no. ControlScan published a research report this past Monday (written by Yours Truly) that delves into this topic.

KC: There’s one big difference between your work and mine. None of my work is paywalled.

SH: Hahaha true.

KC: Do you have any advice for people who want to get into technical writing?

SH: The ability to effectively communicate—especially in writing—is an incredibly useful and important skill set. Regardless of industry, businesses need individuals who can speak their language to a broader audience through written content.

So if you enjoy writing, my advice is to pursue an education that sharpens your ability to use it as a communications tool.

KC: I’ve learned a lot from you, Stacey. Do you have anything else that you’d like to add before we go?

SH: We didn’t talk much about security… but I do want to say that I really like the infosec field. Of all the technical fields I’ve been in, this has been the most fascinating to me.

Overall the thing I always look for in a role is the ability to work for an organization that’s bettering society in some way, i.e., contributing to the greater good. ControlScan (and the infosec industry in general) is doing that in spades.

Last Week Trica Howard