PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
February 2004

Security jargon: Using IT language analogies to explain information security

People! We have to see the forest for the trees! We can't protect the keys to the kingdom when the network is a hard, crunchy shell with a soft, chewy center. It's like we're trying to drive the car by looking in the rearview mirror. Welcome to analogy hell, a.k.a. the world of information security. Ours is a business of nonstop metaphors, cliches, similes and comparisons to quote/unquote real-world scenarios. Should we all agree to put a moratorium on using IT language and analogies to describe what we do? Or is that throwing the baby out with the bathwater? Look, I'm as sick and tired of analogies as you are, but face the facts: without them, it'd be a lot harder to do your job. Next time you meet with an IT manager, try to describe defense-in-depth without talking about the layers of an onion. Try to describe a PC firewall to an end user without talking about doors and locks on a house. You'll just get a blank stare. Fact is, analogies are a good way to educate and motivate both higher-ups and end users. But tread lightly. ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • SOX section 404: Improving security with executive communications

    by  Edward Hurley

    It's widely held that the Sarbanes-Oxley Act will be the two-by-four that gets upper management to pay serious attention to infosecurity. Here you will learn how SOX section 404 plays a hand in improving seucrity with executive communications.

  • Best practices for security report writing

    by  Robert Garigue and Marc Stefaniu

    Concise, targeted security reports command the attention of the executives who need to act on them. Learn best practices for security report writing.

Columns in this issue