Mastodon

melanie ensign (she/her)Most security teams ask "what could go wrong?" when planning incident response. But I've found that asking "what could go right?" fundamentally changes how we prepare -- and opens up more positive opportunities for teams in their response. It's possible to thrive through an incident, not merely survive it.<a href="https://defcon.social/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://discernibleinc.com/blog/what-could-go-right" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/what-could-go-right</a>

Discernible🚨 1 day left in our giveaway! Tomorrow we’re selecting 5 winners to receive free Pro subscriptions to our weekly incident response communication drills!Have our blog posts on gaining influence, cross-functional communications, or post-mortems improved your team’s effectiveness? Comment & tell us which blog post helped you the most!Remember: each comment = new entry. More participation = better chances!Get your entries in before tomorrow’s deadline!<a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/PrivacyComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#PrivacyComms</a>

Discernible💫 New Discernible Drill this week! You’ll face escalating challenges that force difficult tradeoffs between business continuity, stakeholder communications, and technical remediation - all while racing against the clock. 😰Subscribe at DiscernibleInc.com/drills<a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

melanie ensign (she/her)Five years ago this week, I launched Discernible with a vision that the best security communications is transformative rather than reactive. Today, I couldn't be prouder of the teams we've helped build political capital and decision-making frameworks that expand their options during critical moments. In our blog post, I share the most profound lesson from our journey- how an organization's daily choices shape their response capabilities during incidents, and how effective communication turns potential crises into opportunities to demonstrate organizational strength.<a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://defcon.social/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://defcon.social/tags/Influence" class="mention hashtag" rel="nofollow noopener" target="_blank">#Influence</a> <a href="https://discernibleinc.com/blog/organizations-lack-sufficient-decision-frameworks-to-expand-incident-response-options" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/organizations-lack-sufficient-decision-frameworks-to-expand-incident-response-options</a>

Discernible🔥 New <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> drill! This week, we test how teams handle security communications when public narratives clash with emerging technical findings. Practice navigating these complex issues in our upcoming simulation! Subscribe to join: DiscernibleInc.com/drills

DiscernibleWant to boost your security & privacy team's influence? Our new blog explores how corporate anthropology helps teams evolve from technical specialists to strategic partners.Learn 3 actionable steps to map organizational terrain, speak cross-functional languages, & build an empowering reputation.Read more: <a href="https://discernibleinc.com/blog/boost-your-teams-influence-with-corporate-anthropology-3-steps" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/boost-your-teams-influence-with-corporate-anthropology-3-steps</a><a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/PrivacyComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#PrivacyComms</a>

DiscernibleIn light of recent revelations regarding DPRK operatives infiltrating tech companies, our drill this week explores the critical communication challenges following discovery of this insider threat. Join us to learn practical strategies for balancing operational security with stakeholder trust during active investigations.Subscribe at DiscernibleInc.com/drills<a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/InsiderThreats" class="mention hashtag" rel="nofollow noopener" target="_blank">#InsiderThreats</a> <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

DiscernibleNot Just Security: CISOs are Business Executives Read the full article: <a href="https://discernibleinc.com/blog/cisos-are-business-executives" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/cisos-are-business-executives</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

DiscernibleSecurity and privacy communications deserve more attention and expertise.Our monthly newsletter helps professionals communicate these complex topics more effectively through expert insights, communications theory, and practical research.Each edition includes perspectives from founder <a href="https://defcon.social/@Wednesday" class="u-url mention" rel="nofollow noopener" target="_blank">@Wednesday</a>, communications research highlights, podcast recommendations, and spotlights on nonprofits in tech.Subscribe to up level how you communicate about security and privacy: <a href="https://discernibleinc.com/newsletter-signup" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/newsletter-signup</a><a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/PrivacyComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#PrivacyComms</a>

DiscernibleLike the hammerhead, good IR plans are distinctive and adapted to their environment.How we helped a design platform build a holistic security communications plan when:😱 Only 26% of orgs have enterprise-wide IR plans😱 74% apply them inconsistently😱 43% fail to designate internal IR stakeholders"We wanted to have a process that was inclusive and orderly, knowing those moments can be chaotic."<a href="https://discernibleinc.com/blog/case-study-incident-response-communications-planning" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/case-study-incident-response-communications-planning</a><a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a>

DiscernibleYour "incident response" plan probably ignores 90% of actual incidents. Have you planned for:🥴 Hiccups: "Routine" issues that spiral with poor communications 🤦‍♀️ F*ck Ups: Perceived incompetence requiring apologies🏳️ Give Ups: Business decisions that erode trust"It's rarely major breaches that cause long-term reputation damage." - Discernible CEO <a href="https://defcon.social/@Wednesday" class="u-url mention" rel="nofollow noopener" target="_blank">@Wednesday</a>Need practice handling these scenarios? Our IR communications subscription drills builds the muscle memory you'll need with weekly simulations.<a href="https://discernibleinc.com/blog/what-is-a-security-or-privacy-incident-hiccups-fck-ups-and-give-ups" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/what-is-a-security-or-privacy-incident-hiccups-fck-ups-and-give-ups</a><a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

melanie ensign (she/her)IR comms isn’t merely crisis response, it’s change management because you’ll never be the same again — and that’s a good thing, use it to your advantage. The goal is not recovery to your previously known state. The goal is recovery that moves you forward, better than before. <a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

Discernible"I'm sorry" works better than "It wasn't our fault."New piece from <a href="https://defcon.social/@Wednesday" class="u-url mention" rel="nofollow noopener" target="_blank">@Wednesday</a> on why security incidents need fewer defensive statements and more trust-building strategies. Turns out, protecting organizational pride often backfires.Read more: <a href="https://lnkd.in/gnB4-c5C" rel="nofollow noopener" translate="no" target="_blank">https://lnkd.in/gnB4-c5C</a><a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a>

Kevin Riggle"Because of how Uber's PM ran our <a href="https://ioc.exchange/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#bugbounty</a> program, the moment the reporter reached out, I was able to respond effectively." Melanie Ensign <a href="https://defcon.social/@Wednesday" class="u-url mention" rel="nofollow noopener" target="_blank">@Wednesday</a> on the value of collaboration in <a href="https://ioc.exchange/tags/securitycomms" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitycomms</a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://ioc.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://ioc.exchange/tags/CriticalPointWarStories" class="mention hashtag" rel="nofollow noopener" target="_blank">#CriticalPointWarStories</a><a href="https://youtu.be/8Ltyei5e1UI" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/8Ltyei5e1UI</a>

melanie ensign (she/her)A lot of plaintiffs pursue litigation to understand what happened and why -- precisely because of poor communication from the organization. Decide in advanced what values you want to demonstrate in how and what you say in response to a security or privacy incident, and get written commitment from business stakeholders (including legal) during your preparedness process so that everyone is accountable for how you show up in your communications. If you don't want your public statements and customer communications to sound tone deaf, apathetic, or defensive, you need to address that internally now or folks will default to their comfort zones once they feel the heat. It takes time to teach certain people how to treat human beings as more than potential plaintiffs, so start now.<a href="https://defcon.social/tags/securitycomms" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitycomms</a> <a href="https://defcon.social/tags/privacycomms" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacycomms</a> <a href="https://defcon.social/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a>

melanie ensign (she/her)<a href="https://infosec.exchange/@Discernible" class="u-url mention" rel="nofollow noopener" target="_blank">@Discernible</a> This is how you write a job description to attract experienced security comms pros. Well done! ✅ it’s about reputation building, not publicity ✅ it’s cross functional & considers all stakeholders, not only journalists ✅ it’s strategic, not prescriptive ✅ it’s ongoing & proactive, not reactive or crisis-bound<a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://defcon.social/tags/hiring" class="mention hashtag" rel="nofollow noopener" target="_blank">#hiring</a>

Discernible💫 Open <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> role at Zoom:Senior Security and Reputation Communications Manager<a href="https://infosec.exchange/tags/hiring" class="mention hashtag" rel="nofollow noopener" target="_blank">#hiring</a><a href="https://www.linkedin.com/jobs/view/3760550399" rel="nofollow noopener" translate="no" target="_blank">https://www.linkedin.com/jobs/view/3760550399</a>

melanie ensign (she/her)Wendy services are extra, but you can pick your flavor. <a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a>

DiscernibleNot communicating about security until it escalates into a crisis is a self-fulfilling prophecy. Instead, security teams should constantly be on the lookout for critical turning points that could lock-in a negative outcome for the organization or jeopardize their reputation. <a href="https://infosec.exchange/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> <a href="https://infosec.exchange/tags/ReputationManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReputationManagement</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a><a href="https://discernibleinc.com/blog/risk-communications-recognizing-turning-points-managing-decisions" rel="nofollow noopener" translate="no" target="_blank">https://discernibleinc.com/blog/risk-communications-recognizing-turning-points-managing-decisions</a>

melanie ensign (she/her)Every <a href="https://defcon.social/tags/SecurityComms" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityComms</a> person should be proficient in JIRA.

Recent searches

Search options

Administered by:

Server stats:

#securitycomms