Mastering the Art of Communication in InfoSec
In this latest episode of Razorwire, I sit down with the brilliant Stefania Chaplin to explore the often overlooked yet crucial skill of effective communication in information security.
Throughout our conversation, we discuss why communication matters so much in our field, especially during critical moments when tensions run high. Stefania brings her trademark enthusiasm and wealth of experience to highlight approaches that work across different contexts, cultures and situations.
As our profession has evolved, and particularly when working with colleagues remotely, our approach to communication needs to adapt accordingly. Whether you're just starting out or have been in the trenches for decades, I guarantee you'll take away some valuable insights on a skill that I've found to be just as important as technical expertise throughout my career.
3 Key Talking Points:
Managing Communication During Incidents
Discover practical strategies for effective communication during high stress security incidents. Learn how to establish clear communication channels, manage stakeholder expectations and create space for your team to resolve issues without constant interruptions. Stefania shares techniques from her experience, including the importance of creating transparent incident documentation and using mindfulness to maintain clear thinking under pressure.
Cross-Cultural Communication in Global Teams
Gain insights into navigating the complexities of multicultural teams in information security. With remote work connecting professionals across different time zones and cultural backgrounds, understanding how communication styles vary globally has never been more crucial. Learn how different cultures approach feedback, instructions and hierarchy, drawing from Stefania’s multicultural background and experiences working as a digital nomad.
Adapting Your Message to Different Audiences
Master the art of tailoring your security communication for different stakeholders. Whether you're speaking with developers who need technical details or executives who need the headlines, find out how to switch hats effectively. This practical knowledge will help you build credibility with technical teams whilst ensuring leadership understands the key security messages they need for decision-making.
"What happens when you have a cybersecurity incident and you're working in a global organisation with employees from all different countries and cultures in a very high stress environment? In those moments, communication really matters."
Stefania Chaplin
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
In this episode, we covered the following topics:
- Incident Clarity - Transform your incident response with effective communication strategies for high stress scenarios
- Global Trust - Build trust across global teams by understanding cultural communication differences
- Stakeholder Speak - Tailor your security messaging for maximum impact with different stakeholders
- Focus Shield - Protect your technical team from distractions during critical incidents
- Pre-Crisis Planning – Advice on creating communication plans before incidents occur to reduce chaos when they happen
- Mental Control – Learn breathing techniques to maintain clarity during high pressure security events
- Remote Mastery - Navigate the complexities of remote teams across different time zones
- Image Repair – How to break the "security is the bad guy" stereotype through better communication
- Technical Translation – How to adapt your technical language for different audiences without losing credibility
- Practice Pressure - Learn from war-gaming exercises to improve your team's communication under pressure
- Toxicity Management – How to recognise and handle toxic communication patterns in the workplace
- Feedback Loop - Implement feedback mechanisms to continuously improve your communication style
Resources Mentioned
- Effective Communication in Tech - Stefania's project focused on communication skills for technical professionals (effectivecommunicationintech.com)
- DevStefOps - Stefania's personal website
- The Culture Map – by Erin Meyer, on multicultural communication in business settings
- Never Split the Difference - by Chris Voss, on negotiation techniques
- Box Breathing Technique - a stress management tool to use during incidents
- GitLab's Incident Response Guide - an example of transparent incident communication
- The Cyber Sentinels Handbook – by James Rees
- Neuro-Linguistic Programming - a communication framework
- Myers-Briggs Type Indicator - a personality assessment tool
Meet our guest
Stefania Chaplin
Stefania’s (aka DevStefOps) experience as a Solutions Architect within DevSecOps, Security Awareness and Software Supply Chain Management means she's helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania enjoys optimising and improving operational efficiency by scripting and automating processes and creating integrations. She is a member of OWASP DevSlop, hosting their technical shows. When not at a computer, Stefania enjoys surfing, yoga and looking after all her tropical plants.
Other episodes you'll enjoy
- Mental Health, Organisational Culture & The Human Side of Cybersecurity YouTube: https://youtu.be/k_VVu_bQZXg
Spotify: https://open.spotify.com/episode/1h88WI6RlKjF0BQ3ylbnfH?si=1Zqi4lrNSzO-klDQleyEhw
- The Art of Cyber Deception: How To Get Inside The Mind of A Hacker YouTube: https://youtu.be/r_n275AsK8c
Spotify: https://open.spotify.com/episode/3GMSIXpbexPBqH2Rb92PNi?si=TCCxuTo-QeeMALLyHomwtg
Connect with your host James Rees
Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.
Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.
With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.
For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.
Linkedin: Razorthorn Security
YouTube: Razorthorn Security
Twitter: @RazorThornLTD
All rights reserved. © Razorthorn Security LTD 2025
This podcast uses the following third-party services for analysis:
OP3 - https://op3.dev/privacy