techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.6K
active users

#securitycomms

0 posts0 participants0 posts today

🏁FINAL DAY OF OUR 5TH ANNIVERSARY GIVEAWAY 🏁

Today we’ll be selecting winners for Pro subscriptions to our weekly incident response communication drills!

Last chance to enter: Comment with a blog post from our team that impacted your security practices, and tell us why it mattered.

Every comment increases your chances! Winners notified by end of day.

Thank you for 5 amazing years of learning and growing together. 💙

🚨 1 day left in our giveaway!

Tomorrow we’re selecting 5 winners to receive free Pro subscriptions to our weekly incident response communication drills!

Have our blog posts on gaining influence, cross-functional communications, or post-mortems improved your team’s effectiveness?

Comment & tell us which blog post helped you the most!

Remember: each comment = new entry. More participation = better chances!

Get your entries in before tomorrow’s deadline!

What’s your biggest incident response communication lesson?

Share which of our blog posts taught you something valuable!

Our 5-year anniversary giveaway continues: 5 Pro subscriptions to our weekly IR comms drills up for grabs. (a $1,200 value!)

Each blog post you share on counts as a separate entry. Multiple entries encouraged!

Winners randomly selected Friday.

Still plenty of time to participate!

Five years ago this week, I launched Discernible with a vision that the best security communications is transformative rather than reactive.

Today, I couldn't be prouder of the teams we've helped build political capital and decision-making frameworks that expand their options during critical moments.

In our blog post, I share the most profound lesson from our journey- how an organization's daily choices shape their response capabilities during incidents, and how effective communication turns potential crises into opportunities to demonstrate organizational strength.

#SecurityComms #IncidentResponse #Influence

discernibleinc.com/blog/organi

Discernible IncOrganizations Lack Sufficient Decision Frameworks to Expand Incident Response Options — Discernible IncSecurity leaders who build consistent, values-based decision frameworks create significantly more options during incident response than those who rely on reactive practices. Effective security communication isn't really about crisis messaging -- it's about strategic relationship building that transf

🔥 New #SecurityComms drill!

This week, we test how teams handle security communications when public narratives clash with emerging technical findings.

Practice navigating these complex issues in our upcoming simulation!

Subscribe to join: DiscernibleInc.com/drills

One of our readers asked about communicating vulnerabilities to developers without causing a defensive response.

Understanding a few communication theories can change difficult security conversations into collaborative opportunities.

When we shift from triggering defensiveness to building psychological safety, we fix vulnerabilities faster and create lasting partnerships that make everyone's job easier.

Read the full blog post for examples of how this works in practice.

#AppSec #DevSecOps #SecurityComms

discernibleinc.com/blog/-mailb

Discernible Inc📬 Mailbag: What's the best approach for sharing vulnerability findings with developers to avoid inciting defensiveness? — Discernible IncEffectively communicating security vulnerabilities to development teams requires understanding emotional dynamics and reframing findings as opportunities rather than criticisms. By applying proven communication theories security professionals can transform potentially defensive interactions into col

In light of recent revelations regarding DPRK operatives infiltrating tech companies, our drill this week explores the critical communication challenges following discovery of this insider threat.

Join us to learn practical strategies for balancing operational security with stakeholder trust during active investigations.​​​​​​​​​​​​​​​​

Subscribe at DiscernibleInc.com/drills

Join us for this week's security communications drill designed to strengthen your communication skills during the chaos of a critical open-source vulnerability!

You’ll practice:

➡️ Creating effective technical communications for diverse stakeholders
➡️ Managing sensitive non-public vulnerability information
➡️ Coordinating emergency response across engineering teams
➡️ Balancing immediate mitigation with long-term security strategy
➡️ Leveraging personal relationships in the open-source community

Remember, you can now choose from two different time slots to fit your schedule. 💛

Register at DiscernibleInc.com/drills

🪲 During this week's Discernible Drill on bug bounty communications, we explored how powerful it is to give the benefit of the doubt, regardless of whether you receive it first. Information asymmetry between researchers and security teams creates natural friction, but documentation and good-faith communication can transform outcomes.

Despite high-profile negative examples, most organizations want to handle vulnerabilities properly & researchers who approach them with professionalism achieve better results and build a stronger reputation for themselves.

Full post: discernibleinc.com/blog/breaki

Discernible IncBreaking Down Barriers: Insights from Our Recent Bug Bounty Communications Drill — Discernible IncInformation asymmetry and mismatched expectations create unnecessary friction between security researchers and internal teams. Building trust through documentation, giving the benefit of the doubt, and establishing clear communication channels transform potential conflicts into productive collaborat

NEW: "Decisive Under Fire - Why Decision Frameworks Beat Templates for Security Incident Communications"

Templates inevitably fail during security incidents because every case is different. We've shared how predetermined decision frameworks ensure the right experts make key communication decisions when the pressure is on.

These frameworks specify who decides what information goes to which stakeholders, preventing the loudest voice from dictating messaging strategy while ensuring consistency across channels.

Check it out if you manage security incidents, oversee cross-functional teams, or want stronger regulatory documentation for your incident response!

#IncidentResponse #SecurityComms #InfoSec

discernibleinc.com/blog/decisi

Discernible IncWhy Decision Frameworks Are the Secret Sauce of Effective Incident Communications, Not Templates — Discernible IncDiscover why predetermined decision protocols outperform templates for managing security incident communications. Learn how to establish effective frameworks that empower stakeholders with the right expertise to make critical communication decisions during high-pressure security events.

Security and privacy communications deserve more attention and expertise.

Our monthly newsletter helps professionals communicate these complex topics more effectively through expert insights, communications theory, and practical research.

Each edition includes perspectives from founder @Wednesday, communications research highlights, podcast recommendations, and spotlights on nonprofits in tech.

Subscribe to up level how you communicate about security and privacy: discernibleinc.com/newsletter-

Like the hammerhead, good IR plans are distinctive and adapted to their environment.

How we helped a design platform build a holistic security communications plan when:

😱 Only 26% of orgs have enterprise-wide IR plans

😱 74% apply them inconsistently

😱 43% fail to designate internal IR stakeholders

"We wanted to have a process that was inclusive and orderly, knowing those moments can be chaotic."

discernibleinc.com/blog/case-s

Your "incident response" plan probably ignores 90% of actual incidents. Have you planned for:

🥴 Hiccups: "Routine" issues that spiral with poor communications

🤦‍♀️ F*ck Ups: Perceived incompetence requiring apologies

🏳️ Give Ups: Business decisions that erode trust

"It's rarely major breaches that cause long-term reputation damage." - Discernible CEO @Wednesday

Need practice handling these scenarios? Our IR communications subscription drills builds the muscle memory you'll need with weekly simulations.

discernibleinc.com/blog/what-i

Discernible IncWhat is a Security or Privacy Incident? Hiccups, F*ck Ups, and Give Ups — Discernible IncOne of the most common reasons organizations struggle with incident response communications is that their definition of an “incident” excludes most incidents. Too often incident response planning and execution only considers situations with legal disclosure obligations. It’s one reason why so many c