Security builder & leader

Explaining Your Progress to Clients or Colleagues

Colleagues and clients who don't understand your specialized work may underestimate your value, especially when working remotely. Provide regular status updates, meet more often, and consider internal PR campaigns—like New York's MTA advertising subway improvements—to make your contributions visible.

Explaining Your Progress to Clients or Colleagues - illustration

Your non-security colleagues or clients probably have a hard time telling whether you are doing your job well, unless you interact with them on regular basis. After all, they probably don’t understand the intricacies of your work, which makes it hard for them to judge its quality. What can you do about it?

Out of Sight, Out of Mind

As I wrote earlier post, people who don’t understand a specialized skill set estimate the value they receive by assessing the effort (usually time) that goes into the project. Nowadays many employees and consultants work remotely; this makes it harder to know how much people have worked on a given task. This can lead colleagues or clients to assume that the person wasn’t working hard enough.

The solution to this challenge may involve meeting with the relevant people more often by phone or in person. In addition, we should put effort into providing regular status updates electronically regarding both the tasks in progress and recent milestones. (At the same time, we must be careful not to spam people or annoy them with numerous unnecessary calls.)

Posters in the Subway

Consider an example from the world outside of information security:

New Yorkers were grumpy about the apparent lack of improvements in the city’s transit infrastructure. The Metropolitan Transportation Authority (MTA) was asking for additional funding and planned to increase fares; yet, the riders and policy makers didn’t understand how the existing money was being spent.

Back in 2010 MTA responded with a PR campaign to highlight the improvements it was making to subways, buses and bridges. The advertisement posters, extolled the hard work of MTA employees and included the tagline “Improving, non-stop.” New Yorkers remain grumpy about the transportation system, but perhaps the campaign achieved at least the organization’s objectives of casting itself as a competent organization that continues to improve within its budgetary confines.

What You Can Do

Consider whether your organization, department or self should launch a “PR campaign” to make sure that your colleagues or clients understand the work you do and how they benefit from it. Companies use similar tactics as part of a security awareness program or overall marketing campaigns, so this shouldn’t be a completely unfamiliar effort. Who knows, maybe some day you’ll be receiving thank-you cards from appreciative admirers of your work.

More on
Communication
2 min to read
Published: May 12, 2011
Updated: September 5, 2017

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. As CISO at Axonius, he leads the security and IT program, focusing on trust and growth. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.

Learn more →