Learning How to Influence - Tips for Security Professionals

Security professionals often need to influence colleagues without formal power to affect changes. Success requires not just message content but presentation. Key books on influence include Cialdini's "Influence," Ariely's "Predictably Irrational," and Fisher/Ury's "Getting to Yes."

Information security professionals are often in the position where they need to influence colleagues, vendors, partners and customers. Yet, they don’t always have the formal power to affect the desired changes. To improve the odds that people will do as you ask, you must be good not only in the content of the message, but also in how you present it.

Here are my favorite books that discuss the principles of influence, negotiation and decision-making:

• Influence: The Psychology of Persuasion by Robert Cialdini
• Yes!: 50 Scientifically Proven Ways to Be Persuasive by Robert Cialdini, Noah Goldstein and Steve Martin.
• Predictably Irrational by Dan Ariely
• The Upside of Irrationality: The Unexpected Benefits of Defying Logic at Work and at Home Dan Ariely
• Made to Stick: Why Some Ideas Survive and Others Die by Chip Heath and Dan Heath
• Getting to Yes: Negotiating Agreement Without Giving In by Roger Fisher and William Ury
• No: The Only Negotiating System You Need for Work and Home by Jim Camp

Here are a few of my earlier tips on crafting a convincing message to express yourself properly:

• How to Be Heard in IT Security and Business
• Three Laws of Behavior Dynamics for Information Security
• Elevator Pitch for Explaining Security Risks to Executives
• Situational Awareness for Information Security Professionals