You might know the immense value of IT security, but you probably know at least a few professionals who don’t. Apparently, communicating the importance of security is a difficult task for many people, so you’re not alone if you find this hard to do. 

It can be tempting for some senior executives to only look at the cost of security programs, while others are ambivalent toward their effectiveness.  But either way, the true value of IT security is not getting across, and that’s a breakdown in communication. In fact, according to Infosecurity Magazine, the authors of a study done by the Ponemon Institute for Tripwire claim, “As business leaders are required to disclose more about their organization’s security risks, those business-oriented security executives with good communication skills will be in even greater demand.”

The study – which involved IT professionals from both the US and Britain – found that approximately half of those surveyed admitted they were ineffective at letting management know about security risks. Many say it’s because the security metrics are too complex for their bosses to understand. The result is that companies are allowing security threats to stick around because management simply doesn’t know about their severity.

But with increasing dependence on technology, security risks are not going away any time soon. In fact, there are more now than ever, which means it is increasingly important for security professionals to properly communicate the risks to senior executives. Getting the point across might require the use of graphs or even the ever-popular infographics, but getting management to comprehend the value of IT security is worth the extra effort.