Talking Out Both Sides of Your Mouth: Streamlining Communication via Metaphor

As Security is a relatively new field, we are still learning how to communicate what we know with those outside of it. When communicating with non-experts, we often fall back on simplification and analogy to make our points understood. These techniques are fundamentally based on metaphor.This paper explains how metaphors are classically used, drawing on works in the field of linguistic philosophy, communication theory and neuro-linguistic programming. It then explores classic metaphors used within the Security community, analyzing publicly-available incident reports. Finally, the paper proposes some techniques that can be used to discover metaphors that are likely to work, thereby streamlining communication with those outside the field.This approach can make it easier to convey issues related to incidents quickly and accurately. It can be useful to streamline resource acquisition to implement technology or processes to prevent recurrence. It can be used to help educate junior co-workers and to report to management. Fundamentally, the proper use of metaphor can dramatically shorten communication cycles and free up time for action.