Skip to content
Illustration for Why Cybersecurity Language Fails Ordinary People
Source: News

Why Cybersecurity Language Fails Ordinary People

Eamon Blackthorn
By Eamon Blackthorn Author of the best-selling book Say It Right Every Time
3 min read Science & Research
Listen to Story BETA

What Happened

Cyberattacks drain trillions from the global economy every year, yet new research reveals that most ordinary people cannot accurately describe what happens during a breach. Associate Professor Sky's work exposes a troubling gap: the cybersecurity industry has flooded the public with technical terminology, words like "phishing" and "breach," without ever ensuring people actually understand them. Familiarity with a word is not the same as understanding it.

The Communication Angle

Here is the comparison that matters. On one side, you have cybersecurity professionals who communicate like engineers talking to other engineers. They repeat the same terms so frequently that people nod along, assuming comprehension has occurred. On the other side, you have every other high-stakes public safety field, from medicine to fire safety, that long ago figured out how to translate danger into plain, visceral language that moves people to act.

Think about what "phishing" actually means to most people. They have heard the word. They could probably spell it. But ask them what specifically happens to their information, who takes it, what those people do with it next, and the answers fall apart fast. The cybersecurity industry confused repetition with education. Those are not the same thing. Repeating a label does not transfer understanding. It transfers the illusion of understanding, which is actually worse.

What should have happened: concrete, consequence-first language from the start. Not "phishing attack" but "someone pretending to be your bank, tricking you into handing over your password." Not "data breach" but "a stranger now has your name, address, and credit card sitting in a spreadsheet." When you lead with the consequence rather than the category, people stop nodding and start listening. That shift is not a small stylistic choice. It is the difference between someone clicking a dangerous link and someone pausing for two seconds.

The cybersecurity industry had a communication strategy. It just was the wrong one. They optimized for sounding credible to peers rather than being useful to the public. That is a trap many technical fields fall into, and it has a real cost. In this case, the cost is measured in trillion-dollar losses tied directly to human error, which is almost always a failure of understanding, not a failure of intelligence.

This is exactly the kind of scenario I break down in Say It Right Every Time. The chapter on audience translation gives you a framework for identifying the gap between what you know and what your listener can actually use, and then closing that gap without dumbing anything down. The goal is never simplicity for its own sake. The goal is precision aimed at the right target.

Say It Right Every Time by Eamon Blackthorn

Never Be Lost
for Words Again

By Eamon Blackthorn

Get word‑for‑word scripts for the conversations that shape your life, from job interviews and negotiations to difficult talks with family and partners, so you always know exactly what to say and how to say it.

Go to Book PageFrom $9.97 USD
PaperbackHardcoverKindleAudiobook
Say It Right Every Time by Eamon Blackthorn

Never Be Lost
for Words Again

By Eamon Blackthorn

Get word‑for‑word scripts for the conversations that shape your life, from job interviews and negotiations to difficult talks with family and partners, so you always know exactly what to say and how to say it.

Go to Book PageFrom $9.97 USD
PaperbackHardcoverKindleAudiobook

Key Takeaway

Before you use any technical term with a non-specialist audience, stop and ask yourself: can I describe the real-world consequence of this thing in one plain sentence? If you cannot, you are not ready to communicate it yet. Write the consequence first. Then, if the label helps, add it after. "Someone steals your login by pretending to be a trusted company. That is called phishing." Not the other way around.

More in Science & Research

Illustration for Why Scientists Fail at Communication (And How to Fix It)
Science & Research

Why Scientists Fail at Communication (And How to Fix It)

Scientists make world-changing discoveries regularly. Cures advance. Nutrition science sharpens. AI ethics evolve. And yet a troubling gap persists: millions of people either tune out or outright reject findings that could extend or save their lives. Dr. Brian Southwell, a researcher focused on science communication, is putting a spotlight on why this gap exists and what communicators can do to close it.

Illustration for Why Science Communication Is Science Itself
Science & Research

Why Science Communication Is Science Itself

Gavi, the Vaccine Alliance, published a piece arguing that communicating science is not a soft skill bolted onto research. It is core to the scientific process itself. The argument is simple: science that nobody understands does not function. Getting findings out of the lab and into the public conversation is part of the job, not an optional extra.

Illustration for AI Fake Images Are Breaking Trust in Science
Science & Research

AI Fake Images Are Breaking Trust in Science

AI-generated images have become sophisticated enough to pass undetected in peer-reviewed scientific journals, with fabricated visuals appearing in published research. This is not a fringe problem. The images look real, the journals are legitimate, and the damage to public trust in science is compounding fast. Scientists and editors are now scrambling to police content they lack the tools to reliably detect.

Illustration for Science Communication Is the Real Scientific Work
Science & Research

Science Communication Is the Real Scientific Work

Gavi, the Vaccine Alliance, published a piece arguing that science communication is not a sidebar to scientific work. It is the work. The argument is that scientists who cannot explain their findings to the public are leaving their most important job unfinished. This is a position that sounds obvious but is still wildly controversial inside research institutions.

Illustration for Why Cybersecurity Language Fails Ordinary People

Enjoyed this article?

Why Cybersecurity Language Fails Ordinary People

Cyberattacks drain trillions from the global economy every year, yet new research reveals that most ordinary people cannot accurately describe what happens during a breach. Associate Professor Sky's work exposes a troubling gap: the cybersecurity industry has flooded the public with technical terminology, words like "phishing" and "breach," without ever ensuring people actually understand them. Familiarity with a word is not the same as understanding it.

Share it with someone who needs to hear this.

Share