Risk professionals need to start speaking in managers’ language. They should stop talking about the technical aspects of security apparatus. One way to do this is by showing risk levels in terms of something that every executive can relate to the business. Risk professionals must understand that the organization’s purpose is to fulfill its mission. The purpose of a security professional is to help the business make informed decisions about security issues that could potentially compromise the organization’s mission.
