The Largest Open Goal In Cyber Security

1000 words, 4 minutes. “But how was one to explain repeated instances of derisive laughter at melodramas and films that hardly set out to be funny?" - Prof. Eric Rentschler¹

Out of place laughter is an anarchist in the dark. Someone who refuses to let the film cast its spell.

Imagery is important. Moving or still. Whether it be religious iconography, depictions of national myth, a coat of arms, a rallying military standard, your company’s brand, or something as incidental as clip art. It’s important because the brain processes images orders of magnitude faster than it processes text or speech². You may not realise it but the level at which you comprehend images is far deeper than your thinking/reasoning brain. Imagine yourself suddenly transported here:

• Where am I?
• Is there danger?
• What should I watch for?
• What am I going to do if I’m attacked?
• Is that a vine or a snake? A leach or a leaf? Are those eyes?

While your eyes dart around the undergrowth your brain considers all of these questions in an instant. Faster than conscious thought. It’s no accident. Modern humans have existed as a species for 50,000 years, the first flint tools are 3.3 million years old. For most of that time surviving childhood was unlikely. Being able to process images and react without thinking was essential for survival. Today most of us don’t need to worry about stepping on a cobra or being eaten by a jaguar, but these vestigial pattern recognition circuits remain active in our brain. It’s not just obvious hazards like poisonous snakes and large predators that are recognised by the mind beneath the mind either.

What does any of this possibly have to do with Cyber Security and where is that open goal I promised?

Cyber Security’s Open Goal

If you wish to communicate a serious matter but the imagery you choose causes people to laugh then that imagery isn’t helping your persuasion. It’s harming it. Even if the harm isn’t perceived at a conscious level. Returning to the quote and first line of this post, bad imagery breaks the spell you hope to cast over your audience. At the very least you’re squandering a golden opportunity to influence them.

Never waste an opportunity to influence your audience.

With that in mind, let’s take a look at some typical Cyber Security imagery. The following images were obtained from stock photography sites. They are reproduced here under fair use doctrine, for the purposes of review and critique.

Putting to one side the fact that humans are uneasy about obscured faces, this image of a “Russian Hacker” is ridiculous.

Phishing tricks a target into disclosing sensitive information. One of its defining features is that it requires a degree of participation from the victim. Another silly image.

Here a Cyber Attack is represented by a tired visual motif from a 1999 film about a fake reality where everyone wears sunglasses. At night.

Lastly we combine all the nonsense together. This is supposed to signify an Advanced Persistent Threat. I don’t know why the hacker is wearing motorcycle gloves.

To this collection we can add broken padlocks, binary motifs, people hitting computers with hammers, anyone wearing a hoodie, and people dressed as cartoonish burglars. This imagery isn’t persuasive.

• It’s tired.
• It isn’t serious and never was.
• It’s forgettable and interchangeable.
• It represents a failure of imagination.

At this point I’d like to remind you that this is the imagery used by a $150bn industry.

The fact that it’s so recognisable and at the same time so bland and interchangeable tells you that it’s not helping. It just fills space on a page so the reader isn’t faced with a wall of text. It doesn’t impart any information or trigger any deeper feeling except perhaps ridicule. This type of failure to persuade, or failure to even attempt to persuade, is common in the technology industry. I single out Cyber Security because it’s a field I have been working in for 20 years.

Why Improve?

The largest open goal in Cyber Security isn’t an obvious product, or an underserved market, it’s not even an overlooked technology. It is weak persuasion made weaker by unhelpful images. It is a failure to utilise a built-in feature of the customer, namely their visual cortex.

It’s probably worth improving on Cyber Security’s imagery because compelling imagery is one of the best ways to trigger action in an individual at some point in the future. That action could be to contact your company, to make a purchase, or to investigate a solution to a problem they just stumbled upon.

For those of you who think we have unpersuasive imagery because it’s too hard to come up with anything better, consider the insurance industry. Insurance is a grudge purchase. It is the driest, dullest industry there is. They don’t make anything. The product is invisible. There is no process to watch, it is something which exists only on paper. Yet insurance companies, particularly consumer insurance companies, make it memorable. The whole industry is about getting into peoples heads, and them remembering at the right moment. Insurance is a marketing business. Marketers have translated this into talking dogs, meerkats, robotic telephones, and ‘epic’ strutting. Those of you in the UK will know what I’m talking about.

I’m tempted to leave it there.

The advertising and design industries are stuffed full of creative geniuses. I’m not one of them. While I have an appreciation for aesthetics, art class was the only lesson I ever considered skipping at school. I don’t think it would take much to displace this weak imagery. If you have something, let me know and I’ll link to it. You’ll be doing the entire Cyber Security industry a public service.

I have a few ideas of my own, not for individual images but rather for a system we might use to get to something more persuasive and powerful. I’ll save that for another time. Check back or follow me on Twitter for the post.