Short and Sweet: Selling for Security Professionals

Pitch your information security proposals to business executives in a way that resonates: Learn to sell on their terms.
4.3 (61 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
5,511 students enrolled
Start Learning Now
  • Lectures 17
  • Length 1 hour
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 9/2015 English

Course Description

Are you an information security professional who frequently needs to get approval from business executives for new security measures? This 1-hour “Short and Sweet" course takes away the guesswork and gives you tools you can start using today.

Learn to speak business executives' language and get easier approval for your security investments.

Pitching a security investment can seem difficult because it's not always a clear-cut process, but learning to sell to business executives in their own language is a key to reframing security as a long-term positive investment opportunity.

In less than 2 hours, this Short and Sweet course will give you solid practice and help you achieve steady improvement in your pitches, without a lot of filler. We'll discuss the potential for finding common ground, why sales skills are so important, and how to transform your security investment proposals from risk-focused to business-focused with a few simple tweaks. We'll also talk about preparing for an in-person pitch, and about selling to the business line - selling to users - after your pitch gets approved.

At the end of the course, you'll be better equipped to have effective discussions with business leaders about potential security investments you need and want to make inside your company.

That's a great trade for 2 hours of your time!

Please note: This course is designed to get you productive FAST. This course assumes you already are familiar with information security basics and, ideally, are in an information security or IT role at your company. If you aren't familiar with information security basics, please seek out another course to learn those skills.

But if you're already familiar with information security and want tools to understand business language and use it in the context of security, this course IS for you and I hope you'll enroll.

My goal is to make this course the easiest path to more effective information security investment pitches. Please let me know if anything in the course could be clearer, and I'll be happy to help you. It also will help me improve the course.

If you're ready to learn more and sign up for the course, go ahead and hit that Enroll button - Udemy offers a 30-day refund guarantee, so there's no risk to you!

What are the requirements?

  • Familiarity with information security basics

What am I going to get from this course?

  • Pitch information security investments to business executives in business terms
  • Use 'power words' to improve the impact of your pitch
  • Apply strategies to increase buy-in from business-line managers after a security measure is rolled out

Who is the target audience?

  • Information security professionals who need to get approval from business executives for new security measures
  • General IT managers who often need to get management buy-in for different types of technology investments
  • Security consultants who have been engaged to provide recommendations to the business
  • Internal auditors who want to present security findings to management more effectively
  • If you don't understand information security basics or have an entirely technical role with no business interaction, this course is not for you - seek out a different course, please!

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Start Here

This lecture introduces the course and its prerequisites.


This lecture compares two different types of thinking: risk-focused and business-focused. These two types of thinking have entirely different languages!


This lecture introduces the idea that security and business teams actually have similar goals, if they can get past the language gap.


This lecture discusses why you should sell your security investment proposal to business executives even if the investment is required by law or regulation.

2 pages

This comparative case-study exercise highlights the difference between a check-the-box security implementation and a strategic, win-win implementation.


This lecture offers strategies, tactics and specific language for information security managers who need to sell potential security investments to business executives.

3 pages

This PDF provides a high-level glossary of business terms that may be useful for security professionals.


This optional lecture shows you how to use net present value (NPV) to determine the ROI of a potential security investment.

This lecture shows you how to use "power words" to increase the impact of security investment proposals - and how to avoid pitfalls!
1 page

This downloadable PDF provides links to lists of power words that you can use to heighten the impact of your security investment pitches.


This lecture walks you through examples of risk-focused versus business-focused proposals for different security investments.

2 pages

This lecture gives you an opportunity to practice writing your own business-focused proposals for common security investments.


This lecture provides tips and questions you can ask yourself before pitching a security investment to a business executive in person.


After your information security project is approved, what's next? Convincing business-line users to get on board.


This lecture focuses on why internal auditors should 'sell' their findings - even if management is required to address them.


This lecture wraps up the core curriculum. After completing this course, you'll be better equipped to pitch information security proposals to business executives.


This lecture offers next steps for continuing your learning, including book recommendations and other resources.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Stephanie Losi, Tech Consultant and Trainer at 219 Labs, Inc.

Stephanie is a software developer, IT risk management expert and former journalist who loves learning. After several false starts, she taught herself to program in 2012 and wants to teach programming the way she wishes it had been explained to her. In addition to delivering online training courses through 219 Labs, her projects include developing a software tool that allows you to program in plain English. She has a master's degree in information security policy and management from Carnegie Mellon University, a bachelor's degree in journalism from Northwestern University, and attended Recurse Center (formerly Hacker School) in 2014. Her interests include organic food, art, travel and doing good work.

Ready to start learning?
Start Learning Now