Short and Sweet: Selling for Security Professionals
4.3 (106 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
7,751 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Short and Sweet: Selling for Security Professionals to your Wishlist.

Add to Wishlist

Short and Sweet: Selling for Security Professionals

Pitch your information security proposals to business executives in a way that resonates: Learn to sell on their terms.
4.3 (106 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
7,751 students enrolled
Created by Stephanie Losi
Last updated 9/2015
English [Auto-generated]
Price: Free
  • 1 hour on-demand video
  • 1 Article
  • 4 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Pitch information security investments to business executives in business terms
  • Use 'power words' to improve the impact of your pitch
  • Apply strategies to increase buy-in from business-line managers after a security measure is rolled out
View Curriculum
  • Familiarity with information security basics

Are you an information security professional who frequently needs to get approval from business executives for new security measures? This 1-hour “Short and Sweet" course takes away the guesswork and gives you tools you can start using today.

Learn to speak business executives' language and get easier approval for your security investments.

Pitching a security investment can seem difficult because it's not always a clear-cut process, but learning to sell to business executives in their own language is a key to reframing security as a long-term positive investment opportunity.

In less than 2 hours, this Short and Sweet course will give you solid practice and help you achieve steady improvement in your pitches, without a lot of filler. We'll discuss the potential for finding common ground, why sales skills are so important, and how to transform your security investment proposals from risk-focused to business-focused with a few simple tweaks. We'll also talk about preparing for an in-person pitch, and about selling to the business line - selling to users - after your pitch gets approved.

At the end of the course, you'll be better equipped to have effective discussions with business leaders about potential security investments you need and want to make inside your company.

That's a great trade for 2 hours of your time!

Please note: This course is designed to get you productive FAST. This course assumes you already are familiar with information security basics and, ideally, are in an information security or IT role at your company. If you aren't familiar with information security basics, please seek out another course to learn those skills.

But if you're already familiar with information security and want tools to understand business language and use it in the context of security, this course IS for you and I hope you'll enroll.

My goal is to make this course the easiest path to more effective information security investment pitches. Please let me know if anything in the course could be clearer, and I'll be happy to help you. It also will help me improve the course.

If you're ready to learn more and sign up for the course, go ahead and hit that Enroll button - Udemy offers a 30-day refund guarantee, so there's no risk to you!

Who is the target audience?
  • Information security professionals who need to get approval from business executives for new security measures
  • General IT managers who often need to get management buy-in for different types of technology investments
  • Security consultants who have been engaged to provide recommendations to the business
  • Internal auditors who want to present security findings to management more effectively
  • If you don't understand information security basics or have an entirely technical role with no business interaction, this course is not for you - seek out a different course, please!
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Start Here
17 Lectures 49:12

This lecture introduces the course and its prerequisites.


This lecture compares two different types of thinking: risk-focused and business-focused. These two types of thinking have entirely different languages!

What Is the Problem?

This lecture introduces the idea that security and business teams actually have similar goals, if they can get past the language gap.

What Is the Potential?

This lecture discusses why you should sell your security investment proposal to business executives even if the investment is required by law or regulation.

Why You Should Sell Even When You Don't Have to

This comparative case-study exercise highlights the difference between a check-the-box security implementation and a strategic, win-win implementation.

Exercises: Case Studies
2 pages

This lecture offers strategies, tactics and specific language for information security managers who need to sell potential security investments to business executives.

How to Sell Security to Business Executives

This PDF provides a high-level glossary of business terms that may be useful for security professionals.

Business Terms Glossary
3 pages

This optional lecture shows you how to use net present value (NPV) to determine the ROI of a potential security investment.

OPTIONAL - Net Present Value (NPV) Deep Dive

This lecture shows you how to use "power words" to increase the impact of security investment proposals - and how to avoid pitfalls!
Power Words in Selling and Avoiding Trigger Words

This downloadable PDF provides links to lists of power words that you can use to heighten the impact of your security investment pitches.

Power Words Resources
1 page

This lecture walks you through examples of risk-focused versus business-focused proposals for different security investments.

In-Class Exercise: Risk vs Business Perspectives

This lecture gives you an opportunity to practice writing your own business-focused proposals for common security investments.

Exercises: Proposal Writing and ROI
2 pages

This lecture provides tips and questions you can ask yourself before pitching a security investment to a business executive in person.

Preparing for an In-Person Pitch

After your information security project is approved, what's next? Convincing business-line users to get on board.

Selling Security to the Business Line (Users)

This lecture focuses on why internal auditors should 'sell' their findings - even if management is required to address them.

Selling for Internal Auditors

This lecture wraps up the core curriculum. After completing this course, you'll be better equipped to pitch information security proposals to business executives.

Wrap-Up and Conclusion

This lecture offers next steps for continuing your learning, including book recommendations and other resources.

Next Steps
About the Instructor
Stephanie Losi
4.4 Average rating
2,635 Reviews
39,837 Students
5 Courses
Tech Consultant and Trainer at 219 Labs, Inc.

Stephanie is a software developer, IT risk management expert and former journalist who loves learning. After several false starts, she taught herself to program in 2012 and wants to teach programming the way she wishes it had been explained to her. In addition to delivering online training courses through 219 Labs, her projects include developing a software tool that allows you to program in plain English. She has a master's degree in information security policy and management from Carnegie Mellon University, a bachelor's degree in journalism from Northwestern University, and attended Recurse Center (formerly Hacker School) in 2014. Her interests include organic food, art, travel and doing good work.