Presentation Material
Abstract
When working in security organizations in a client facing role, it is important you are able to understand and manage client expectations, especially non-technical ones, whilst translating these to security teams to ensure the successful execution of security projects.
As a woman in cybersecurity that has moved from a technical role to a client facing one, I have a unique perspective on how to overcome client and technical team biases and stereotypes to ensure that everyone’s requirements are aligned and understood.
Doing so requires you to wear multiple hats (and to swap them at a moment’s notice!).
In this talk I will talk about what it takes to connect dots between security teams and customer expectations to deliver outstanding project management results.
AI Generated Summary
The talk addressed the frequent misalignment between security service delivery and customer expectations, a gap that often leads to dissatisfaction. The core argument was that technical execution alone is insufficient; successful outcomes depend on effective communication, empathy, and project management tailored to the client’s true needs.
Key techniques presented included: first, probing the underlying reason (“the why”) behind a client’s request (e.g., a pen test for compliance versus data safeguarding) to align service value with business goals. Second, practicing empathy by adopting a partnership mindset, guiding less experienced clients through processes, and addressing their specific pain points rather than acting as a mere vendor. Third, proactively managing projects by providing regular, timely updates—especially on delays—to allow clients to adjust their plans. Fourth, maintaining direct honesty about service limitations or timeline constraints to set realistic expectations. Finally, instituting constant check-ins and structured feedback mechanisms, such as Net Promoter Score (NPS) surveys, to gauge satisfaction and address issues from dissatisfied clients proactively.
The practical implication is that security teams must integrate these soft skills and client-centric processes into their workflows. This approach transforms the client relationship, builds trust, ensures deliverables meet actual requirements, and increases the likelihood of repeat business and positive referrals. The ultimate goal is to deliver a “delightful experience” where the client feels understood and supported, moving beyond transactional report delivery to strategic partnership.