The Risky Business of Risk Illiteracy
Sean Juroviesky
BSidesSF 2026 · Day 2 · AMC Theatre 12
In his compelling BSides SF talk, "The Risky Business of Risk Illiteracy," Sean Juroviesky addresses a fundamental disconnect in how many organizations approach cybersecurity: a failure to understand and communicate risk in terms that resonate with business leadership. Juroviesky argues that security professionals often get lost in the weeds of technical vulnerabilities, high CVSS scores, and sensational headlines, losing sight of the broader business context and the most common attack vectors. This "risk illiteracy" leads to misprioritization, ineffective resource allocation, and a persistent struggle to secure executive buy-in for critical security initiatives.
AI review
Competent BSides-tier content that does exactly what it sets out to do: remind practitioners that MFA and business communication matter more than chasing CVEs. Nothing here will surprise a seasoned security professional, but it's well-structured and the message is genuinely needed in certain audiences.