I've just been speaking at Computing's Enterprise Security & Risk Management Summit about analogies, and I thought I might note a few points here.
Firstly, good analogies are memorable. They stick to the experience which you have used in the analogy: if you use tooth hygiene as an analogy for vulnerability management, then people will tend to be reminded of vulnerability management when they brush their teeth. I think this is called anchoring.
Analogies also engage people, bringing them into a common set of referents which they have the confidence to manipulate and develop. Once they engage with an analogy, and make it their own, they can reuse it as a tool to enhance understanding in the future.
Be aware that analogies are not a perfect replica of the real world. They will often be simplified, incomplete or have elements which do not match the original subject. That's fine, as long as you bear it in mind: an overly literal approach should be avoided.
And a bonus analogy!
Here's the main concept:
Sandboxing can be helpful: but in order to remove delays, it is common practice to take a punt on the file, let it through and then test a copy of it in the sandbox.
Analogy:
Like having a strange creature turning up at the front door and wanting to be let in; let it in while you look it up on Google,and hope it doesn't eat your hamster in the interim.
No comments:
Post a Comment