The Problem:

Cybersecurity misconceptions
Convey the difference
Balancing gravity and levity


@ahundredmonkeys

Nick Merrill came to us on a mission — to help people understand how to better protect themselves from cyber threats. Spoiler: it’s easier than you think. His consulting practice needed a name that would set him up to explain why.

The word “cybersecurity” tends to conjure images of an ominous hacker mastermind in the dark corner of a server room, with a grid of 0s and 1s reflected across his indoor sunglasses. The attacker is Person X: a nameless, faceless character who couldn’t possibly be interested in our information. We’re just a small greeting card company and we use two-factor authentication, so do we really need to invest more resources into protecting ourselves from something that will likely never happen to us?

Nick Merrill is making sense of cybersecurity for the rest of us.

Nick, a postdoc at the UC Berkeley Center for Long-Term Cybersecurity, is helping people understand why the answer is “yes.” As he explained to us, there are two key issues at play. First, people tend to think cyber attacks are out of their control. I mean, if they could truly be prevented, how do they happen all the time? Because, second, we don’t know our own vulnerabilities. Nick’s solution is to educate people — particularly security teams and other employees at small companies — about the cybersecurity vulnerabilities they don’t know they have.

But he doesn’t sit there and lecture. He challenges them to play a new role. As part of his consulting practice, Nick has developed a series of interactive exercises and role-playing card games designed to draw back the curtain on Person X. One game, called Adversary Personas, sets the stage for unique scenarios in which an individual or company might find themselves under cyber attack. In this game, you’re challenged to dive deep into the mind of the attacker in order to understand that it is a real person with real motives and a keen eye for opportunity.

Nick gave us a test run in our office, and by the end of the game, we were all acutely aware of how we could better protect ourselves and our data.

His games all approach similar attack scenarios from different perspectives. In some games, players step into the attacker’s shoes to theorize specific schemes and tactics. In others, players assume the role of executives, board members, or other figures responsible for enacting security in the workplace.

His method is unique — bringing a customized, in-person experience to every workplace, and giving employees a chance to step out of their normal roles for an exercise that’s as playful as it is informative. We knew the name had to reflect this and therefore stand apart from other cybersecurity names, à la Tanium and Fortinet. The whole idea was to make a seemingly complex threat feel more digestible (and preventable) for the average Joe, so it was important for the name to resonate on a human level.


The Fix:

Play the role
Don’t fall into industry trends
Open vs. closed

When you think security, you think: close it, hide it, lock it up, pull up the drawbridge. But Nick was more interested in openness. Openness sometimes begets vulnerability, but that’s not always a bad thing because vulnerability begets awareness, and ultimately, better practices.

In our name exploration, we kept this idea of openness in mind. We also explored themes related to theater, role-playing, and the feelings of exposure that come with them. By tapping into this unique emotional state, we knew we’d arrive at a name unlike anything else in the space.

Photo by Paul Green via Unsplash

Because this engagement was scoped as a one-round naming project, we also knew that we only had one shot to get it right. This meant presenting a wide tonal range of names, from esoteric to idiomatic, allowing Nick to decide how playful he truly wanted the name to be. After all, his clients would be writing this name on checks. Broad Daylight stood out to him immediately, and for all the right reasons.

Tonally, Broad Daylight struck the right balance between levity and gravity. It’s a well-known idiom, which makes it feel conversational and approachable. It paints a picture of clear visibility, and that’s immediately comforting — most of us feel safer when we can see what’s around us. But at the same time, Nick is here to remind us that cyber attacks often happen in broad daylight, right under our noses.

Photo by Mark Eder via Unsplash

A lot of companies out there are trying to convey trust or security, and that’s nearly impossible to do with a name. Those values are earned over time. But there are ways to evoke those same ideas without screaming them, and Broad Daylight is a prime example. It makes us feel secure and inspires trust at the same time, simply by shedding light on the vulnerabilities we all share.

“Security lurks in the shadows, both in its language and in its imagery. My approach is something different, and A Hundred Monkeys captured this beautifully. Their name structured the visual language of my brand, and distinguished me from the pack. Whenever I introduce my practice to someone, the first thing they say is always, ‘great name!'” – Nick Merrill, Founder of Broad Daylight


+++ broad-daylight.com


More you say?