I would suggest: -Show the risk: Use real breach examples and quantify potential damage. -Offer solutions: Present user-friendly DLP tools that minimize disruption. -Cite compliance: Highlight relevant regulations and legal obligations. -Phased approach: Start with the most critical data first. -Leadership buy-in: Encourage the manager to be a security advocate.

You can't treat data like the family dog – you wouldn’t leave it wandering the neighbourhood alone! Obviously you can't command your manager but here's what can work- use relatable examples – how other teams have felt safer and more efficient with stricter protocols. Make it clear that, like a security badge, these measures are for everyone’s good, not just for compliance. This approach creates a relatable context that’s hard to argue against!

I would focus on presenting the risks and benefits of stronger security measures. Drawing from my experience in communication and program management, I would emphasize how data breaches can damage both the organization’s reputation and its operations, using concrete examples to illustrate potential consequences. I would also suggest a collaborative approach by proposing gradual steps toward tighter protocols, making them easy to implement without overwhelming the team. Additionally, I would offer training for all stakeholders to ensure compliance, demonstrating the long-term value of securing sensitive information.

When senior managers resist stricter data protocols, logic, risk, and compliance become your strongest tools. Here’s how I approach it: Highlight Real-World Risks: Share real-life data breach examples and their financial, legal, and reputational fallout. Risks feel more urgent when relatable. Frame It as Risk Avoidance, Not Restriction: Position new protocols as a way to protect them from liability, not as control measures. Showcase Compliance Mandates: Link protocols to industry standards and legal obligations (like GDPR, CCPA) to emphasize non-negotiable requirements. Propose a Pilot Test: Suggest a trial period to prove the benefits of stricter protocols before a full rollout. Risk awareness drives action.