Avoid confusion and FUD at all cost
Credibility is something you’re building from the day one to the last day of your career. Even if you’re great industry expert, you still need to build your internal reputation from the ground up by working nicely with people in your organization.
Crucial thing you need to learn is how to weigh your words, especially while talking about severesecurity flaws and vulnerabilities you discovered. You may have great intentions, but if you speak unclear terms and dramatize too much you’ll get the opposite to expected results.
You need to act like a professional, perceived as someone having everything under control, otherwise if you shout too loud and too often people may perceive you as a frustrated guy who doesn’t understand the business and wants to slow everything down to build a fortress.
I get it that most of our initiatives make sense, but people overreact when you have even a little aggressive tone and may start to ignore you going forward. Sometimes it’s even better to slightly underrate the issue you’re reporting so they accept it without anxiety, and once you’ve built credibility as a “smart security leader who knows business and risk management”, you can progressively start being more expressive and authentic.
It’s harsh, but the only practical thing we can do is to adapt. Yes, it means that probably you’ll get less technical work done at the beginning, but building credibility pays off in the long run.
Another truth is that if you make too many mistakes — whether it’s in implementation or by not knowing lots enough and providing false information — people may stop respecting you and your expertise and that’s tough situation to deal with. If someone asks you for help but you have knowledge gaps, be honest about it, learn afterwards and get back to that person with all the details he needed.
Never let your ego try to make things up, because people in our world are smart, they’ll figure you out you’re an imposter and once this happens to you, you’ll have hard time to regain their trust.