Pour out the Acronym Soup - Create Memorable Names

Pour out the Acronym Soup - Create Memorable Names

Pour out the Acronym Soup: Create Memorable Names

Wot Do U Call It? - Wiley

The security industry and naming things…

The challenges when it comes to naming anything is nothing new, it’s hard and not to be underestimated.

The security industry doesn’t have a great track record; names for services, projects and teams can unfortunately span from uninspired to harmful. Don’t get me started on acronyms and initialisms either and their ability to destroy accessibility (here’s a great article on this: Alienating the Audience - How abbreviations Hamper Communication ), anyone I’ve worked with knows my distaste for them as I’ve bored them to death with it. If I see another plus sign or something at the end of an acronym I’m going to scream!

In this post, I’ll share a workshop/framework that our team (Josephine Sulimin, Toby Oxborrow and I) used for coming up with a name that might be helpful for you or others. I’ll tell you about the problem the team had that gave birth to this, and as Kelly Shortridge rightly points out; “cybersecurity isn’t special” , we’re not alone in this naming struggle. Giving anything a name is hard but being intentional is important, words matter.


Just Give it a Name Already

We were planning to launch a security champions program, but we felt “Security” was a massively overused word and we were guaranteed to end up with a horrible acronym if we weren’t careful (The Cisco Security Business Group Security Champions Program - CSBGSCP - 🫠 no thank you!). We wanted a more creative, simple, inviting and memorable name and this helped us brainstorm engaging program names that avoid generic and possibly harmful labels.

Tell Us What You Call It Then

So, you have a new project, program, team or product, woop woop! It’s easy to go for ’tried and tested’ and maybe that’s the best but let’s check that.

Before We Start

  • A Good Name Is A Good Investment - Naming something might seem easy but when you get to it it’s hard, and this process should help to decide if the usual name is right or if there’s something more inspiring you can come up with, and this should be relatively quick.
  • There will be peaks and troughs - Any design process has this. Just know you’ll have peaks of excitement and inspiration and troughs of thinking and going back to the drawing board, this is good. Allow time to sit and think and work on ideas in silence, there doesn’t have to be constant talking or noise.
  • Get inspired - This should be fun! Have plenty of voting and thinking along with visual inspiration. Enjoy it!

Steps

The first thing is a collaboration board, something visual. Use whatever works for you, Miro, LucidChart, draw.io. Grab images, examples, references and colours onto a board and use that for inspiration. I created a free Miro board template that anyone can duplicate and use as they like (you’ll need a Miro account for this). I’ve also added in some rough estimates on time for each section but it’s up to you.

screenshot from a Miro board created to run through the workshop

  • Spend a few minutes discussing the reason the need for a name exists for this project.
  • 5 mins together

  • Make sure you have your audience in mind with every decision and keep coming back to this
  • Who is your audience? Why do they need this?
  • If you have personas GREAT, if not this could be a starter
  • 5 mins together

  • Start with the usual names that are common in the industry.
  • Maybe even list some bad versions of the usual names
  • Now list the feeling you want people to have with this e.g. community, support, safety etc.
  • 30 min together

  • Brain storm some word association here. Quickly say a word and then have someone jump in with another and keep it going
  • Just have some fun, no pressure, this is just ideation
  • 5 mins together

  • Now is the time to throw in the naming ideas you have
  • Think about ways you can link to company/ team vision and missions
  • Nature is great for inspiration
  • 5 mins together

  • OK, you have some ideas, woop! Take a name and think of the bad connotations.
  • Is it exclusive, does it bring to mind something bad or link closely to something recognisable you don’t want to associate with? Do a google search.
  • Pop culture can be funny but it’s mostly exclusive to those that like the thing. For example we thought of calling our champions program league of security legends, this felt fun but we stopped and thought do you need to know the game for this name to be fun? -15 mins together

  • Great, now you’ve thought through reasons a name might not work as you intended, start again.
  • Pick the ones that really worked or come up with new ones, repeat the re-think step as you need with new ones.
  • Build off the name and the related feelings. These can become pillars or catch-phrases for your program later!
  • As long as you need

  • You’ve done it!
  • Put the final chosen name below and add any visual inspiration, catch phrases, tag lines or other pieces around it.
  • Now you can totally take this process and turn it into a presentation to tell teams or others about how you got to where you are! 🎉

Tip

Voting: Throughout the process vote in the group on names and ideas, allow space for someone to say when they may or may not like an option, be kind, be specific, stay open-minded and don’t take it personally, be ready to let your idea go, when you get critical feedback have a look for the root cause.


Bloom - Unleashing a New Era of Security Champions

A picture of a join bloom button that was on an intranet page

After we ran through this ourselves we ended up with a great name for our security champions programs, we chose “Bloom”. Instead of “The Cisco Security Business Group Security Champions Program” (shudder at the thought of the acronym!), we wanted a name that stood out. We wanted something memorable, inspiring, and that reflected the collaborative spirit we aimed to cultivate.

For us Bloom evoked images of growth, learning, and connection, perfectly encapsulating the journey of our Security Champions. It was a name that spoke to the power of a community working together, much like the interconnectedness found in nature’s marvels – bioluminescent organisms or a vast mycelium network.

Forget the tired tropes of security shields and dark figures in hoodies. Bloom signified a positive approach, building security through empowerment and collaboration. It’s a name that reflected our vision for a thriving security culture, and running through this gave us a great jumping-off point for visuals that were fun and engaging too.

Good Luck

Naming things is hard, but a quick session like this can help, especially with the ever-increasing need for clear and intentional naming. The scope and reason for naming are important, this is aimed more at naming projects, teams or even products for example rather than naming servers. There are lots of best practices for naming servers, for example, https://blog.invgate.com/server-naming-conventions , or this old essay from Rob Pike that holds up pretty well still on software complexity that contains bits on naming: https://doc.cat-v.org/bell_labs/pikestyle . Security Engineering by Professor Ross Anderson also has a great chapter on names (mentions Roger Needham’s naming principles), highly recommended!

Tip

Pro Tip: Voting on Names

One thing to mention around voting; sending out a vote to a wide audience can be a way to get ideas, not a final name. Don’t present a list of options and ask for a vote. Instead, limit voting to narrowing down a shortlist created by the core team. I’ve seen endless naming votes that end up with poor outcomes, you get to be the experts and choose the outcome, stand by it, and have reasons.

Reality

Humans love a label and a category, but as they say “the proof is in the pudding”, what you’re offering and doing is the important part. The key here is not to spend month upon month trying to come up with a name but to be considerate and intentional when you name something. “The Eye of Sauron” might sound hilarious but that’s because you love Lord of the Rings, others might hate it or not know what you are on about and now we’re down the exclusion road again.

Toby came up with a great additional consideration; We were already thinking about what words might mean, cultural assumptions or associations within another country but Toby took that a step further and asked how someone in Japan (where he was based) might pronounce the name we chose, I loved that consideration, those kind of thoughts are gems!

Conclusion

In the world of security, it’s all too easy to slap on an uninspired name or sink into acronym soup. But as this blog has shown, taking the time to be intentional and thoughtful with naming works.

Following a process like the 8-step framework outlined here can unlock creative, inclusive, and memorable names that truly resonate. It encourages pushing past the obvious, challenging assumptions, and drawing inspiration from new sources.

Most importantly, it ensures careful consideration of cultural context and avoidance of alienating or offensive language. An engaging name like “Bloom” is much more than fun branding - it represents an empowering vision and celebrates continous learning and connectivness critical for cybersecurity.

Don’t settle for bland, forgettable names that confuse more than clarify. Embrace the creative energy of collaborative ideation and naming, design teams do this all the time and there is space for everyone to engage in this as you launch programs and iniatives. The right name can spark connections, break down silos, and shape your entire narrative. Huge shoutout to Toby Oxborrow, Josephine Sulimin, and Sneha Kokil for making this a fun and engaging process, not just for naming, but for building programs and initiatives that resonate with people.

In a field too often hindered by insular jargon, isn’t that exactly the kind of “bloom” the cybersecurity community deserves?

Related Posts

In Praise of Constraints

In Praise of Constraints

Our digital lives allow for so much sprawl, we get lost, I get lost.

Read More
Outcome Over Output - Measuring Change in Security Education

Outcome Over Output - Measuring Change in Security Education

“100% of employees completed the annual security awareness training 🥳”, “Yay, we are secure 🎊”… 🙃

Read More
Effective Teaching and Learning Techniques for Security Education

Effective Teaching and Learning Techniques for Security Education

Security Education is Changing Traditionally this function has focused on awareness and knowledge transfer, but that has begun to change, thankfully.

Read More