📢 Communicator
Communicator
🎭 Archetype
💪 Strengths
• Stakeholder Management: Coordinating with leadership and teams
• Crisis Communication: Clear messaging during high-stress situations
• Regulatory Compliance: Understanding notification requirements
• Risk Translation: Explaining technical impacts in business terms
🎯 Focus Areas
• Executive and management communication
• User and employee notifications
• External vendor and partner coordination
• Regulatory and legal compliance communication
🎪 Roleplay Tips
• Always consider 'who needs to know?' about developments
• Translate technical details into business impact
• Think about timing and messaging of communications
• Balance transparency with operational security
🎲 Game Modifiers
When You Shine
You’re active from the moment an incident is declared, but your influence peaks at two specific points. In Round 2 (Containment) you face the hardest communication challenge: what do you say right now, to whom, when the situation is still unfolding and the facts aren’t fully established? Getting this wrong – either saying too much or going silent – can cause reputational damage that outlasts the technical incident itself.
In Round 3 (Post-Incident) you drive the regulatory and external-facing work: notification letters, regulatory filings, and board-level summaries. This is where your documentation and stakeholder management skills determine the organisation’s legal and reputational exposure.
The skill that separates a good Communicator from a great one: knowing what not to say. Premature disclosures, speculative statements, and inconsistent messaging all compound the incident. You’re the person who controls the narrative – which means you’re also the person who protects the team from making it worse.
Earning Your Bonuses
- +3 Stakeholder Management:
- “I brief the CISO on the current situation in plain language”
- “I coordinate with legal on whether this triggers notification obligations”
- “I draft a status update for the executive team”
- +2 Crisis Communication:
- “I draft the internal notification to affected staff”
- “I prepare the holding statement for external inquiries”
- “I explain the technical impact in business terms”
- +1 Compliance:
- “I check whether this incident triggers GDPR or sector-specific reporting requirements”
- “I document the notification timeline and decisions for regulatory purposes”
Questions to Drive the Game
“Who in the organisation needs to know about this right now?”
Notification timing can be a legal obligation – delay can constitute a breach of duty. But over-notifying too early causes unnecessary panic. Knowing the difference is the Communicator’s core skill.
“Does the data involved trigger any regulatory notification requirements?”
GDPR, sector-specific regulations, and contractual obligations each carry different timelines and thresholds. Identifying the applicable requirement early gives the team time to respond properly rather than scramble at the deadline.
“What’s the business impact in plain language – how do I explain this to the board?”
Executives need to understand what the incident means for the organisation, what decisions they’re being asked to make, and what you’re asking of them – not the technical details behind those decisions.
“What should we say if journalists or customers start asking questions?”
Having a holding statement ready – even just “we are investigating and will provide updates as the situation develops” – prevents an information vacuum that others will fill with speculation or misinformation.
“Are there contractual notification obligations to customers or partners?”
B2B contracts often include incident notification clauses with specific timelines and scope requirements. Missing them creates a breach of contract on top of the security incident.
Working With Your Team
- Detective gives you the technical facts you translate for leadership – ask them for a plain-language summary of confirmed findings, and push back on jargon before it reaches the board; their precision is your raw material
- Protector provides the containment status you communicate externally – their “X systems isolated, Y services affected” is the operational reality your communications must reflect accurately and consistently
- Crisis Manager sets the response strategy you then communicate downward and outward – stay in lockstep with them; your messaging must align with their decisions, and they need to factor communication constraints into the choices they make
- Threat Hunter gives you attribution and scope for regulatory and executive reporting – confirmed threat actor attribution and campaign scope can change what the organisation is legally required to disclose and to whom
Interaction frequency across a typical 3-round session:
%%{init: {'theme': 'base', 'themeVariables': {'background': 'transparent', 'edgeLabelBackground': 'transparent', 'lineColor': '#6b7280'}, 'flowchart': {'curve': 'basis'}}}%%
graph LR
DET(["🔍 Detective"]):::det -.->|"40% · tech facts"| COM
PRO(["🛡️ Protector"]):::pro -->|"55% · status"| COM
COM(["📢 Communicator"]):::focal <-->|"85% · strategy"| CRI(["⚡ Crisis Manager"]):::cri
THR(["🎯 Threat Hunter"]):::thr -.->|"45% · attribution"| COM
TRK(["📡 Tracker"]):::trk -.->|"30% · data flows"| COM
classDef focal fill:#e8a020,stroke:#b07010,color:#111,font-weight:bold
classDef det fill:#2563eb,stroke:#1d4ed8,color:#fff
classDef pro fill:#16a34a,stroke:#15803d,color:#fff
classDef cri fill:#dc2626,stroke:#b91c1c,color:#fff
classDef thr fill:#ea580c,stroke:#c2410c,color:#fff
classDef trk fill:#0891b2,stroke:#0e7490,color:#fff
Badges
All badges are available to everyone. As Communicator you’ll most naturally contribute to:
- 👤 Human Factor Security Defender Against Social Engineering – awarded for crisis communication, stakeholder management, and user education; translating technical incidents into clear human-language messaging is exactly what this badge measures
- 🏛️ Governance & Compliance Navigator of Regulatory Requirements – awarded for regulatory notification, compliance documentation, and risk reporting; your role owns the notification timeline and the regulatory interface that this badge is built around