How to Write Cybersecurity Content That Smart Audiences Actually Read
Lessons I Took Away From My Conversation With Rachel Levy Sarfin
When I kicked off the Community Spotlight series, I wanted it to feel real. Not polished-for-the-algorithm real. Not vendor-blog real. Real-real.
That’s exactly why my first guest was Rachel Levy Sarfin.
Rachel has worked across cybersecurity, AI, DevOps, and other deeply technical spaces. She came into tech from journalism, and you can feel that influence immediately. She’s curious. She’s skeptical. And she has zero patience for content that exists just to exist.
What followed was one of those conversations where you keep thinking, Yes. More people need to hear this.
Below are the biggest lessons I took away from our conversation. If you write, market, sell, or build in cybersecurity, bookmark this one.
You can watch the original vodcast here 👇
You Don’t “Just Pick Up” Technical Knowledge. You Earn It.
One of the first things Rachel talked about was how she approaches new, complex topics. And it was refreshingly unromantic.
There’s no magic shortcut.
Her process looks like this:
Do your own research first
Learn enough to ask intelligent questions
Then lean on subject matter experts who can explain things clearly
That order matters.
Too many writers skip step one and expect SMEs to do all the thinking for them. That usually ends in frustration on both sides, and content that sounds like it was stitched together from Slack messages.
Rachel made a great point here: your job isn’t to become the expert. Your job is to understand the expert well enough to translate accurately.
That mindset earns trust fast, especially with security teams who are used to being misunderstood.
Long-Form Content Isn’t Dead. Bad Content Is.
At some point, we had to go there. The eternal “nobody reads long-form anymore” debate.
Rachel didn’t hesitate.
People absolutely read long-form content when it does three things:
Speaks to real pain points
Educates without fear-mongering
Helps the reader understand a problem they didn’t fully know how to name yet
That last one is key in cybersecurity.
Good long-form content doesn’t shout “here’s our solution.” It shows the reader that you actually understand what they’re dealing with, often before they’ve fully articulated it themselves.
If your white paper, blog, or guide isn’t getting traction, the issue usually isn’t the format. It’s relevance.
Content Teams Can’t Win Without Leadership Buy-In
This was one of those moments where I wanted to slow-clap.
Rachel talked about how content breaks down inside organizations, and it almost always comes back to leadership.
Here’s what content teams actually need to succeed:
Time and access to subject matter experts
Clear goals tied to the business
Recognition that SMEs aren’t just technical validators, they’re the voice of the customer
Without that, content turns into guesswork. Writers are forced to fill gaps with assumptions. SMEs get annoyed. And leadership wonders why nothing is “moving the needle.”
With alignment, content becomes an asset instead of a chore.
This isn’t a tooling problem. It’s a support problem.
A “Content Process” Is More Than a Publishing Schedule
Another thing Rachel nailed was the difference between doing content and having a content process.
A real process includes:
Clear audience definition
Alignment to business goals
Distinct roles (writer, editor, stakeholder are not the same job)
Flexibility when priorities shift
A plan for distribution, not just creation
Most teams skip at least half of this, then blame the blog when results don’t show up.
Content isn’t busywork. But it becomes busywork fast when nobody owns the why, the who, or the what-happens-next.
AI Is a Tool. It’s Not a Brain.
We also talked about GenAI, because of course we did.
Rachel’s take was practical and honest. She uses AI tools for:
Brainstorming angles
Testing structure
Exploring phrasing
And she very much does not trust them for:
Factual accuracy
Word counts
Anything where nuance actually matters
Her strawberry example still makes me laugh, but the point behind it is serious. AI can assist. It cannot replace human judgment, especially in high-stakes, technical domains like cybersecurity.
If you treat AI like a vending machine, you’ll get vending machine content.
If you treat it like a junior assistant, it can actually help.
The Throughline: Respect the Reader
What tied all of Rachel’s advice together was one simple idea.
Respect your audience.
Assume they’re smart. Assume they’re busy. Assume they can smell nonsense from a mile away.
When you do that, everything else gets easier. The research. The interviews. The writing. The strategy.
This conversation was a reminder of why I started Bootstrap Cyber in the first place. We need more content that bridges the gap between technical reality and business storytelling without insulting either side.
Rachel gets that instinctively.
If you’re writing or leading content in cybersecurity, learn from people like her. It’ll save you time, credibility, and a lot of unnecessary frustration.
If you haven’t watched the full Community Spotlight episode yet, it’s worth your time. And if this blog resonated, you’re exactly the kind of person this series is for.
More conversations like this coming soon.
Learn More About Rachel Levy Sarfin
Rachel Levy Sarfin is a tech and cybersecurity writer with a background in journalism and a knack for translating complex systems into language real people can understand. Her work spans cybersecurity, AI, DevOps, and other highly technical domains, always with a focus on clarity, accuracy, and audience respect.
If you want to explore more of her writing or connect with her directly, here are the best places to do that:
📝 Medium – Thoughtful essays and long-form writing
https://rlevysarfin.medium.com/🌐 Personal site & portfolio – Selected work and professional background
https://rlevysarfin.wixsite.com/rlevsarf💼 LinkedIn – Professional updates, writing, and conversation
https://www.linkedin.com/in/rachellevysarfin/
If you care about good content in technical spaces, Rachel is absolutely worth following.
