Skills
skills/hack23/homepage/brand-voice-tone

brand-voice-tone

SKILL.md

Brand Voice & Tone Skill

Purpose

Defines Hack23's brand voice, tone, and messaging standards to ensure consistent, authentic, and effective communication that reflects our transparency values and cybersecurity expertise.

Rules

Brand Voice (Consistent Across All Content)

Core Voice Attributes:

1. Transparent
   - Open about processes, policies, and pricing
   - Share knowledge freely (ISMS, documentation, code)
   - Admit limitations and areas for improvement
   - No hidden agendas or fine print

2. Expert Yet Accessible
   - Deep technical knowledge, explained clearly
   - Avoid unnecessary jargon
   - Use analogies for complex concepts
   - Respect audience intelligence

3. Practical & Action-Oriented
   - Focus on implementable solutions
   - Provide concrete examples and templates
   - Emphasize "how-to" over theory
   - Show don't just tell

4. Confident Without Arrogance
   - 30+ years experience = earned authority
   - Let expertise speak through quality
   - Acknowledge others' contributions
   - Collaborative, not competitive

5. No FUD (Fear, Uncertainty, Doubt)
   - Security through empowerment, not fear
   - Realistic risk assessment, not scaremongering
   - Focus on solutions, not just problems
   - Build confidence, don't undermine it

Tone Variations by Context

Educational Content (Blog, Guides, Documentation):

Tone: Instructive, patient, encouraging
Example: "Let's walk through ISO 27001 implementation step by step. 
Don't worry if this seems complex at first—we'll break it down into 
manageable pieces."

Marketing & Sales (Website, Brochures, Proposals):

Tone: Professional, confident, value-focused
Example: "Hack23 delivers practical cybersecurity that accelerates 
your business, backed by 30 years of hands-on experience and a 
transparent, public ISMS."

Technical Content (Architecture Docs, Code, APIs):

Tone: Precise, detailed, objective
Example: "The authentication module implements JWT-based access 
control with RS256 signing, enforcing 2048-bit minimum key length 
per Cryptography Policy §3.2."

Social Media (LinkedIn, Twitter, GitHub):

Tone: Conversational, engaging, authentic
Example: "Proud to open-source our complete ISMS framework today. 
Transparency isn't just a value—it's how we build trust. Check it 
out: [link]"

Customer Support (Email, Chat, Issues):

Tone: Helpful, empathetic, solution-oriented
Example: "I understand the authentication issue is blocking your 
deployment. Let's troubleshoot this together. Can you share the 
error log from section 4.2?"

Writing Style Guidelines

MUST:

Sentence Structure:
- Use active voice ("We implement security" not "Security is implemented")
- Vary sentence length for readability
- One main idea per sentence
- Start with the most important information

Paragraphs:
- 2-4 sentences per paragraph
- One topic per paragraph
- Use transition words between paragraphs
- Break up long blocks with subheadings

Lists & Formatting:
- Use bullet points for 3+ related items
- Number steps in sequential processes
- Bold key terms on first use
- Use code blocks for technical examples

Clarity:
- Choose simple words over complex ones
- Define acronyms on first use
- Avoid double negatives
- Be specific, not vague

MUST NOT:

- Use FUD tactics or scare language
- Make unsubstantiated claims
- Use excessive buzzwords or jargon
- Write in passive voice habitually
- Create walls of text without breaks
- Use all caps (except acronyms)
- Overuse exclamation points

Messaging Framework

Positioning Statement:

For [Swedish tech companies and regulated organizations] who need 
[practical cybersecurity that doesn't slow innovation], Hack23 is 
[a transparent security consulting firm] that provides [hands-on 
expertise backed by a public ISMS and 30 years of experience], 
unlike [traditional security vendors who use FUD tactics and 
proprietary methods].

Key Messages by Audience:

For CTOs:

Primary: "Integrate security into development without sacrificing velocity"
Supporting:
- DevSecOps patterns that work with your existing tools
- Security automation that fits your CI/CD pipeline
- Architecture guidance from experienced practitioners
- Open documentation you can reference and adapt

For CISOs:

Primary: "Accelerate compliance with proven, transparent frameworks"
Supporting:
- Complete ISMS templates (ISO 27001, NIST, CIS)
- Threat models and security architectures
- Audit-ready documentation and evidence
- Public track record of security excellence

For CEOs:

Primary: "Build customer trust through demonstrable security"
Supporting:
- Compliance that opens market opportunities
- Risk reduction with measurable ROI
- Competitive advantage through transparency
- Brand differentiation in security-conscious markets

Vocabulary & Terminology

Preferred Terms:

✅ Use This          ❌ Not This
- Client            - Customer (for B2B)
- Security expert   - Security guru/ninja
- Framework         - Methodology (too rigid)
- Practical         - Turnkey (oversimplification)
- Transparent       - Open (too vague)
- Implement         - Deploy (for policies/processes)
- Challenge         - Problem (more constructive)
- Opportunity       - Gap (more positive)

Technical Accuracy:

  • MUST use correct technical terms
  • MUST specify versions (ISO 27001:2022, not just ISO 27001)
  • MUST distinguish between standards (ISO 27001 certification vs. NIST CSF adoption)
  • MUST cite sources for data and claims

Brand Language Patterns

Opening Hooks:

Educational:
"Did you know [surprising fact]?"
"Most organizations struggle with [pain point]..."
"Here's a practical approach to [challenge]..."

Thought Leadership:
"The security industry often [common misconception]..."
"After 30 years in cybersecurity, we've learned..."
"Transparency in security isn't just ethical—it's strategic..."

Calls-to-Action:

Strong CTAs:
- "Get your free security assessment"
- "Download our ISO 27001 implementation guide"
- "Schedule a consultation with our team"
- "Explore our public ISMS documentation"

Soft CTAs:
- "Learn more about [topic]"
- "See how we've helped companies like yours"
- "Subscribe for monthly security insights"
- "Join our next webinar on [topic]"

Content Examples by Type

Website Homepage:

# Transparent Cybersecurity for Swedish Organizations

Practical security expertise that doesn't slow innovation. 
We help tech companies and regulated organizations implement 
proven security frameworks, backed by 30 years of experience 
and a completely public ISMS.

[Primary CTA] [Secondary CTA]

---

✅ ISO 27001 | ✅ GDPR | ✅ NIS2 | ✅ DevSecOps

Service Description:

## ISO 27001 ISMS Implementation

Get certified faster with our proven implementation framework, 
complete templates, and hands-on guidance from experienced 
security architects.

**What You Get:**
- Gap analysis and roadmap (2 weeks)
- Policy and procedure templates (ISMS-ready)
- Control implementation guidance
- Internal audit preparation
- Certification readiness review

**Best For:** 
Growing tech companies, SaaS providers, regulated industries

**Timeline:** 3-6 months depending on organization size

**Investment:** [Contact for pricing based on your needs]

Error Message (Technical):

❌ Authentication Failed

We couldn't verify your credentials. This could be because:
- Your session has expired (sign in again)
- Your password was recently changed
- Your account has been locked (contact support)

Need help? Check our troubleshooting guide or contact support.

Inclusive & Accessible Language

MUST:

  • Use gender-neutral language ("they" not "he/she")
  • Provide alt text for images
  • Ensure color contrast meets WCAG 2.1 AA
  • Use plain language for complex topics
  • Support multiple languages where appropriate
  • Consider different experience levels

MUST NOT:

  • Use idioms that don't translate well
  • Assume technical background
  • Use ableist language
  • Make cultural assumptions
  • Use region-specific examples only

Examples

Before/After Rewriting

Before (Too Much FUD):

"Your network is probably compromised right now. Hackers are getting 
more sophisticated every day, and without enterprise-grade security, 
you're an easy target. Don't let your company be the next headline."

After (Hack23 Voice):

"Most organizations have security gaps they're not aware of. We help 
you identify and fix them before they become problems, using proven 
frameworks and practical controls that integrate with your existing 
processes."

Before (Too Technical):

"Our ISMS leverages a defense-in-depth paradigm with layered 
technical controls, organizational procedures, and compensating 
mechanisms per ISO/IEC 27001:2022 Annex A."

After (Accessible Expert):

"Our ISMS uses multiple security layers—technical controls, clear 
procedures, and backup measures—following ISO 27001:2022 standards. 
Think of it like a castle: walls, guards, and contingency plans."

Related Policies

Related Documentation

Voice & Tone Checklist

Before publishing any content:

  • Reflects Hack23's transparent values
  • Demonstrates expertise without arrogance
  • Provides practical, actionable guidance
  • Avoids FUD tactics and fear-mongering
  • Uses appropriate tone for context
  • Follows writing style guidelines
  • Uses preferred vocabulary
  • Includes clear call-to-action
  • Accessible to target audience
  • Fact-checked and properly cited
Weekly Installs
14
Repository
hack23/homepage
GitHub Stars
5
First Seen
14 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode14
gemini-cli14
github-copilot14
amp14
cline14
codex14