How do you articulate complex security risks to non-security stakeholders such as product managers or aerospace engineers?