Post cover image

June 13, 2026

Why “Can Your Team Actually Use It?” Is a Security Metric

Most security tool reviews measure features, speed, and price. Here’s the question they all skip.

Accessible Security

3 min read

Most security tool reviews answer the same three questions. What features does it have? How fast is it? What does it cost? Those questions matter. They also skip the one thing that decides whether a tool ever gets used: whether the people on your team can actually work with it, shift after shift, without burning out.

That gap is why I write about accessible security tools. I ask a different question of every product I evaluate, and it turns out that question helps far more people than I first expected.

How I got here shapes everything that follows, so let me start there.

The question most reviews never ask

I've worked in information security for the past eleven years, and I spent decades in IT and DevOps before that. I hold several security and privacy certifications, including the CISSP and the CIPT. Across those roles I've investigated countless tools and solutions.

Every review and every pitch I came across measured the same things: features, speed, price. Nothing looked at cognitive load. Nothing looked at fatigue. Nothing looked at motor accessibility.

So when I sit down with a tool now, I start somewhere else entirely. I ask: Can I actually use this, sustainably, with the way my body and brain work now?

Why that question is personal

A few years ago, things got more complicated. Symptoms of Ataxia started appearing out of the blue. Some of them I manage with medication. My speech declined to the point where I don't talk much with people in general, and not publicly at all.

The narration on my videos uses AI text-to-speech. That technology gave me back a way to share what I've spent a career learning. An accessibility tool is the only reason this work exists at all — which is a useful reminder of what these tools are really for. They aren't a nice-to-have bolted onto the side of "real" software. For some of us, they are the difference between contributing and going silent.

That experience changed how I look at every other tool I touch.

What every security tool review misses

Walk through the usual coverage of any security product and you'll see the same axes graded over and over. Feature checklists. Benchmark numbers. Pricing tiers. All useful, none complete.

Here's what almost no one measures:

  • Cognitive load — how much attention and working memory a tool demands just to operate it.
  • Fatigue — the physical and mental toll of using it for hours, every day, not for a five-minute demo.
  • Motor accessibility — whether you can drive the whole thing without fighting the interface.

These aren't fringe concerns. They're the difference between a tool your team adopts and a tool your team quietly works around.

It isn't only about disability

Here's the part that surprised me. The question of whether you can use a tool sustainably turns out to matter to almost everyone, not just people with a diagnosis.

Think about the analyst three hours into an incident at 2 a.m. Think about an overloaded SOC team triaging more alerts than any group of humans should. Think about anyone, anywhere, fighting tool fatigue at the end of a long week. They all share the same underlying problem I do: a tool that's exhausting to use is a tool that gets abandoned.

Accessibility, it turns out, is just usability taken seriously. Design for the person operating at their limit, and you've designed something better for everyone operating below it.

The accessible security tools rubric

To keep reviews honest and comparable, I score every tool on the same five-part rubric:

  1. Keyboard and CLI navigability — can you operate it without a mouse, and is there a scriptable path for the work you repeat?\
  2. Cognitive load — how much mental effort does routine use actually require?
  3. Fatigue cost — what does extended, day-after-day use cost you physically?
  4. AI augmentation — when a tool leans on AI, does that AI reduce the burden on the person, or add to it?
  5. Accessibility and assistive-tech support — how well does it work with the assistive technology people rely on?

Effectiveness still counts. A tool has to do its job. But effectiveness alone has never been the whole story.

The most effective tool is worthless if your team won't use it.

That sentence is the entire premise. The best scanner, the strongest password manager, the most powerful SIEM — none of it protects anything if the people meant to use it find it too painful and route around it. Adoption is a security control. We just rarely measure it like one.

The AI dimension deserves its own moment, because AI is showing up in nearly every security product now. The promise is that it lightens the load. The reality is mixed. Sometimes it genuinely removes friction. Sometimes it adds a confident, confusing layer you now have to double-check. Part of every review is sorting which is which.

What's coming next

The first head-to-head review takes on something nearly everyone uses: password managers, compared through an accessibility lens rather than the usual feature grid. After that, the direction is partly up to you. If there's a tool you'd like put through the rubric, tell me, and it goes on the list.

Security that works the way you do

The standard way of reviewing security tools isn't wrong. It's just incomplete. Features, speed, and price tell you what a tool can do on paper. Cognitive load, fatigue, and accessibility tell you whether anyone will still be using it in six months.

If AI can give me back a voice, the least I can do is use it to tell you which tools will actually work for the people who have to live with them. If accessible security matters to you or your team, follow along.