TRENDING
acquired , but just as important are soft skills : the ability to prepare , analyse and learn , prevent and protect , adjust and react .
Cybersecurity professionals are mostly seen as young nerds ( usually male ) behind their screens , working away in a dark room as they combat hidden evil forces , dealing all day with complex statistics , numbers and technologies . That ’ s not completely wrong , but it ’ s also not the total reality . The truth is both women and men make excellent cyber professionals . They come from a wide variety of backgrounds and profiles , and any age group , too . It is very important for the future of our industry to shift the perception of the cybersecurity professional to an inclusive image of men and women of all backgrounds . In the long run this is one of the keys to minimising the global cyber talent gap . We must attract applicants from the widest possible pool of talent .
As an example , with so many attacks being based on social engineering , it is necessary to employ psychology , analytical skills , creativity and even cultural awareness to perceive , understand and anticipate these techniques .
As most cybersecurity professionals work within a team framework , communications skills are paramount to efficient operation of the team . But it ’ s more than just communicating or sharing information ; an open mind for input from other team members and the ability to collaborate to achieve team and personal objectives are just as important .
Joe Robertson , Director , Information Security and EMEA CISO , Fortinet
Awareness and concern for privacy , process and or tailor-made proposals could be found in a number of profiles that are rarely considered by recruiters , such as doctors , lawyers or salespeople . If a candidate has a taste for new technologies and an awareness of cybersecurity implications in all areas of everyday life , you have in front of you the perfect profile to evolve in the cybersecurity professions .
And there is quite a varied cybersecurity playground for them to express their skills and creativity . Consider for a moment , grouping personalities into three broad categories :
The explorers : those who prepare the ground , analyse the threat landscape and its evolution and anticipate the best architecture to put in place . They are particularly good in analysis , psychology and communication . They may develop these skills in many personal areas such as puzzles or escape games . A good fit as a job in a cybersecurity environment could be as a security consultant / advisor , security analyst or in the security / compliance office .
The designers : here we find those who define the architecture and make sure it is efficient and accurate , so as to block as many threats as possible , but also to respond and react to attacks . In this category soft skills such as leadership , collaboration and an analytical mind are important . These people may enjoy large tasks with lots of detail and teamwork , such as playing music or making videos . We meet these profiles in jobs such as CISO , security project manager or security architect .
The Builders : the builders are definitely those who are on the ground and minimise the impact of an attack . They show great capabilities in creativity , privacy concerns , psychology and they are level headed . They may enjoy building models or electronics in their personal time . They could easily express their skills as security specialist , security engineer or security administrator .
This simple categorisation is merely an attempt to show that the most represented functions that we see in the cybersecurity sector call on a wide variety of skills . These categories will surely evolve , since the cybersecurity landscape itself is evolving with technology , the growing attack surface and the sophistication of attackers .
And , to be sure , there is also a lot of permeability between the profiles . But the bottom line is that we must raise our sights to focus on more than just technical knowledge .
Considering soft skills as an essential link in filling the cybersecurity professional skills gap is crucial in the recruitment approach , but also in the evolution of talent within the company . Training and certifications are there to provide the essential technical layer but they will never be able to provide the soft skills that are needed to gain an intuitive feel for the threat landscape of today and tomorrow . Identifying candidates with those skills takes sensitivity and flexibility in recruitment and promotion . •
20 INTELLIGENTCIO www . intelligentcio . com