Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/14/2016
10:30 AM
Todd Thibodeaux
Todd Thibodeaux
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
100%
0%

5 Soft Skills Young Cybersecurity Professionals Need to Get Ahead

Today's employers aren't looking for recruits who can maintain firewalls and mitigate risk. They want well-rounded professionals who can apply security expertise across the business to yield bottom-line results.

It’s no surprise that, among the myriad concentrations that fall under the banner of “IT careers,” cybersecurity looms large. According to CompTIA’s IT Industry Outlook report, information security analyst snagged the number-one spot for IT occupation growth in 2015. At the end of 2014, the number of information security analyst openings stood at around 17,500; a year later, it reached more than 25,000.

For Class of 2016 graduates seeking career paths in this burgeoning field, professional success starts with making sure your skills stand out among the competition. Mastering identity management and device encryption techniques are table stakes for landing a cybersecurity job today. Though technical chops are prerequisites, it’s the soft skills – including communication and a knack for problem-solving – that will differentiate candidates from the pack.

IT has evolved from a back-office function to the main artery that keeps an organization running smoothly. As a result, employers aren’t looking simply for recruits who can maintain firewalls and mitigate risk. They want well-rounded professionals who can apply their security expertise across the business in order to yield bottom-line results.

Here are five in-demand soft skills aspiring cybersecurity gurus need to get ahead:

Skill #1: Strong research and writing instincts: One of the most important tasks enterprise cybersecurity teams take on is policy creation and enforcement. According to recent CompTIA research, 45 percent of hiring managers admit having a key security skills gap around “policy development and implementation” in their organizations. Businesses of any size and industry need some type of security plan that includes end user guidelines, incident response protocol and governance structures. To establish sound policies, cybersecurity staff must be equipped to conduct exhaustive research into industry best practices and work with end users to understand how they use technology on a daily basis – then synthesize those insights into a thoughtful policy.

Skill #2: A teacher’s disposition: Along with crafting policies, cybersecurity pros must be able to educate their colleagues about safe technology habits, and instill an awareness about the risks of poor IT hygiene. A 2015 survey of full-time employees found that almost half don’t receive any sort of cybersecurity training at work – illustrating organizations’ persistent need for internal mentors. To demonstrate even more value to potential employers, cybersecurity job-seekers should highlight their ability to communicate dense, technical information in a palatable way.

Skill #3: Collaboration: In the U.S., 49 percent of business and IT executives rank teamwork as the top soft skill any IT professional should possess, according to CompTIA’s International Technology Adoption and Workforce Trends study. Knowing how to navigate projects and difficult conversations with anyone from the CIO to end users, and even vendors, is an essential trait for cybersecurity workers. More lines of businesses are getting involved in their organizations’ IT decision-making process, and cybersecurity teams must be able to partner with each of them effectively. An inclusive, patient, and open-minded attitude can go a long way when managing major IT security initiatives across teams or office locations.

Skill #4: Consultative thinking: In many ways, cybersecurity professionals (even those who work in-house) have to think like a consultant, whether they’re advising the IT department on a new investment, or helping the accounting team evaluate the security of a cloud-app they plan to adopt. Cybersecurity experts should be able to look at the big picture and ask the right questions of their colleagues and senior management in order to solve real business problems. Rather than operate at a purely tactical level, security staff should know how to layout project plans that their efforts can be executed and measured against (and understand how their work impacts the organization’s bottom-line.)

Skill #5: A passion for learning: To work in cybersecurity, you’ll need to be a lifelong student as much as a teacher. The IT threat landscape is constantly changing: today’s issues run the gamut from advanced persistent threats to phishing and inside vulnerabilities, but the scene could look vastly different months or years from now. As the playing field moves from traditional hardware and software to Internet-enabled devices and the cloud, the nature of cyberattacks against consumers and businesses will evolve. Employers want proactive cybersecurity experts who are always exploring, and finding ways to get ahead of, tomorrow’s biggest challenges.

There is tremendous opportunity for recent graduates who want to break into the cybersecurity space. Remember though: hiring managers will be inundated with resumes and applications overloaded with technical buzzwords. To grab their attention, strike a balance between showcasing your soft skills and your IT pedigree. 

Black Hat USA returns to the Mandalay Bay in Las Vegas July 30 - Aug. 4, 2016. Click for the conference schedule, including a two-day Cybersecurity Summit, and to register.

 

Related Content: 

 

Todd Thibodeaux is the president and chief executive officer of the Computing Technology Industry Association, the leading trade association representing the business interests of the global information technology industry. He is responsible for leading strategy, development ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Todd Thibodeaux
50%
50%
Todd Thibodeaux,
User Rank: Apprentice
6/16/2016 | 12:57:05 PM
Re: Soft Skills
Thanks GonzSTL. The additional insight is apperciated. 
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
6/16/2016 | 11:36:04 AM
Soft Skills
Two things I always tell my students:

1. Companies like to hire geeks to keep their IT infrastructure running, but no one wants to hire a geek with the personality of a door knob.

2. Be prepared to communicate orally and in written form, to convey a message that addresses your audience appropriately. By all means, geek out when talking to your tech colleagues, but also know that when your message should be fit for executive consumption, craft that message accordingly.
AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16349
PUBLISHED: 2019-09-16
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
CVE-2019-16350
PUBLISHED: 2019-09-16
ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c.
CVE-2019-16351
PUBLISHED: 2019-09-16
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.
CVE-2019-16352
PUBLISHED: 2019-09-16
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.
CVE-2016-10967
PUBLISHED: 2019-09-16
The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.