The Soft Side of Cybersecurity Skills

Most people are aware that Cybersecurity professionals are in high demand.

Such professionals are often required to possess a slate of hard, technical skills (or be able to learn them) and know-how that demonstrate their ability to effectively deliver on their job duties. Certifications abound as an objective measure of professionals’ competencies in addressing technical concerns, but measuring soft skills presents more of a challenge.

Photo by Mathew Schwartz on Unsplash

Given the importance of soft skills in enabling a high-performing employee, how would one measure an individual’s soft skills? Subjective measurement criteria for soft skills abound but are mostly flawed for the main reason of their subjectivity. However, they are no less important. Developing one’s soft skills takes an understanding and appreciation of the importance of these skills in enabling effective navigation of the workplace, both for recent college graduates in the workforce, established old-timers and others.

Which soft skills are the most important for a rewarding cybersecurity career?

I will address a few from my previous article which I believe are mostly all-encompassing and absolutely critical in enabling a fulfilling career in cybersecurity.

Analytical Mindset

Photo by h heyerlein on Unsplash

It’s incontestable that a job title that includes “analyst” is going to require an analytical mindset to perform well at it. A cybersecurity analyst is faced with daily scenarios that call for informed decisions. An analytical mindset is indispensable in making sense of the wealth of data and information security professionals deal with on a daily basis. Attending to alerts, logs, reports and dashboards can quickly overwhelm but an analytical mindset can help make sense out of the influx in the most efficient manner. Observing, recognizing patterns, interpreting data and transforming it into useful knowledge all stem from an analytical mindset.

Cybersecurity analysts do not have the luxury of resting on their oars after aggregating information. The ever-changing security landscape and ever-evolving threats means that solutions that worked previously may be outdated and obsolete today. Analysts must continuously seek out and integrate new data, information and insight; brainstorm, hypothesize and on the strength of these, make informed decisions-either following a well-established and laid out course of action, or making use of more innovative solutions, in addition to other options in-between.

The DIKW Pyramid

Raw data received from sources such as sensors have to be processed by a variety of techniques which include filtering, formatting and normalizing. A lot of these tasks have been automated by solutions such as SIEMs (security information and event management) which are employed in some environments. After data becomes information, SIEMs and other automated solutions can help in detecting and presenting patterns. However, the analyst’s insight is always going to be indispensable in helping to differentiate false positives from false negatives, in addition to providing a human context when reviewing the information.

A lot of organizations now maintain subscriptions to threat intelligence feeds that is able to provide information that is industry-specific in a timely fashion. These require the insight of an analytical securities professional to put into context and turn into actionable information. Leveraging the optimized information in the right context means the analyst can develop an ever-growing body of knowledge that is critical for responding to the varied threat actors and campaigns that organizations are faced with on a daily basis.

Finally, having such relevant knowledge that makes the analyst excel at his job can further be refined, developed and optimized to wisdom — wisdom that is relevant to and can be adapted to any security environment, which is an invaluable skill to have.

How can analysts develop an analytical mindset?

• Be observant and pay attention to details, find trends, correlate information
• Develop your research skills and learn continuously
• Question, question and then question some more
• Be a problem solver
• Maintain a repertoire of information, e.g. in a blog
• Find a mentor
• Build your professional network

Communication

Photo by Patrick Fore on Unsplash

Security analysts and teams tend to work alone or in tightly-knit teams, in addition to working remotely. Without a conscious effort to enable effective communication both within teams and between different organizational teams and other stakeholders, there’s a risk that the organization’s security posture will be defective.

Within the unit, effective communication enables a collaborative atmosphere. Whether the analysts are involved in proactive or reactive defensive mechanisms or anything in-between, having sufficient and on-going knowledge and awareness of team-specific information can make the difference in elevating the overall security posture.

Security analysts do not work in isolation. Effective communication is invaluable since the job requires that the analyst be able and willing to liaise with other stakeholders and establish rapport with other departments, such as:

• Senior leadership
• Vendors
• Legal
• HR
• Regulatory bodies
• Public relations
• Law enforcement

Analysts also have to be mindful of their audience when choosing how to communicate. The technical language used within the security team may be adequate to communicate with technical stakeholders such as vendors but will not be suitable in communicating with others non-technical professionals like HR or other employees of the organization. It’s also important to utilize the most appropriate communication method for that particular situation. For example, some issues will be more quickly resolved by a phone call rather than by an email.

To reiterate, the following are some actionable plans towards maintaining an effective communication strategy:

Photo by Tengyart on Unsplash

• Actively listen and strive to understand what message is being passed across
• Educate without arrogance. Break down complex information, use context-aware terminologies and be empathetic to the other party’s limitations and familiarity with your area of expertise. In addition, speak the language of the business and be mindful of using jargon unnecessarily.
• Don’t rely solely on a method of communication — if, for instance, one or two emails do not adequately pass across what you’re trying to communicate, pick up the phone, send an instant message or, if possible, walk over to the other interested party for a face-to-face discussion.
• Develop your awareness of the overall business goals and vision. The security team cannot be divested from organization as a whole. Showing an interest in other units outside of primarily security concerns increases your context awareness and builds rapport that may prove useful at some point.

Adaptability and Flexibility

Photo by davisuko on Unsplash

A Greek philosopher, Heraclitus, said change is the only constant in life.

The ability to be sufficiently flexible and adaptable to changing conditions does not only define successful organizations, but may also means the difference between having a stellar career in Cybersecurity and one that is unrewarding and short-lived.

New attack tactics, techniques and procedures (TTPs) are introduced on a constant basis, making obsolete detection, prevention and mitigating techniques that worked previously. Since threat actors are constantly refining their methods, analysts have no choice but to continue to be adaptable in responding to or preventing attacks according to priorities. In addition, being flexible with job requirements such as the required hours to be put into work may be necessary in some environments that may need the attention of the analysts for threats detected during off-hours.

How can you ensure you are adaptable and flexible enough to thrive at the job?

• Be open to new duties and roles
• Recognize the value of failure and turn it into a learning opportunity
• Develop a strategy to effectively manage stress
• Be open-minded when dealing with challenges
• Know how and when to prioritize important deliverables
• Effective time management
• Develop your emotional intelligence

Achieving high-functional team dynamics is achievable

Building a top-performing team requires all members to leverage their soft skills. Technical, hard skills are crucial in effectively delivering on job duties, and soft skills should also command the same measure of interest and dedication in developing and refining it.

Photo by Windows on Unsplash

Only when both hard and soft skills are similarly appreciated and developed can a team, in general, and the security analyst, in particular, really begin to consistently produce superior results.