Risk caused by digital and cloud integration, and a new generation of hackers with a plethora of resources at their fingertips require more than just tech skills. Here is a list of 10 things that should be part of any cyber security professional’s repertoire.
Today’s rapidly changing threat landscape calls for a more dynamic skill set.
While some businesses understand that information security underpins profit and productivity, most don’t have the bandwidth to secure their organisations alone, and others continually fail to recognise the effects of the innovation they undergo.
Defending against today’s threat landscape requires holistic prowess. However, it is not easy to source individuals that meet the evolving criteria needed to combating threat. This is partly due to a shortage in this skill set, but also because the industry is calling for a more complex, well-rounded approach to the profession.
What are skills and qualities are employers looking for?
Cybersecurity expertise is not based on technical skills alone. In our experience, these are the cyber security qualities that employers are looking for:
1. An understanding of why cybersecurity is important.
In order to become proficient in any occupation, it is critical that you understand the true meaning of your work and this drives why you are doing it. People start a career in cybersecurity for a number of reasons. For example, one reason could be an interest or natural ability in software development – but remember: protecting data and protecting people is foundational to any of the field’s sub-disciplines.
2. Flexibility and creativity.
Any position in this industry requires adaptability. This is the case for whether that may be digital forensics expert, incident responder, or penetration tester. New problems emerge daily and only experts who strive to learn and think outside of the box will successfully tackle these issues.
Independence and critical thinking are key to this field. While collaboration and team-working is a significant aspect of most workplaces, it is also important to be extremely confident in applying your own knowledge and abilities.
4. A good work ethic.
Often times, you are relaying and reporting high-level technical concepts to people that don’t come from a technical background. In order to successfully communicate these subjects to executives, chief financial officers and the like, it is essential that you have great management and consultancy skills. This will allow you to set the directive for managing security issues, while making it an accessible and significant priority for the C-suite.
In the case of penetration testing, you need the ability to turn your report into a tool that the client can actually use and understand, while still preserving all of the intricacies of the process. This requires that you have excellent interpersonal skills, including written and verbal communication skills, strategic planning abilities, and active listening to gauge the client’s needs.
6. Technical expertise.
While we have highlighted the importance of a variety of other proficiencies, this is not to undermine the value of technical certifications in information and cybersecurity. This includes your understanding of IT infrastructure, administration and management of operating systems, network virtualisation, security software development etc.
It is essential to showcase your knowledge but be sure to never spotlight this alone. Remember: you need to show that you are an all-rounder while demonstrating that tech skills are at the core of your skillset.
7. Implementation skills.
A large part of understanding the technology you work with is understanding how to implement and manage it. This means you should be able to take a step back and see how one element of an organisation’s security resources integrates with the security architecture as a whole, as well as which controls should be implemented to uplift security where it is lacking.
8. A desire to make things better.
Following on from the last point, cybersecurity employers are looking for people that are continuously striving to uplift security – both internally and externally. Striving for continual improvement is key to staying ahead of cybercriminals and is a goal that you should work towards in the long-term.
9. Persistence and problem-solving skills.
In order to succeed in infosec, you need to show that you are enthusiastic about problem solving and confronting challenges head-on. This means that you can not only set the directive for projects but are as unrelentling as the cybercriminals and emerging threats you are defending against.
As one of our offensive security consultants says: ‘most accomplished ethical hackers and penetration testers are like a dog with a bone!’
10. A taste for the hunt!
Expertise relies on one’s capacity for growth.
These are just a few things that cybersecurity employers are looking for – it is important to note that as the industry changes and the threat landscape continues to evolve, the skillset of cybersecurity professionals will change too.