Soft Skills in Cybersecurity: Communication and Training Are Key

View all blog posts under Articles | View all blog posts under Master's in Cyber Security

Students working toward an MS in Cybersecurity degree will likely learn how to design and implement industry-standard techniques for protecting networks and data. However, like many other IT professions, being hired as a cybersecurity expert requires more than just a high level of technical knowledge. The most successful candidates in this highly sought-after job also know how to effectively communicate with colleagues, how to manage a team, and many more “soft skills” that can be just as challenging as the more technical side of the profession.

Businesses cite demand for more than credentials

It’s no secret that cybersecurity professionals are some of the most in-demand workers in the U.S. right now. However, as IT consultant Sean Martin explained in an article for TechTarget, employers aren’t just having trouble finding people with the right IT knowledge to fill cybersecurity roles. Companies are increasingly reporting a dearth of cybersecurity job applicants who can also work well as team players, who can manage a team effectively, or who even have a full understanding of the legal and ethical ramifications of their responsibilities. “One of the biggest concerns is that college students looking at the IT industry often don’t understand what ‘security’ is,” Martin wrote. “It can be hard to get students interested in information security as the details of what’s truly involved are often missing from the job descriptions they see and read.” Martin also explained that some of the most in-demand roles within the cybersecurity field are those in senior security leadership positions. These roles often require a proven track record as a strong communicator and the ability to plan and execute complex projects. These skills may take time to learn, but they require a solid educational foundation first and foremost.

Soft skills needed in cybersecurity

Understanding and mastering the more subjective aspects of cybersecurity is vital for those working in the field. As explained in an article from the SANS Institute, a cybersecurity research firm, job candidates in the industry tend to have highly technical backgrounds but little training in crucial concepts like:

  • Communication strategies
  • Change management
  • Learning theory
  • Human behavior

These shortcomings have the potential to invite fundamental flaws in developing and implementing a successful cybersecurity strategy in a real-world situation. This is due to the simple fact that behind every malicious string of code or data-theft device is a person with his or her own strengths and weaknesses. Likewise, cybersecurity professionals must be aware of their own abilities and biases if they wish to stay a step ahead of any threat.

What employers are looking for

In an article for CIO Magazine, several cybersecurity industry experts explained what top employers seek in their strongest candidates, beyond what can be gleaned from glancing at a resume. Michael Taylor, a development lead at Rook Security, explained that the best cybersecurity training programs emphasize hands-on learning, particularly when creating and executing a full-fledged security strategy from concept to testing. Cybersecurity professionals should have the ability to:

  • “Think like hackers.” This comes down to being proactive about security instead of just fixing what’s already broken.
  • Understand how to work as part of a team, or as the leader of one. This requires superb interpersonal communication skills.
  • Build strong professional relationships. This may come in handy while preventing fraud through social engineering, where an attacker might pretend to be someone else or trick an employee into exposing a security flaw.

Equally important as understanding what can be done in a cybersecurity role is knowing what can’t or shouldn’t be. There is a tangled framework of laws and regulations that puts limits on digital practices. These laws exist to protect privacy, freedom of speech and copyright and cannot be ignored by someone training to become part of a cybersecurity team. Many businesses also have their own complex set of rules pertaining to all matters of digital security. Job seekers looking to distinguish themselves in the growing pool of IT talent should work to understand the constantly evolving subject of laws in the digital age.

Graduates from leading cybersecurity education programs can be confident that their training will be of interest to employers in the industry. But whether searching for a degree program, completing the coursework or already working in a cybersecurity role, it’s essential not to disregard the importance of non-technical skills. In the end, great communication skills, a commitment to legal and ethical principles, and a knack for creative problem-solving will prove valuable at every step of the way.

Sources:
http://searchsecurity.techtarget.com/feature/Cybersecurity-professionals-Five-ways-to-increase-the-talent-pool
http://www.cio.com/article/3149098/it-skills-training/cybersecurity-skills-aren-t-taught-in-college.html
https://www.sans.org/press/announcement/2015/04/08/1