I recently had the privilege of attending the InfoSec Nashville conference. Note that I am not a techie and that soft skills are critical in my profession. While there were many great sessions at the conference the panel discussion resonated with me – “The Human Factor (Building a Successful Security Team from the Inside Out).” In this session, the panel discussed an age-old challenge and one that is critically important in current times. When we experience new threats and opportunities in the market as we have on the Cyber front, this can create talent gaps, and in this space, the estimate is over 350,000 open cybersecurity positions in the US alone.
This CISO panel nailed it, with their collective approach by looking for relevant soft-skills in nonpractitioners, like people strong in mathematics, engineering, music and perhaps a military background. Data analytic-minded people who welcome opportunities to brainstorm in collaborative team environments are excellent hires. They noted that women do a much better job with security compliance and with communication skills.
This CISO panel further agreed that attending meetings in other departments is highly encouraged to gain a better insight into the entire organizational culture, which also encourages staff to take the security team seriously. Institutional goals from the top should be personally rewarded, and team recognition versus compliance and enforcement are far more effective. Cross-functional experience is encouraged to grow the skillset with the whole team.
It is my observation that if candidates for-hire and advancement would welcome these philosophies, they have a far better chance of landing in an ideal position with a rewarding future.