Technology infrastructure underlies every business function, from supply chain management to manufacturing and production to marketing. There is no part of a business that doesn’t depend on data and networked communication. Technical expertise is an essential component of cybersecurity leadership, and cybersecurity executives must understand a wide range of technology issues: networking, software development, infrastructure architecture, data analytics, and emerging technologies such as machine and deep learning.
But, while technical skill is necessary, it is not sufficient. Cybersecurity is as human as it is technological. Businesses that base cybersecurity hiring practices on purely technical criteria find that a poor understanding of psychology, social intelligence, and teamwork can hinder the implementation of secure systems and processes.
At TD Madison, we have always understood the importance of personality and soft skills to cybersecurity recruitment: that is, in part, the motivation for our Seven Point Leadership Model. A recent study published in Frontiers of Psychology supports our approach. Future Cybersecurity Workforce: Going Beyond Technical Skills for Successful Cyber Performance shows why it is so important for cybersecurity leaders to be as socially intelligent as they are technically expert.
The complexity of the modern cybersecurity landscape necessitates collaboration. No one can apprehend or manage all of the threats faced by their organization, and threats aren’t siloed in the way expertise can be. Bad actors employ a wide range of social and technical measures. To combat cybercrime and poor security practices, cybersecurity professionals must work effectively when embedded in a team with diverse capabilities.
Technology intersects all areas of a business, and where there is connected technology there are cybersecurity risks. Cybersecurity personnel interacts with technical and non-technical employees, and to do that well they need soft skills, including social intelligence and the ability to collaborate effectively. We often think of cybersecurity as building secure walls of technology to keep data in and criminals out. But, in 2019, social engineering attacks like phishing and spear phishing top the lists of favored attacks. Cybersecurity is as much about managing human risk as writing secure code.
All of this is true of rank-and-file cybersecurity professionals, but it applies even more strongly to executives tasked with cybersecurity. In addition to technical competencies, their role includes many aspects of people management, including policy development, training, and education. As the Future Cybersecurity paper emphasizes, “users are the single most exploitable vulnerability in the areas of cyber defense.” Cybersecurity policy that fails to recognize the importance of the human element is incomplete.
What does that mean for the recruitment of cybersecurity executives? Executives who take a leadership role in their organization’s cybersecurity planning must combine technical and social skills with the ability to think systematically, collaborate effectively, and communicate efficiently.
To learn more about executive recruitment, technical training, and staff augmentation in the cybersecurity space, get in touch with TD Madison’s recruitment team today.