The Power of Mentorship in Cybersecurity: Nurturing Growth, Continuous Learning, and Humility
I was fortunate that my first major job in cybersecurity had a strong mentor program. This was Cigital when it was still heavily focused on deeply technical application security services. We didn't have managers, not outside of a project. To help with career growth, it was all about
From Bits to Bias: Unveiling the Hidden Dangers of Toxic Cyber Cultures
On the Soft Side of Cyber, we've talked about what makes up a strong culture. This is also the final article in our short series on diversity, equity, and inclusion (DEI). We started this series with the different layers of diversity and the benefits of a diverse team.
Part 2 - The Value of Equity in Cybersecurity Teams
Do you consider the team and environment in which you work to be fair? Fairness is the core of what it means to be equitable over equal. Things can be equal without being fair for everyone involved. In this article, I want to unpack this question and provide leaders and
The Feedback Factor: How Effective Feedback Drives Cybersecurity Excellence
Technical skills and knowledge are undoubtedly essential for anyone working in cybersecurity, whether you're a pentester or a SOC analyst, or something else entirely. However, at Soft Side of Cyber, we believe that the true potential of cybersecurity professionals can only be unlocked when they excel in their
From Words to Action: Crafting OKRs and Assembling the Team
Our last two posts in this series have discussed building a cybersecurity strategy and then communicating it to those needing to know. This need to develop a robust cybersecurity strategy is only getting more significant. However, the strategic plan doesn't add value until it is turned into action.
Developing an Effective Strategic Plan for Cybersecurity: Balancing Cybersecurity Risks and Business Goals
Writing a strategic plan is hard work. Writing a good one is very humbling. It's just words on a page, you might tell yourself, but this is the direction-setting document your organization will use to inform its work over the coming months to possibly years. Cybersecurity has become
Dealing with imposter syndrome in cyber
Cybersecurity moves fast. There is enormous demand, and moving up into more senior roles can happen quickly. As a result, we frequently find ourselves in unfamiliar situations, sometimes with intense pressure. I have spoken with so many people in this field about their struggles with feelings of inadequacy. Wikipedia defines
From Good to Great: The 5 Pillars of a High-Performance Cybersecurity Culture
Cybersecurity culture across an organization is a huge determinant of success or failure, failure or resilience. What does culture mean to cybersecurity, though? Is it security awareness? Is it the collaboration between security teams and other functional teams? Is it the willingness of people to report potential security incidents? Maybe
Why Communication is Your Most Undervalued Skill as a Pentester
Throughout my career, I’ve done a lot of penetration tests. You need to know your way around a computer to be good at it. Many technical skills are involved, whether it’s writing some script, developing an exploit, or using tools like Burp or Metasploit. A big part of
Why You Need to Invest in Yourself (And Not Feel Bad About It)
You can't pour out and serve others from an empty cup.
The Challenges of Developing Soft Skills in Cybersecurity
Knowing technical things is a must in this field. It’s a technical discipline. But where do we go to learn about the other non-technical skills needed to be successful in the job?
The importance of soft skills in cybersecurity
Cybersecurity is a technical field. There’s a lot of niche areas to focus on in the field. The range includes compliance, engineering, and operations to name a few. No matter where you focus though, one thing will always be consistent. The need for soft skills.