Cybersecurity is a technical field. There’s a lot of niche areas to focus on in the field. The range includes compliance, engineering, and operations to name a few. No matter where you focus though, one thing will always be consistent. The need for soft skills.
What do I mean by that?
Soft skills is pretty broad in itself. It’s sometimes about how you work with other people. It’s sometimes about how well you manage your own work. It’s sometimes about how you think, plan, learn, or reflect. You need soft skills no matter your level of seniority and no matter the technical discipline you’re in. You can be more effective in your career if you invest in yourself here.
This article will focus on three key reasons why soft skills matter. Especially in a technical field like cybersecurity.
You’ve likely heard the saying that culture eats strategy for breakfast. Whether you agree that culture is more important than strategy, it's significant. When we’re dealing with people especially, it matters a lot.
The field is filled with memes and guidance that shame users. Shame them for not knowing more about cybersecurity. Or not applying it correctly at exactly the right time.
Picking on someone isn’t a winning formula to convince them to engage with you.
A culture that embraces cybersecurity and engages it is healthy. Security teams can fuel their organization's culture in powerful ways. Be the enabler. This demands soft skills.
Cybersecurity teams often need to work through other teams to get things done. To that end, cybersecurity teams must partner with others to get things done. Partnerships need a certain level of trust between teams. Partnerships must have effective communication. They thrive on shared incentives or goals. Collaboration and priorities coordination is also a necessity in these partnerships.
Investing in soft skills development makes partnerships easier on the whole. Identifying the opportunities and building these partnerships within an organization. Communication, planning, relationship management, and conflict management. Each of these play a foundational role in building strong partnerships.
This work opens up opportunities for security teams to scale. Security teams are so often outnumbered by other delivery teams in an organization. Having strong partnerships enables security work to happen by non-security teams. We need the economy of scale in the barrage of vulnerabilities and risk we face.
Improve Decision Making
Like the point above on partnerships, cybersecurity can’t (or shouldn’t) be done in a vacuum. Decision making definitely falls into this category. Thinking critically and making decisions effectively are not innate skills though. These are learned skills. Honed through practice, experience, feedback, and oftentimes failures.
Any decision you make sets a certain path. This path means that you’re not going down another path (or doing it another way). This leads to lost time as well as more tangible resources.
Making better decisions, no matter your role will always serve you better. It isn’t about finding the right checklist. It isn’t about listening to more people in the process. Decision making is a process. There’s different approaches that are better suited to certain situations.