The talent war that has been waged across sectors in recent years reflects the immense number of opportunities for enterprises to grow in today’s world. While negative market sentiments have increased recently, there are certain industries and professions that are in a much better position to weather the impending storm of economic recession and new regulatory requirements.1 Cybersecurity is one such profession.2 But what makes cybersecurity so uniquely well-equipped to meet new challenges? By examining which qualities make for a good cyberprofessional, the answer becomes clearer.
Analytical Thinkers and Strong Communicators Thrive
A common misconception about cybersecurity is that it is only for highly technical people who have hacked systems and codes to build better, more robust systems. That is not always the case. A cybersecurity professional is, at their core, an analytical person who looks at a problem from multiple points of view and devises an approach to solve the problem. When doing so, they must collaborate with people from different backgrounds and functions to understand the problem in depth and in context. This requires good communication skills, unlike some other technology-heavy roles in which a specification (spec) is provided and the task is strictly to achieve the spec.
[Cybersecurity] requires good communication skills, unlike some other technology-heavy roles in which a spec is provided and the task is strictly to achieve the spec.
Someone could be an analyst, a risk advisor, a banker or a human resources (HR) professional and they could still be considered a cybersecurity professional. Cybersecurity relies on an understanding of human behavior and on contextual transactions in different lines of business. For example, a banker knows the pitfalls of processes when it comes to banking-related operations. They can bring this wealth of knowledge to cybersecurity operations by gaining the right skill set to build their technological capability. Imagine this to be a role where a consultant envisions the strategy and the solution and builds the technological stack required to solve the problem. If one understands the business impact of a set of actions, they can understand how to secure cyberoperations.
A Cyberprofessional Should Be Vigilant
Throughout the years, organizations have become accustomed to doing business in a particular manner: Outsource the functions and manage the strategy. Unfortunately, this passive engagement does not work well in the realm of cybersecurity. As one of the first and foremost lines of defense for an organization, cybersecurity requires enterprises to continuously invest in systems and constantly evaluate rapidly changing scenarios. It is acceptable to outsource certain processes, however, any cyberrisk posed by an external enterprise must be managed by the organization utilizing its services.
The professional life of a cybersecurity professional is similar to that of any other technology professional, only much more interesting. It could be compared to being in law enforcement—keeping existing safety measures in place, but, perhaps more important, finding and neutralizing new threats before they become a menace.
The continuous nature of cybersecurity requires that cyberprofessionals stay vigilant. They should be able to relate security issues to business operations and vice versa.
…But Must Embrace Change
One of the most interesting aspects of cybersecurity that sometimes draws professionals to the field is the fact that technology is always evolving. Cyberprofessionals are typically not stuck using legacy systems with repeated processes; rather, they often work with cutting-edge technology that can grow by leaps and bounds in mere weeks. Someone who enjoys learning and is ready to challenge themselves may find that cybersecurity is the right field for them.
Cyber Is for Everyone
The lowest common denominator of a country or enterprise’s cybersecurity readiness is any individual who is conducting their business or engaging in their lives using connected devices and networks. This definition applies to virtually anyone with a smartphone. Employees and citizens alike have a responsibility to ensure that the infrastructure is not compromised due to phishing, malware or brute force attacks, among others. Each of these attacks originate from the weakest link: a person who clicks on a seemingly harmless link in an email or accesses a seemingly safe website on the organization’s network. Today’s, awareness of cybersecurity measures percolates throughout society, not merely in professional settings, and anyone who wants to become a cybersecurity professional may already have the fundamental awareness required to be one.
Conclusion
Cybersecurity welcomes everyone with open arms. A shift into a cyber career can be part of an impactful journey into helping protect the world around us. If you are willing to be in the journey of continuous learning, being agile to adopt changes and be close to business, then cybersecurity is the place.
Endnotes
1 World Economic Forum, “Global Recession Increasingly Likely as Cost of Living Soars, Say Chief Economists,” 28 September 2022
2 Madnick, S.; “New Cybersecurity Regulations Are Coming. Here’s How to Prepare.,” Harvard Business Review, 29 August 2022
Deepa Seshadri
Is a partner with Deloitte India. She has 25 years of experience in the fields of cyberstrategy and governance, risk and compliance (GRC). Seshadri is passionate about cybersecurity and women in cyber.