When people think of the cybersecurity profession, many naturally think of the technical aspect. You certainly need technical proficiency. Many would be surprised to hear, however, that cybersecurity is really a relationship business.
Whether you look at the protected or the protectors, people are the lynchpin. The systems and applications, which cybersecurity teams are charged to protect, didn’t they get there by magic. People designed, built, and operate them.
As well, cybersecurity teams need to depend on people—not tools alone—to prevent and respond to cybersecurity incidents. There is no purely technical solution. At the end of the day relationships, and thus people skills, are vital to successful cybersecurity teams and organizations.
Some would say that people are the weak link in cybersecurity. After all, 91% of cyberattacks begin with people clicking phishing emails. That’s the wrong way of looking at things. Cybersecurity professionals need to partner with the people they protect in order to better enable them to conduct their business.
That requires soft skills, like communication and empathy. It’s difficult for cybersecurity teams to be effective, if the people they’re protecting don’t feel a sense of partnership. Otherwise, the relationship risks becoming adversarial or antagonistic. Cybersecurity teams cannot focus on security for security’s sake. They have to focus on security to enable the business. People skills matter here.
Even within the cybersecurity teams, people will struggle to adequately prevent or respond to cybersecurity incidents without working with others. Strong cybersecurity programs aren’t built on the efforts of individual contributors working alone. They are built on the coordination between teams and effective, ever-improving processes.
Some of the most effective people in a cybersecurity organization are those individuals who can successfully connect people, teams, or processes together. Technical skills are table stakes. Navigating uncertain circumstances takes more. People skills matter here too.
As a career changer getting into cybersecurity, the technical skills may be newer to you. Rest assured that your previously developed soft skills have a place too. While you certainly want to highlight your technical skills on your resume and during interviews, don’t sell your soft skills short. Those soft skills are valuable in cybersecurity and they’re not as common as one would hope. As you pursue your first cybersecurity job, make it clear how your people skills can benefit the organization you seek to join. That would provide added value.