Introduction
From the way ‘soft skills’ has taken center stage in many professions, you’d think it is a concept that is only around a decade or so. Not so. The history of soft skills goes back to the late sixties/early seventies and is credited to the American armed forces (1). The then army strategists found that while military experts were trained in the use of equipment (read hard, technical skills), they lacked the skills to lead; something deemed very important to their success. The findings were summarized in a US Army training handbook released in the year 1972.
What they are
A good definition, comes from the US Army, which calls them ‘significant job-related qualities that entail little or no interaction with computers (read equipment) and whose use on the job is very broad.’ Also called workplace skills, people skills, or interpersonal skills, these qualities and attributes in team members help get work done and helps meet targets. By their very nature, soft skills involve people working together and collaborating to achieve organizational goals.
Why they are important
One may wonder why technical skills are not enough to get the cybersecurity job done. After all the job requires solving a technical problem involving hardware, software, and system architecture. Forbes (2) however puts the matter in perspective, pointing out that IT just cannot exist in a realm of its own. There is a convergence between IT and business that is too important to downplay.
In what may come as a surprise to many in the field, especially those in recruitment, their article states that IT and cybersecurity exist ‘only as an extension of business’ and are around to ‘help businesses enable applications, offsetting the risk therein so that business can be productive.’ They argue that the number one trait is not being great on working on systems but being able to clearly communicate with the various stakeholders involved in the cybersecurity process.
The top soft skills
Every cybersecurity professional is required to interface with a number of stakeholders. These can include the C-Suite members or the CISO as the case may be, the SOC team, vendors and suppliers, employees from the organization, and lastly, the unseen but omnipresent bad actors, who often constitute the raison-d’etre for the entire cybersecurity effort.
Under these circumstances, it is imperative that he should be able to:
- Communicate clearly at all levels to all stakeholders
- Analyze situations including those with risk implications with a view to suggest or decide on a course of action
- Collaborate with team members, rather than work in a silo
- Be adaptable and flexible to adjust to changes and developments in technology and new attack situations
- Critically evaluate situations, ask the right questions, come up with the right set of assumptions, and move toward the best conclusions
That said however, there are still a number of skills that the cyber professional is required to demonstrate, both as leader and as a team person. These could include:
- Ability to absorb pressure and stay calm in stressful situations, especially in situations of data breach
- The desire to acquire more knowledge that will serve him and the team in good stead. This might pertain to new applications or to garnering more information about cybersecurity lapses or incidents
- A fair degree of curiosity especially with regard to detail, new products and applications
- Teamwork and communication
- A safe and cautious approach factoring in best practice recommendations
- A studied and meticulous approach to work in general
- Sincerity, accountability and ethical behavior covering areas like reporting and exposure
- Leadership qualities
- Creativity and an out-of-the-box thinking approach, when required
- Good time management skills so that targets are met, remediation measures are commenced promptly and compliance mandates are met as stipulated
The role of recruitment
Despite so much being written about the importance of soft skills, they remain largely discounted or ignored. Even recruiters are guilty of this, often asking the question as to what soft skills have to do with a cybersecurity or a software opening. After all, they say, the software programmer or technician will work alone on the equipment or system.
It is a view that could not be more wrong.
Recruiters seem to forget that even cyber specialists work in teams, and though they may have a dedicated responsibility or function, they are still required to collaborate with others to accomplish the set goals.
When you consider how much time is spent on dissecting problems at crucial times, let alone at other times, we realize the role played by soft skills in the persona of the cyber professional.
It is for this reason, that recruiters are now thankfully paying more attention to the ability of aspirants to work in teams, communicate seamlessly, be empathetic, and display a high degree of patience, sharing, resourcefulness, and a positive attitude.
Conclusion
Amongst the most edifying moments in war films – to return to this article’s introduction about the armed forces – is not the adroit handling of sophisticated kill equipment. Rather it is the strategizing, commitment, and teamwork leading up to the attack, and then, in the heat of the battle, the sheer qualities of the squadron leader that exemplify detailing, camaraderie, sacrifice, support, teamwork, and the unflagging thrust for success.
Though hardly ever referred to by that name, these are soft skills for you!
References:
