The Confidence-Competence Loop

confidence-competence loopHave you ever felt overwhelmed by new tasks or challenges? Many of us have. The result is a lack of confidence that can carry over to how we perform in certain areas of life. Whether it is at work or in our relationships, our lack of confidence can be detrimental.

Intuitively, we perceive a correlation between our level of confidence in something and how well can perform the specific action. Competence lies at the other end of confidence. Or, does it?

There is indeed a correlation between confidence and competence. However, it is not an A-to-B correlation. In reality, these two conditions reciprocally lead to each other. In other words, competence breeds confidence. Conversely, confidence creates competence.

This loop can go on ad infinitum. If you wish to learn more about this loop and, ideally, improve in many areas of life, keep reading!

What is Confidence?

It is best to be clear on what we mean by confidence first. According to the Oxford Dictionary, there are two definitions of confidence.

The first definition involves certainty. More specifically, the Oxford Dictionary defines confidence as being a state of certainty about a fact or event. In common day terminology, it is simply the psychological state of being sure of something in general.

The second definition encompasses the first but touches on self-assurance. Confidence can also be understood as a sense of assurance or certainty about one’s abilities or qualities. It is under this definition that we can talk about the concept of self-confidence.

If we are to incorporate the two definitions together, we will get a better definition of confidence. At their very core, both definitions include certainty. For the purpose of our discussion, we can think of confidence as a psychological state of assurance in our abilities and qualities.

What is Competence?

There is really only one way to understand or perceive the concept of competence. The Oxford Dictionary defines competence as one’s available skill to complete a task.

The completion of the task needs to result in success. The result may also be other desirable outcomes like compromise or efficiency. In short, it is one’s capacity to do something and do it well.

A more psychological and human-resource-specific definition would add the condition of observability to the above definition. Competence in these contexts is the ability to complete tasks successfully. These tasks and the results need to be observable or measurable.

What is the Loop between Confidence and Competence?

Intuitively, we are aware of the correlation between confidence and competence. However, for the most part, what we recognize is how confidence carries over to our ability to perform tasks successfully. In other words, we know that confidence leads to competence. This is a widely accepted concept.

In truth, the relationship between confidence and competence is not a one-way correlation. Many studies are confirming that things can go the other way around. In other words, competence or repeatedly doing something successfully can lead to increased confidence in most individuals.

The loop can be summarized in this way:

Either you believe you can complete a task and do it or you do it repeatedly, become successful, and believe you can complete a task.

The dynamic becomes a perpetual cycle — one in which you want to be involved. In this video, a summary of the loop is provided along with the correlation between confidence and competence.

How was the Confidence-Competence Loop Discovered?

It is challenging to find information about where the concept started. However, if you try to look the concept up online, numerous sources would attribute their knowledge of the loop to one book.

Sometime in the 1990s, Susan Jeffers published “Feel Fear and Do It Anyway”. In the book, she pointed out several techniques to overcome paralysis from feeling fear. According to Jeffers, fear is not the problem since many have achieved remarkable feats despite feeling fear.

According to her, we need to believe in our capacity to live past failure. To her, success comes once we have developed the psychological muscle for experiencing failure and shrugging it off. By performing actions and failing, we become more resilient. With resilience comes a predisposition to accept challenges and develop confidence.

The book served as one of the earliest inspirations for doing tasks repeatedly to develop an ability to perform them successfully later on.

How Can Knowing About the Confidence-Competence Loop Help Us with Leadership?

Being in a position of leadership provides an opportunity to instill confidence and improve competence. It is probably the main job description, barring other contractual obligations that go with the job.

The loop can aid us individually and how we go about improving the performance of the people we lead.

Individually, the loop reinforces the idea that nobody improves with avoidance. As leaders, we face novel challenges. To overcome the fear that comes with unfamiliarity and discomfort, we need to develop confidence. Developing confidence requires repetition and repeated success — no matter the size.

This is a lesson we can apply in the workplace to the people we lead. As leaders, it is our responsibility to provide opportunities for repeated tasks. The result will be employees who do not fear failure and master skills. This in turn results in confidence.

Two Examples of the Loop in Action

Either condition involved in the loop can be a prerequisite or a result. In no other area is the loop more discussed than in the realm of athletics.

Example #1. Ivan Abajaev

We see the loop in action with Olympic weightlifters who practice technical lifts day in and day out. More than developing the technique and strength necessary for the snatch and clean and jerk, they develop the ability to complete these lifts.

By repeatedly and successfully performing these lifts in the weight room, weightlifters develop more confidence. Arguably, the perfect example of a coach who put the confidence-competence loop into practice was Ivan Abajaev.

Ivan Abajaev was the coach for the Bulgarian national weightlifting team. His training system was famous for creating weightlifters who barely fail lifts. He achieved these results through frequency.

His training program required athletes to perform the main lifts — the snatch and the clean and jerk — on a near-daily basis. In addition, he has another condition for all of his athletes. The condition is that they should not miss or fail any lifts.

To Ivan Abajaev, athletes need to practice. The practice serves two purposes — to train a skill and to instill assurance in performing the skill successfully.

Ivan Abajaev’s reason for banning failed lifts stems from the idea that failure disrupts assurance. And, self-assurance or confidence can diminish athletic performance. This is especially true for sports with the same technical requirements as Olympic weightlifting.

Example #2. Pavel Tsatsouline

Pavel Tsatsouline is a Russian-born fitness expert credited for the kettlebell’s popularity in the West. If you visit a gym and see so many kettlebells lying around, you have him to thank for that.

Pavel Tsatsouline continues to certify fitness professionals in kettlebell training and strength and conditioning. Central to his concept is something he terms as “Greasing the Groove”. Greasing the Groove or GTG is a way to work towards a skill one wishes to develop. The method relies upon performing easy regressions of a certain skill to gain mastery of it.

The keyword is “easy”. This means the skill needs to be performed by someone who is not in a state of fatigue — a far cry from how athletes in the West regularly trained.

For example, if a person wishes to do 10 pullups unbroken, he or she would have to perform one to two pull-ups every day. Indeed, this is easier.

However, because the risk of success is high, a person gets practice time and develops confidence in the movement. Later on, the person develops enough strength and muscle memory to perform the 10 pullups. This then leads to more confidence in performing 10 pullups again on another day.

Key Takeaways

Confidence and competence are not just two sides of the performance coin. They are more like the heart and lungs that share a codependent correlation.

Ultimately, the confidence and competence loop allows us to experience more success with each accomplishment. Competence develops with repetition and success. With repeated success comes a sense of certainty in one’s abilities.

Adapting in Cybersecurity: Why Agility Matters

adaptibleAdaptability and agility were the themes of 2020. Businesses had to make quick decisions to be flexible in a world of uncertainty. Both of these ideas apply to cybersecurity, but they are the result of the pandemic. Adapting in cybersecurity and being agile have long been hallmarks of the field. After all, there’s always a new threat or risk, so the industry is certainly not static.

In this post, I’ll offer some insight on cybersecurity adaptability and agility that I express in my book, The Smartest Person in the Room. Consider it a primer for reading it in its entirety. Hopefully, you’ll take away from it some ideas and strategies for being adaptable and agile in cybersecurity.

Nothing Is Certain, But Uncertainty

There is a lot of uncertainty in cybersecurity, but that doesn’t mean you can’t adapt. Uncertainty, however, is sometimes challenging for technical folks. They always long to know the answer, but that’s not the reality of cybersecurity. Being fearful of uncertainty is a fixed mindset feeling. Whereas embracing it is how a growth mindset interprets it.

Embracing uncertainty doesn’t mean leaving things to chance or being carefree about it. Life is full of uncertainty; it’s the only thing we can be certain of and rely on. What it sets up is a perspective to be flexible and adaptable to change.

Since we can only be certain of uncertainty, this can cause fear, denial, and more for cybersecurity professionals. But the ability to adapt isn’t just good to have. It’s imperative. There’s a reason why adaptations occur in the biological world—it’s adapt or die. And that holds true in the world of cybersecurity. Either your team can be nimble and evolve, or it will be impossible to keep data and networks secure.

People Are Conditioned to Believe Certainty Is Attainable

From a young age, we are conditioned to think that certainty is the standard and that we should only follow specific paths. Thankfully, many people take the other courses, fueling innovation and proving that adaptability is a crucial trait to have as a person and a professional.

Each of us only has the present. What happens tomorrow is sometimes out of our hands, no matter how long we prepare. The same is true in cybersecurity. You can have a team of talented people with experience and education, but that doesn’t mean they’ll know the newest threat a cybercriminal attempts.

Cyber attacks happen constantly. Those who deploy them are relentless. They are adaptable and agile in the face of cybersecurity protection. Thus, your internal team has to mimic those same characteristics, realizing that uncertainty is actually the norm. It takes a long time to implement this change and earn improvements. We must all let go of the fallacy that if we don’t achieve on the first try, it’s simply not achievable or worth further effort.

Uncertainty Is Part of Improvement

To become proficient at a skill, you have to hit improvements along the way. You won’t hit mastery without incremental improvements, and those are full of uncertainty. Failures are opportunities to grow and learn. If your team is too fearful of failure to innovate its cybersecurity framework, they’ll never improve. They will remain in that valley, and cybercriminals will keep getting better and smarter.

It goes back to embracing a growth mindset of persistence and perseverance. Very few life-changing inventions went right the first time or the hundredth time. You often must get worse before you get better at something, but technical folks who struggle with always wanting to know everything aren’t going to get over the humps. They’ll stop and convert to old ways. That’s harmful to their professional and personal growth. It also puts your data and networks at risk.

Why You Need to Adapt People, Processes, and Strategies

Let’s get honest about adaptability in cybersecurity, looking at people, processes, and strategies. People are the hardest to adapt. Those people set the processes and strategies. So, you must work on the people first, and technical people are often some of the hardest cases.

It requires altering behavior. The idea of behavioral flexibility, which I cover in my book, is that people can alter behaviors to match a situation. Cybersecurity is dynamic and ever-changing, so change can be at a rapid pace. So how can you adapt people?

  • Communicate differently: Leaders should embody empathy in communication regarding the struggles of black-and-white, ones and zeroes professionals. A good tip is to avoid the word why and to lead with what and how.
  • Develop employee’s soft skills: People skills are imperative to adaptability. Focusing on developing and fostering these will be beneficial.
  • Value reflection: You and your team can learn a lot from reflecting on a specific issue and incident. On the one hand, you can forensically break it down to the facts. Additionally, there are the more abstract aspects like feelings and motivations.
  • Encourage flexibility in thinking: Achieving a robust cybersecurity position doesn’t occur with rigid thinking. New problems arise all the time that don’t fit the mold. If you urge for flexibility in cracking them, you’re likely to come up with better solutions.
  • Keep learning alive: Your technical team may have cybersecurity certifications and college degrees. Those don’t, however, mean a lot in the real-world. That material can quickly become obsolete, so creating a culture of knowledge and learning is good for all. If you have people resisting this, that’s likely a red flag. You can address that with them individually and make the decision together if they can commit to adaptability.

If your people can grow and change, realizing the advantages of adaptability, they’ll then be able to work on processes and strategies. These should always be flexible because what works today may be obsolete tomorrow.

Why Agility Matters in Cybersecurity

Adaptability and agility aren’t the same things, but they have the same roots. Agility is more about being nimble with your cybersecurity operations. It’s something you can’t do without the assurance that you are adaptable.

Agility means you can pivot when things change. Everyone shifted a lot in the last year, as more pressure was put on digital channels and assets. That demand also meant a rise in cybersecurity attacks. When the industry turns, so do the criminals that want to steal data and cause havoc.

The key is to be able to make that turn as well. One of the most critical areas to do this is your cybersecurity framework. If it’s overly complex, agility is going to be hard to master. It’s certainly an area ripe for reform, and it’s the core of processes and strategies. If you can simplify and demystify the cybersecurity framework. Doing so can set you squarely on the path to embracing uncertainty.

How Can You and Your Cybersecurity Team Embrace Uncertainty?

We’ll never win the cybersecurity war without embracing uncertainty. Staying in familiar and comfortable mindsets and positions gets you bested every day by cybercriminals. Technical folks often struggle with people skills, which is very integral to the uncertainty conversation. If they avoid it in their personal life, why do they get into a field where it’s abundant?

The uncertainty they encounter is technical, so to them, there’s a logical answer. In the world of technology, computers are consistent. They respond the same way nine times out of 10. People, however, are inconsistent. Cybersecurity brings technology and people together. That’s a balance that errs on the side of uncertainty.

What people do with technology is the real crux of uncertainty in cybersecurity. You and your team will never have full visibility or awareness of every move of cybercriminals. The point is to evolve as they evolve.

One of the best ways to do this is to practice kaizen, the last tenet of my Secure Methodology. By following kaizen, you and your team can learn to embrace uncertainty to make improvements. In this way, you use it for moving forward, not standing still. You can learn more about kaizen and the other steps of the Secure Methodology in my book.

Adapting in Cybersecurity: Uncertainty Isn’t the Enemy

You don’t know what you don’t know, right? That can create a cloud of uncertainty, which can either overshadow or illuminate your cybersecurity operations. You’ll be in a much better position if it’s the latter. Getting there will take work and commitment, but it’s possible. Explore adapting in cybersecurity in The Smartest Person in the Room.