fbpx

secure methodology

What Is Threat Intelligence, and Why Is It Important in Supporting Your Cyber Team?

threat intelligenceThreat intelligence offers a unique approach to cybersecurity in the 21st century. It provides visibility and helps eliminate blind spots across the threat landscape. Cyber professionals still have to wear their “detective” hats to pull together insights, but they now have a better map to use.

You’ll be able to observe cybercriminals and understand their attack strategies with this clear understanding of their capabilities. That’s the opportunity, but you may not be getting the full value of threat intelligence in your organization. Its outcomes range, with some businesses heralding it while others feel overwhelmed by it.

In this post, we’ll review what threat intelligence is, its current impact, and what it all means to your cyber team.

What Is Threat Intelligence?

Threat intelligence describes the activities of collecting, processing, and analyzing data to understand a cyber criminal’s motives, targets, and attack behaviors. It should empower an organization to make quicker, more informed, data-driven security decisions. It can also help change your position to be more proactive than reactive.

There are three areas of threat intelligence:

  • Tactical: This segment focuses on malware analysis and enrichment and examines threat indicators around your cyber defenses.
  • Operational: This category covers understanding the capabilities, infrastructure, and techniques of threat actors and leveraging them to conduct more targeted cyber operations.
  • Strategic: This classification involves a high-level understanding of trends and motives and then using it to improve your strategy and decision-making.

Why Does Threat Intelligence Matter?

Cyberattacks are constant and unrelenting. They are always in a state of growth and flux, with new attack methods springing up every day. Your good guys are constantly at war with hackers, and threat intelligence gives you an edge.

It can play an essential role in cybersecurity, including:

  • Offering information on the unknown, which much of the cyber landscape is, to support better decisions
  • Empowering cyber stakeholders to uncover the motives of threat actors and the tactics, techniques, and procedures they use
  • Ensuring cyber professionals are aware of the perspective and motivations behind hacker decision-making
  • Providing essential information to the business side of a company, so they invest in cybersecurity and mitigate risk

When you use threat intelligence, you can tailor your defenses, which builds cyber resilience. While many see its value, it’s not as easy to realize it. Most cyber teams are still at the basic level, such as integrating data feeds related to threats into existing networks, firewalls, IPS (intrusion prevention systems), and SIEM (security information and event management).

What do those using it actually experience?

How Are Organizations Using Threat Intelligence?

In a recent cyber risk survey, professionals had differing views of threat intelligence. Many stated it’s a significant support for cyber resilience, enabling them to be more proactive. Its other positive reviews include its ability to deliver insights and visibility. It allows greater awareness of the mind of a hacker, enabling cyber professionals to know what to look for in the threat landscape.

This sentiment wasn’t echoed by everyone. Other companies said it overwhelmed their team with all the alerts. Some also indicated that it produced failures in managing third-party risk.

Overall, a thread throughout respondents was that adapting is key to outmaneuvering threat actors. This approach requires several things, including:

  • Automating some parts of threat detection
  • Collecting more data about threats for human analysis
  • Investing in tools and technology to support threat intelligence and integrating them into the enterprise
  • Improving the soft skills of cyber professionals so they can effectively communicate the intelligence and act on it

These varied viewpoints put into focus where the opportunities and challenges are.

The Opportunities and Challenges of Threat Intelligence

In evaluating the current use cases and value of threat intelligence, you have to account for the possibilities and the problems. Let’s look at those:

How You Use Data Determines Its Value

Most threat intelligence data comes from internal network traffic, not external sources like the dark web. As a result, its value often aligns with two areas of cybersecurity — improving incident response and internal awareness.

Those are critical areas of your strategy and demonstrate the ability to be proactive. Enhancing your plans for reacting to threats fits in this category. The actual response is not, so the benefit is being more prepared.

With internal awareness, you are using the data to predict where threat actors will attack. How your technical folks use it could be the problem. In general terms, those in the field lack awareness of themselves and others. They have narrow perspectives and think in ones and zeros. The most technically adept cyber professional can still falter here because they aren’t adapting their mindset to align with what hackers are doing right now. Thus, you have to help them develop awareness for this intelligence to be actionable.

Automating Threat Intelligence Reduces Manual Work, But Human Analysis Is Still Necessary

There are lots of great systems that can automate threat detection and respond to it. It’s an early warning tool that puts less strain on your team, which may already be short-staffed. These tools are helpful and practical, but you still need human intelligence for analysis and improvement of strategies.

This is going to require communication and collaboration inside your team and with other parties. For the analysis to be valuable, people have to think critically and creatively about the threat landscape. It’s not just a technical assessment of the information.

Threat Intelligence Offers a Better Way to Update Your Playbook

The policies, protocols, and strategies of cybersecurity reside in your playbook. It’s a fluid document that evolves as threats and risks do. What you learn from threat intelligence has a big impact on this playbook.

When your playbook goes through these updates, you also have to change the behavior of your people in relation to them. Change is hard for anyone or any organization. It may be even more difficult for technical folks. They like to keep things the same because it’s comfortable and gives them a better sense of control. Mindsets like these don’t help you manage risks and threats, so more development needs to happen in your people to align with what you get from threat intelligence.

In reviewing these components, you can see that threat intelligence is more than data, monitoring, and analysis. The human element is critical for it to really move your cyber operations forward. Developing specific attributes and abilities in the realm of people skills is just as necessary as implementing tools and technology.

As a result of this complex ecosystem, you can improve on the people part with the Secure Methodology™. It’s a seven-step program I developed to help cyber leaders do just that.

Threat Intelligence and the Secure Methodology

Having more data and information in cybersecurity doesn’t automatically mean it’s usable, practical, or seen as valuable. Technical people don’t deny data and its insights, but they can overlook them based on their own biases and fears. The Secure Methodology offers a way to overcome those. Here’s a quick introduction to the seven steps, which are the central theme in my book, The Smartest Person in the Room:

  • Awareness: I mentioned awareness earlier and its importance in threat intelligence. It’s where the Secure Methodology begins, with the objective of opening people up to new perspectives, including those of cybercriminals. You can do this by coaching your people in a personalized way by understanding their motivations.
  • Mindset: Next is mindset, which is also very critical. You want to assist people in expanding their mindset from one that’s fixed to one that’s growing. Your people have to break outside of the black-and-white thinking that doesn’t allow for new ideas. The Secure Methodology offers exercises on reflection and accountability to foster this shift.
  • Acknowledgment: In this phase, you must rethink how you acknowledge the work of your team (or start if you don’t do it at all). When you do this outwardly in response to how someone took intelligence and made a difference, it demonstrates to everyone that this is a means to an end. It also builds rapport and trust.
  • Communication: Transforming technical people into better communicators isn’t easy, but it is always necessary. Open and transparent communication regarding threat intelligence is essential for it to be usable to deter hackers and thwart attacks.
  • Monotasking: We are an industry of multitasking, but it’s not always a great way to be productive. Instead, encourage team members that while they are assessing threat intelligence, they should do only that and not be distracted, which triggers more critical thinking.
  • Empathy: Step six refers to others being able to put themselves in the place of others. It aligns with all the stages before it and is crucial in deciphering and acting on threat intelligence. Your people have to think like hackers.
  • Kaizen: The final stage is a Japanese term that translates to “continuous improvement.” It’s a step that never ends because cybersecurity will always need to evolve, and threat intelligence is a key driver for continuous adaptation.

By applying the Secure Methodology, your organization can derive more value from threat intelligence, leading to better defenses. Get started today by reading my book and exploring the Secure Methodology course.

How to Upskill Cybersecurity Job Candidates to Transform Them Into High-Performers and Excellent Communicators

cybersecurity trainingThe cybersecurity workforce landscape is at a serious threat level. Millions of jobs are unfilled, and most companies state they can’t find qualified cybersecurity job candidates. If we continue on this trajectory, risks will rise and jeopardize the data and networks of thousands of businesses.

As an industry, we must change how we hire, recruit, and develop cybersecurity talent. Expanding how you consider someone qualified is a necessary step. Seeing the potential in someone who doesn’t necessarily check all the boxes is one way to address the shortage. For this to work long-term, upskilling must be a part of your employee development strategy.

This upskilling includes hard and soft skills because cyber job candidates need both to thrive. Let’s review the current cybersecurity workforce challenges, the facts about the skills gap, and how to upskill new hires.

Cybersecurity Workforce Challenges

Cybersecurity job growth is a bright spot in the tech industry, with many opportunities for someone to have a career that pays a good wage and is in demand. However, the field is currently experiencing significant shortages.

According to the (ISC)2 2022 Cybersecurity Workforce Study, the global cybersecurity workforce grew to over 4.6 million, which is an 11.1% year-over-year increase. Unfortunately, 3.4 million jobs remain empty. As a result, many companies and cyber firms are operating without enough people, which can directly impact risk.

So, why is the industry struggling with recruitment and retention? It’s a complicated ecosystem, so there’s no easy answer. The cybersecurity workforce shortage is the result of several trends and occurrences, including:

  • The cyber threat landscape is rapidly expanding, driving the demand for cyber professionals in all industries and businesses. In part, this is a supply and demand issue.
  • People leave the industry due to burnout. It’s a common problem in a high-stress environment, and most organizations aren’t doing enough to mitigate this. Without proper staffing, people have to do more work, which increases the feeling of burnout.
  • Younger generations aren’t choosing cybersecurity as a career. Only 12% of the cybersecurity workforce is 34 or younger. The industry needs to find ways to connect with students to attract new people into the field.
  • Many organizations place too much emphasis on degrees and certifications, which often don’t correlate to having the right abilities, aptitudes, and attitudes. As a result, companies reject those who could be a better fit but need some upskilling.

If the industry remains on this path, the shortages will only worsen. Intervention is necessary for the entire community. What you can do to ensure your data and networks remain under protection is to focus back on skills-based hiring.

The Cybersecurity Skills Gap

We can’t talk about the labor shortage without addressing the cybersecurity skills gap. It would be great if every cybersecurity job candidate had years of experience and an array of skills. However, cyber leaders agree that a skills gap exists. According to the same workforce study cited above, 55% of hiring managers say applicants don’t meet the criteria of being qualified. The deficit here includes:

  • Hands-on training and experience
  • Credentials
  • Degrees
  • Recommendations

These things don’t always indicate that the person can do the job. The same study also looked at specific skills with gaps, which are the ones that matter in terms of upskilling. The skills in demand and often lacking are:

  • Soft skills (e.g., communication, leadership, adaptability)
  • Cloud computing
  • Security controls (e.g., network, application, endpoint, implementation)
  • Coding skills
  • Software development-related topics (e.g., machine code, testing, languages, deployment)
  • Data-related topics (e.g., characteristics, collection, classification, processing, structure)
  • Network-related topics (e.g., architecture, networking components)
  • Pattern analysis
  • System hardening
  • Computing devices (e.g., software, hardware, file systems)

It’s a mix of soft and hard skills, but the latter was at the top of the list. It’s possible to develop both of these in an individual who has the desire to learn and evolve. Those abilities aren’t always apparent in technical folks. However, if they are willing and have a good foundation to start from, upskilling can be the key to keeping great people long-term and continuously improving.

So, what’s the upskilling plan?

Building an Upskilling Plan for Cybersecurity Job Candidates

The first part of the plan should start with a clean slate of qualifications. Define what is imperative and what someone can learn over time. Get to the root of what makes someone a good cyber professional and what attributes they should possess.

In upskilling, you’ll have two paths — technical and soft skill development.

Addressing Technical Upskilling

In looking back at the list of skills above, those in the technical category are pretty standard. That’s a good starting point, but you should also consider the future and add training around AI tools and use cases. The curriculum will evolve as the threat landscape does.

How will they learn these skills? You need to create a learning environment for employees. This can include hands-on training internally, certification classes that you determine as high-quality, and other resources. Making continuing skill development part of your recruitment and retention strategy can attract people to your company and ensure you keep high-performers.

The other part of this is soft skills, and the plan to develop these in technical folks can be more demanding and challenging.

Improving Soft Skills in Cybersecurity

Soft skill development is a path that requires commitment and consistency. It’s about behavior change, and there can be many growing pains. First and foremost, you want to find cybersecurity job candidates who are open to this. Sometimes that might not be obvious until you have a few conversations and try to understand what motivates them and if they can handle flexibility.

Transforming anyone into a better communicator and collaborator isn’t easy. With technical folks, it can be harder, as they often have fixed mindsets, see things as black-and-white, and believe they know all the answers. These people could have impressive technical prowess, but these attitudes won’t fit into a healthy culture where everyone is open and transparent. Are they lost causes? No, but again, they must want to change.

You can drive this change with guidance from the Secure Methodology™. It’s a seven-step process that I developed because of the soft skill deficiency and recognizing its value in creating and maintaining a strong cybersecurity posture.

The Secure Methodology: The Framework for Soft Upskilling

Here’s a preview of each step and how you can leverage it to improve the soft skills of technical people:

Awareness

The guide starts with awareness, with the objective of being mindful of the self and others. When this is missing, people don’t see or understand how their behavior affects others. If this is rampant in a culture, conflict and resentment build. With exercises on reflection and perspective, people can get to a state of awareness that improves how they interact with others.

Mindset

Mindset is crucial in soft skills, and every person on your team needs an open one. A person cannot change without it. Key to this is defining someone’s motivations and why they respond as they do. In this step, the 7 Levels Deep Exercise is a good foundation.

Acknowledgment

The third step is acknowledgment. There are several layers to this step. First, it encompasses feedback and its value to cyber professionals. Your staff wants to hear from you about accomplishments and how they are helping the organization. Not all feedback will be positive, and accountability matters, but you should do this in one-on-one conversations. Ensuring that your team feels appreciated and valued will prompt them to adapt with less friction.

Second is acknowledging that cybersecurity is difficult and filled with uncertainty. You set the tone of the culture, and if you do this well, your team will follow, enhancing their people skills.

Communication

Communication is the fourth step and the most essential soft skill for anyone. It’s never a bad investment to develop someone’s communication skills. Just be clear on what this means. Being a good communicator and articulate aren’t the same thing. Yes, what we say matters, but most communication isn’t verbal.

An excellent communicator is clear, concise, and transparent. They also recognize the needs of the audience and listen to them fully. Assessing candidates based on communication skills can involve prompting them to share real-life stories about how they used it to overcome challenges.

Listen for their use of geek speak or overly technical terms. This could be a red flag if they aren’t willing to drop the posturing.

Monotasking

Next is monotasking; it’s a soft skill you don’t hear much about. Most technical people have been doing the opposite — multitasking. Many believe this is a valuable trait. It is important to be able to juggle priorities, but blocking off specific time to concentrate on one task can make people more productive and eliminate feelings of being in fight-or-flight mode all the time. They will need to act quickly at times and move around priorities, but encouraging monotasking lets people think more critically and problem-solve more effectively.

Empathy

In the Secure Methodology, cognitive empathy is the sixth step. This type of empathy is the ability to understand another’s feelings and perspectives. It’s crucial to a person’s ability to be a great communicator and collaborator. Much of this relates to stripping down egos and dynamics of “me vs. them.” You can’t have a successful cybersecurity strategy and team without empathy.

Human connection is vital in cybersecurity, and in this phase, you support people to become more empathetic.

Kaizen

The last step is kaizen. It’s a Japanese term meaning “continuous improvement.” It’s the step that never ends and focuses on adaptability and flexibility. When you reach this phase, your staff should be in a state where they want to continue to develop their soft skills and transfer them to others.

Upskill Cybersecurity Job Candidates with the Secure Methodology

The Secure Methodology provides a framework and tools to transform candidates lacking skills. It’s a proven way to change behavior, with benefits for the person and the organization.

Get more insights on each step by reading my book, The Smartest Person in the Room. You can also explore how to apply it in the Secure Methodology course.

How to Build a Cybersecurity Team from Scratch Using the Secure Methodology™

cybersecurity teamBuilding a cybersecurity team comes with many challenges. So many factors are impacting the ability to do this effectively and efficiently. The cybersecurity workforce shortage means more competition for talent, but you can’t be confident all those vying for positions have the hard and soft skills to succeed and thrive. On top of all this, the threat landscape keeps expanding as cybercriminals develop new tools and strategies to exploit weaknesses.

So, what can you do as a cybersecurity leader? As someone who’s been in the position, I have some insights to share on how to accomplish this. Keep reading for strategies, tips, and info about the Secure Methodology as a framework for constructing a cybersecurity team.

Steps to Take to Build a Sustainable Cybersecurity Team

Where should you start on this journey? Should you jump right into recruiting and hiring? I would urge you to first develop a strategy, define the tools you need, and create some principles for the culture you hope to cultivate.

To do this, follow these steps:

Acknowledge that cybersecurity is a people problem and let that guide your strategy.

It’s easy to blame the breaches and attacks in the cyber world on technology. Without it, there wouldn’t be an issue, but categorizing it only this way is a fallacy. Behind every attack is a person. Every defense also has human intelligence executing it, and most causes of cyber incidents relate to errors, mistakes, or intentions of someone.

It’s very much a people problem, and that fundamental principle should guide your team-building strategy. Yes, there are lots of great cyber tools out there that are leveraging AI and enabling automation. You need those, but the people charged with managing them need knowledge and skills to do so. Those skills must include soft ones, as the human issue in cybersecurity won’t find a resolution without staff that cannot communicate or collaborate.

There is a current soft skills gap in every industry, including cybersecurity. The people who are a good fit for your roles may not possess these. If they are curious to learn and motivated to evolve, they can be great additions to your team.

Ensure the bad guys are cybercriminals, not internal.

Another element of creating a cybersecurity team is to eliminate the “us vs. them” mentality that often happens between technical and business folks. You’re all on the same side, but much of that can get lost in translation. The business side may not take cybersecurity as seriously as they should, frustrating cyber professionals. There’s animosity on your side, too, as your team may resent others, especially when they have questions and challenges.

It’s critical to put the target back on the real enemy’s head. There must be balance and cooperation between business and technical groups. You don’t want to bring someone on who fails to understand the perspective of others. Employees like this will degrade the trust and credibility of your team and do anything to avoid being wrong. You can spot this in how they respond to queries about collaborating and if they do a lot of posturing.

Look for a wide range of skills.

You have to define the requirements you want in your team, which should include various abilities and aptitudes. In doing so, you have to shift your definition of qualified. The majority of cyber leaders believe applicants don’t have the right qualifications, according to the State of Cybersecurity 2022 report. What they say people lack includes hands-on experience and training along with credentials and degrees.

The hands-on part makes sense because you want people to have real-world interactions. One cannot get this without opportunity. It’s especially true for younger generations, who we need to join the field. These people could be bright and eager to learn, making them excellent hires.

Credentials and degrees can demonstrate skill sets but not always. Often, people look great on paper because of these achievements but lack the knowledge to apply what they learned in classes. The learning may also be insufficient, especially for courses that validate aptitude based on multiple-choice tests. You can only be confident in one thing for those passing these — they can memorize answers. Beware of these “paper tigers.”

Instead, use skills-based hiring models. This approach focuses on a candidate with specific competencies that directly relate to the work. It involves soft and hard skills.

Develop your recruitment strategy on skills-based hiring.

Building a strong, multi-dimensional team requires a mix of people. Not everyone has to be strong in everything. You can create a staff who can learn from each other and you.

With skills-based hiring, you can:

  • Identify people with abundant soft skills and a desire to improve their technical skills.
  • Find candidates who have familiarity in all areas of cybersecurity but don’t have real-world experience yet and develop them.
  • Attract people newly entering the workforce and those starting over, which can help you build that right mix.
  • Assess people holistically instead of only looking at their technical aptitude.
  • Reduce barriers for people getting a shot at a cyber career who didn’t attend college.

Putting together a team of cyber professionals in this manner can lead to a strong and healthy culture. It can also decrease risk and ensure that cybersecurity has a seat at the table to influence business decisions. You simply won’t be able to do that if you hire with bias found in the old ideals of “qualified.”

All these ideas and opportunities align directly with the Secure Methodology, which is a seven-step process of transforming people with purely technical and closed mindsets into great communicators and partners.

The Secure Methodology and Building Your Cybersecurity Team

The Secure Methodology is the foundation for creating and maintaining a team that thrives and is adaptable. I based it on my own experiences and observations of what was going wrong in cybersecurity, which is a people problem.

Here’s a glimpse of each step and how it can support your hiring strategy:

Awareness

The process kicks off with awareness. It pertains to both self and others. Without it, people don’t understand the impact of their behavior on relationships and communication. It’s about opening up people’s blind spots.

Will every candidate already have awareness? And how do you evaluate this? Most people lack awareness to some extent, so it often requires development. You can assess someone’s state of awareness or willingness to get there by asking them to reflect and tell you about a challenging time and how they handled their interactions with others.

Mindset

Mindset is critical for anyone’s ability to grow and evolve. Those with a fixed mindset will resist any type of change. It’s a problem for technical people because they desire absolutes, but cybersecurity is a dynamic and volatile field! It’s kind of a paradox, so be observant of how people communicate about themselves and their experiences. This can give you a good idea of how open their mindset is and if they’ll be a good fit for your team.

Acknowledgment

Next is acknowledgment, which you’ll want to make a pillar of your culture. Technical employees crave feedback and understanding of their place in the business. Of course, they must also be receptive to it because it won’t always be positive. You also want to know if someone can acknowledge the work and contributions of others within the group or outside of it.

Communication

The fourth step is communication, and it’s the most important concept when creating a team. We can’t do anything well without honest, transparent, and consistent communication.

Being a good communicator doesn’t just mean being articulate. In the world of cybersecurity, your team must be clear about what they need, the challenges they face, and what’s really happening in the threat landscape. They also have to be active listeners to be good collaborators.

You can likely assess someone’s communication skills within the context of your conversations. Look for those who can clearly express big ideas and don’t use geek speak. If they show signs of this and seem to be listening to you, it’s a good sign, and you can continue to help them master this skill.

Monotasking

Monotasking is the fifth step, and it means concentrating on one task or project at a time without disruptions. It’s hard to find anyone who monotasks much in the workforce, where we seem always to be doing five things at once.

You can talk about monotasking in interviews to see someone’s reaction to it. Do they think it’s bad for productivity or impossible? Emphasize that you believe it to be a critical component of the workday because it enables critical thinking and problem solving, which are two huge assets in cybersecurity.

Empathy

Empathy is the sixth step, and in this connotation, it means the ability to understand someone’s perspective and feelings. It’s one of the hardest things for anyone to build, and yes, we must learn it. We are not innately empathetic. Achieving this can help with stress, burnout, and frustration toward others.

In speaking with prospective hires, ask them about a time when empathy would have been a good response to a problem. The answers they give can reveal a lot about their inner workings.

Kaizen

The last step is Kaizen. It’s a Japanese term that means “change for the better.” It never ends because continuous improvement is forever. When hiring, you want to put people on your team who believes in this approach to work.

Ready to learn more about the Secure Methodology? Start by reading The Smartest Person in the Room and explore the Secure Methodology course.

Silos Weaken Your Cybersecurity Posture, Collaboration Makes It Stronger

cybersecurity silosSilos are a common theme in many businesses. It can occur in any industry, department, or team. The reasons this is all too prevalent are many, from cultural issues to not sharing data to a lack of communication. Silos undermine an organization’s ability to be proactive and agile, weakening its cybersecurity posture.

So, how did cybersecurity become so siloed? And what can you do to break silos down?

Why Silos Exist in Cybersecurity

Cybersecurity often sits in a walled garden, with little interaction with the business side of an organization. There have been some shifts to bring it into the fold, with CISOs (chief information security officers) now having a seat at the table with the C-suite.

This demonstrates the process, but the silos have stood for a long time, so they are very much a current problem. There are several reasons why they exist, including:

  • Businesses believing cybersecurity impedes innovation and growth and intentionally wanting to keep it separate
  • The increased number of attacks and threats cybersecurity teams must defend against, which keeps them in a reactive mode instead of a proactive one
  • Failures in communication that leave cybersecurity and other parts of the company unaware of the landscape and its evolution
  • No shared accountability for cybersecurity throughout the organization, which leaves cybersecurity on an island when it comes to security and resilience
  • Company leadership not treating cybersecurity as a business enabler, which can impact budgets, staff numbers, and resource allocation
  • No initiatives to build partnerships across the organization between cybersecurity and other teams

All these reasons have a foundation in disconnection. When cybersecurity isn’t a critical part of an organization, it’s easy for silos to stay in place.

Those silos can exist within teams as well.

Cybersecurity Silos Are Present Within Technical Teams

It’s not just the enterprise-wide silos you have to worry about. Chances are they are also creating walls within your people. These may be even harder to conquer because of the nature of the job and the characteristics of individuals.

Silos within cybersecurity occur primarily because cyber professionals never want to be wrong. They concentrate on always being the smartest person in the room. When others question their stance, internally or externally, they find solace in silos where they have all the control.

If this sounds familiar, you’re not alone. It’s all too common in the cybersecurity workforce to have people operating independently without much awareness of what others are doing. Furthermore, many don’t care. They have surety in their capabilities and don’t want to share or collaborate because it could lead to them being wrong.

The silo mentality leads to the things that are threatening the cybersecurity workforce — unhealthy cultures, burnout, and an uneven work-life balance. These were all reasons that cyber professionals left jobs, according to the (ISC)2 Cybersecurity Workforce Study.

Dissatisfaction in a cyber job has more to do with organizational issues than the work. Silos are a threat to your team and cybersecurity posture. They breed resentment and disengagement. It’s bad for everyone, but it’s difficult to transform mindsets and perspectives from a silo perspective to a collaborative one. For this shift to occur, you have to focus more on soft skills than technical ones.

Silos Keep People From Adapting and Changing

As noted, silos can seem like safe places for cyber professionals who cling to certainty and believe they don’t need others to do their job well. What it actually does is keep people in a state of stagnation. They won’t grow or change because doing so would mean they have to accept that they don’t know everything. That’s too big of a pill to swallow for many without intervention.

Those who crave the safety of a silo aren’t bad people (usually). It is possible for them to get to a point where they’ll embrace the gray that cybersecurity lives in, moving away from black-and-white thinking.

Cybersecurity is a dynamic industry, indicating that evolving practices and protocols are necessary. Even if you consistently improve your strategies and ways to manage and eliminate threats, that doesn’t mean that silos aren’t still present. They show themselves in many different ways, from how your employees work with other groups, how they handle user interactions, and what happens when a threat becomes a reality.

How Silos Put Your Cybersecurity Posture At Risk

On the threat landscape, there are a million things that increase risk. As networks grow, workers remain remote, and implementations of new technology rise, there’s risk everywhere. You have to defend against phishing, malware, and ransomware, which requires a united front and effort. Silos make this harder.

When silos exist within the department or in the company, the ability of a cyber team to be proactive against these threats becomes very difficult. Being proactive requires everyone to work together from a defined strategy. It involves a lot of communication and movement across the organization to establish and maintain your “protective shield” against attacks.

Attempting to reduce or eliminate risk is a journey that never ends or stays the same. Doing this well really means working as a team. Even if you have lots of protocols and tools in place, a silo doesn’t crack so easily. And often, people can do just enough to collaborate but true transparency is still missing.

As a result, errors and mistakes occur. Assumptions about who’s doing what and when are usually wrong, and gaps in your cybersecurity posture widen. It gives hackers an opportunity to exploit these weaknesses, so having silos is a helping hand to cybercriminals. If you want to prepare your organization to be cyber-resilient, you have to focus on growing your team’s people skills.

Development of People Skills Is a Silo Breaker

When individuals improve their people skills, they see the value in working together. They understand that silos are holding them back and want to work in a culture that thrives in teamwork.

It would be great if people could come to this realization on their own. Some never will, but many are willing to commit to developing their soft skills, especially when they realize it can decrease risk. Ultimately, most cyber professionals got into this field because they are passionate about security. If they know that their behaviors and actions have impacted their cybersecurity posture, they may be even more eager to change and adapt.

So, how does this happen in the real world? It won’t occur without a framework and strategy. You can’t start this journey without a map, and you’ll find one in the Secure Methodology™.

The Secure Methodology Transforms Silos

The Secure Methodology is a seven-step guide to transforming technical people into excellent communicators and collaborators. Each step seeks to resolve the major problems that exist in the cybersecurity workforce, supporting people as they pursue a new mindset and perspective. Here’s how each step can knock down those silos for good:

Awareness

The Secure Methodology starts with awareness of self and others. When awareness is lacking, silos flourish because there’s no connection. Technical folks will remain on their own island, causing friction and antipathy.

You can use coaching methods within this step to drive people to open their eyes and realize the detriment of silos. You can also learn about their motivations, which will be vital in changing behavior.

Mindset

Next is mindset, and it’s a key contributor to silos. When people have a fixed mindset, they have tunnel vision and no desire to change. This step is about helping them open it, which can occur with reflection, asking questions, and working as a team in decision-making.

Acknowledgment

Acknowledgment is the third step, and the lack of it is another cause of silos. Acknowledgment means recognizing people for their efforts regularly. They want and need praise to feel part of something, which is critical to breaking down silos. Part of this is also acknowledging that no one can know everything about cybersecurity but that collectively, we all have a better shot at defending against threats.

Communication

Communication is the fourth step but crucial in all the others too. Communication is the single biggest tool you have to remove silos. Consistent, transparent, and clear communication within your team and outside of it ensures that silos don’t form or stay.

Working on communication isn’t easy. It takes a lot of practice and learning new ways to share information and listen.

Monotasking

Next is monotasking, which means workers focus only on one task. It’s the opposite of multitasking, which often leads to sloppy work. Yet, people receive praise for multitasking, but it’s a problem in cybersecurity.

In terms of silos, if you encourage people to block time to work on specific things without distraction, they can use critical thinking skills and balance their workload. Gaining these things supports a collaborative workforce where there’s even distribution of work and team support.

Empathy

Empathy is an essential soft skill that we have to learn and develop. Silos can’t function in an empathetic culture because people can see the perspective of others. When they do, there’s no longer a “me vs. them” mentality. This step includes exercises to help people foster this skill.

Kaizen

The last step is kaizen, which is a Japanese term meaning “continuous improvement.” It’s a stage that never ends with an emphasis on root cause analysis. If your team can embody this, silos won’t have fertile ground.

Using the Secure Methodology is a proven path for transformation and removing silos. You can learn more about it in my book, The Smartest Person in the Room, and in the course.

Diagnosing the Root Causes of the Cyber Workforce Shortage

cybersecurity skills gapThe cyber workforce shortage has been the talk of the industry for the past few years. Many jobs remain unfilled, and experts predict that will only grow. The reason for this gap is the result of many different factors. At the heart of the problem are root causes. The field can attract and retain workers by identifying these and working to overcome them.

In this post, we’ll look at the data, diagnose the root causes, and define how to close the gap.

The Data on the Cyber Workforce Shortage

There is a lot of data on the cybersecurity workforce landscape. It’s a pervasive issue, so developing reports and surveys is in high demand to uncover the why. We’ll look at the ISC 2022 Cybersecurity Workforce Study and the ISACA State of Cybersecurity 2022 Report.

The workforce study detailed that the global cybersecurity workforce grew to over 4.6 million, which was an 11% year-over-year increase. Even with this increase, there are still 3.4 million jobs that are vacant. It’s something that’s keeping cyber leaders up at night. Survey respondents had this to say:

  • Organizations with a significant staff shortage had more concerns about risk, with 74% stating it was extreme or moderate.
  • 60% of organizations said they are struggling to keep up with turnover.
  • 70% of companies have challenges with retention.
  • It takes, on average, three to six months to fill an empty role.
  • There is a correlation between cyber professionals not feeling their input is welcome and valued and low employee experience ratings.
  • Younger generations have new expectations in work, with this group more concerned about emotional health, Diversity, Equity, and Inclusion (DEI), and having a voice.

What Conclusions About the Workforce Gap Can We Make Based on the Data?

So, why does this gap exist? It’s complicated, and many things driving it are outside your control. We can draw some conclusions from the data that diagnose what’s happening.

More Threats Drive Demand for Cyber Professionals

First, the demand for more cyber professionals would, of course, increase as cyber threats do. Cybersecurity is about identifying and mitigating risk, so it doesn’t exist without the threat landscape. It keeps us all gainfully employed but consider how much it has evolved in the past few years.

Ransomware is more prevalent than ever. The means to carry these out have become much more sophisticated. It’s a favorite tactic for hackers, mainly involving financial gain as the desired outcome. Cybercriminals are using old and new weaknesses to attempt to seize control of applications, data, and systems.

Cybercrime-as-a-service enables a new group of criminals to hire hackers on the dark web to do their bidding. You can now choose from a “menu” of attacks, from phishing to ransomware to AI-enabled cybercrimes. No one has to be a cyber genius to launch these attacks. Hacking is now more accessible—a commodity even. As a result, the threat landscape broadens.

Hacktivism is another emerging trend that’s increasing risk. For the first half of 2022, DDoS (distributed denial of service) attacks increased by 203% over 2021, with many of these fitting the hacktivism label. It’s a different motivation for these cyber criminals and impacts businesses even if they don’t have social or political ties.

Then you have all the advancements that AI brings to the hacker toolbox. It enables them to improve phishing campaigns and send them out more quickly. It can help them gather data for attacks, create deepfakes, hide malware, and break passwords and CAPTCHAs.

These are just some highlights, but they represent all the risks and threats that cyber professionals must defend against every day. For organizations, it’s a driving need to hire more people and keep them.

Retention Is a Concern, and Burnout Plays a Role

The job of a cyber professional can have moments of high pressure and stress. Without a healthy culture to balance this and consistent communication, this can lead to burnout. If you don’t have enough people, then those you do have to end up with more and more on their plate. Many technical folks further disconnect from the job, considering it their biggest stressor. Being overwhelmed in this manner often ends in attrition.

Without focusing on evening workload, communication, collaboration, and a healthy culture, burnout will grow and play out repeatedly.

Burnout isn’t the only cause of poor retention. It’s also the environment. If it’s toxic, more people will leave. They have options with so many jobs available. Other things that contribute to this are compensation that’s not competitive, lack of promotion opportunities, no management support, and inflexible work policies. Regarding financial incentives, only 31% of organizations said they pay a competitive wage.

In short, you can’t attract or keep good employees if you don’t address burnout and retention.

Cyber Professionals Need More Acknowledgement and Connectedness

Your current and future employees have a lot of knowledge and expertise. Failure to acknowledge this or ask for their contributions to a challenge creates low morale. It isolates people who are often introverts worried about saying the wrong thing. If they keep this close to the vest, you also can’t understand their motivations and what they need to succeed.

The Workforce Study found that lack of support from leadership contributed to a lower employee experience. Improving this is something within your control. When workers feel valued for their input and part of something bigger, they are more engaged and open to learning and growing. Creating such a culture ensures that you can attract and retain great workers.

Younger Generations Have Apprehension About the Industry

Cybersecurity has a branding problem, as younger generations have new expectations about work and for whom they work. Currently, only 12% of the cyber workforce is 34 or younger. It’s one of the most consequential drivers for the cybersecurity workforce shortage.

Cybersecurity needs a rebrand to attract these people. It should include things like improving culture, eliminating gatekeeping and blustering, being more communicative, embracing diversity, valuing the employee voice, and helping them grow professionally and personally.

One of the best ways to do this is with the Secure Methodology™. It’s a seven-step guide to transforming technical folks into excellent communicators and collaborators. It can be a key way to address many of the challenges related to the workforce gap.

Using the Secure Methodology to Improve the Cybersecurity Workforce Shortage

Here’s a preview of each step of the Secure Methodology, which I defined and designed in my book, The Smartest Person in the Room. The title refers to how many cybersecurity professionals see themselves and how that can be a downfall.

Awareness

In this first step, people become aware of themselves and others. Through the exercises in the book, technical people can begin to understand their behavior and its effect on others. It can be a struggle for anyone, especially cyber professionals. Once they achieve awareness, they can let go of fears about uncertainty and their place in the organization, which can counter burnout and improve the employee experience.

Mindset

Individuals have a growth or fixed mindset. When it’s fixed, they do not change. They accept their perspective and won’t work to evolve it. It’s a problem that will hamper recruitment, retention, and job satisfaction. If your culture presents a place to grow and adapt through a broader mindset, you can attract and keep people on staff.

Acknowledgment

We talked about acknowledgment earlier and how it feeds into the employee experience. By practicing acknowledgment, your team understands their importance and gets the feedback they crave. Involving your people in big decisions is another form of acknowledgment, and it can go a long way in positioning your company as a great place to work and thrive.

Communication

The fourth step is communication, and it’s really the core of the Secure Methodology. We cannot fix the workforce shortage issue without clear, consistent, and meaningful communication. Communication starts in the recruitment phase with being transparent and open about cybersecurity. It also has to be a central part of everything you do with employees.

When it’s part of your culture, you’re building a collaborative and cooperative team. They’ll be able to engage better with each other and the business side. As a result, everyone can be on the same page and reduce the ambiguity that drives dissatisfaction and churn.

Monotasking

Monotasking is essential to supporting the overworked, which cyber professionals tend to be. It’s even more so with so many companies short-staffed. It’s the principle of concentrating on one task without any disruptions. It gives them time to focus and use critical thinking and problem-solving skills. The result of this could include improving stress levels and people being more comfortable in asking for help.

Empathy

Empathy within your cybersecurity culture means the ability to understand another’s perspectives and feelings. Developing this skill in technical people can encourage them to feel less frustrated with their customers (users). With attention toward empathy, people can learn to let go of blame and resentment, which often festers and creates burnout and attrition.

Kaizen

The last step is Kaizen, which means “change for the better.” It’s the ultimate objective of the Secure Methodology. It’s all about continuous improvement. A culture that embraces this will attract excellent candidates and keep them. There is no perfect in Kaizen, which the smartest people in the room are attempting to achieve. There is only the motto of constant improvement.

You can learn more about each step and how to use it to transform your organization and solve the workforce shortage problem by reading my bookCheck out the Secure Methodology course, too.

Does Your Cyber Team Have a “Bad” Reputation? Why Their Lack of Soft Skills Causes Friction

cybersecurity user experienceEverybody in cybersecurity has funny and unbelievable stories of users gone wrong. On the other side of the equation, users have their own stories that paint technical folks as rude and unhelpful. In either case, there’s a lot of stereotyping going on, but some of it is, well, true. What it amounts to is cyber teams having a “bad” reputation. Many consider technical folks to be arrogant, hostile, and condescending. If that’s the culture in your organization, it’s no wonder that people have little respect for them. In fact, they’ll do anything to avoid interaction with them, which often increases risk.

So, what can you do as a cybersecurity leader to broker peace between the two? While users certainly have some blame for the dynamic, much of it comes down to a lack of soft skills, causing friction and undermining relationships.

Why Your Cyber Team Has a “Bad” Reputation

One of the biggest reasons that cyber professionals earn their reputation is that many consider them a bottleneck. That’s because security must be a part of any major IT development or implementation. Often, the barrier they create isn’t their fault. Sometimes, cybersecurity isn’t in the initial plans, and then you get involved. To avoid such an impasse, your organizational culture regarding security has to, as well.

Security can’t be an afterthought. It needs to be a forethought, so you have to express this with the C-suite and leadership. When given a chance to have a seat at the table, your people must engage with the business side in a way that’s outside of their comfort zone. They have to be inclusive in their communication and explanation. Otherwise, they’ll posture and use jargon, making them seem like jerks and continuing the belief cycle that technical people are difficult.

A team’s reluctance to collaborate effectively is also a common problem. Cyber strategies and decisions don’t reside only with your team. You need input and support from others. As a result, cyber professionals must be cooperative when it comes time for new implementations and approaches to combat risk.

Key to this is their ability to define risk clearly with other stakeholders who aren’t experts. Your people are, and they have great technical knowledge. This intelligence often creates the desire to be the smartest person in the room. They may be, technically speaking. However, they have to be able to work with others to establish new strategies to protect the company.

While your people often don’t do themselves any favors in being likable, it’s not all their fault. Cybersecurity can be a scapegoat for missed implementation dates, backlogs, and failed digital transformation objectives. It’s easy for others to blame your team, believing them to be against innovation. They may hold some responsibility, but it goes back to cultural foundation issues about how the organization prioritizes and empowers a cyber team.

You have some control over how the company looks at cybersecurity, but you have even more so over your team. For the sun to set on the stereotype of cyber professionals being obstinate, your people must develop people skills.

Why Are Cyber Professionals “Bad” at Soft Skills?

So, why exactly do technical people often have gaps in soft skills? Is it something innate and unfixable? Absolutely not, and it’s a symptom of something bigger. There are many bright, highly communicative, and adaptable people in the field. Some require a nudge toward the right direction to be vulnerable and ready for change.

If you look at the industry and consider where the struggles exist in people skills, you can come to these conclusions:

  • They often think in black and white, while most everything lives in gray. When they lock into a mindset that there’s one right answer and many wrong ones, it impacts their perspective. So, they stick to the script even when factors change.
  • Technical folks often have insecurities and fears that they want to keep hidden. They believe not knowing everything is a weakness, but how could you possibly know everything? These feelings keep them from asking questions and engaging in dialogue with others.
  • Communication isn’t easy for them, especially if they can’t posture and use jargon. When they do, they alienate others quickly and live up to their reputation. Communication is the single most important skill a cyber professional can possess.
  • Cyber professionals also may lack awareness of themselves and others. They don’t see how their tendency to be aloof and overly technical prevents trust and cooperation. They also have a hard time understanding the perspectives of the business side. Without this awareness, they’ll continue to be outsiders.

Helping your team work through these flawed behaviors won’t be easy, but there is a way to do it with the Secure Methodology™. It’s a seven-step guide for cyber leaders to leverage to transform technical minds into ones with strong soft skills.

How the Secure Methodology Can Improve the Reputation of Cybersecurity

The Secure Methodology is a proven framework to cultivate technical folks into excellent communicators and collaborators. Next, we’ll review all seven steps with an introduction to how the lessons of each phase develop people skills.

Step One: Awareness

The first step is Awareness, which I mentioned earlier as a reason technical people can’t connect with others or themselves. When they lack Awareness, it creates a lot of blind spots, which impact communication and set the stage for more technical posturing.

Technical people have to be willing to open themselves up to new perspectives. You can foster this with coaching around communication and understanding their motivations. In this step, you’ll have access to exercises that move people outside of their comfort zone, opening their eyes to a wider world.

Step Two: Mindset

Mindset is next and builds on learnings from Awareness. Right now, many of your people likely have a fixed mindset, which keeps them from growing and evolving. Shifting to a growth mindset is what you want to accomplish. They have to open their minds to more possibilities beyond black-and-white thinking. This step features approaches to help people with reflection and accountability.

Step Three: Acknowledgment

Acknowledgment is a critical aspect of any department or industry. When there’s little positive acknowledgment, employees can become disengaged and resentful. In cybersecurity, the most common acknowledgment is negative. So, it’s this cycle of being fearful of any error, causing some to do nothing.

Acknowledgment must start with you. Positive reinforcement is vital, and you should do it publicly. It tells people what they do matters, and ensuring they understand how their contributions help the company can be key to their desire to be better team players. This step has activities to develop this through rapport and trust.

Step Four: Communication

Communication has its own step but is pivotal in every phase. Communication skills are necessary for any job, but cyber professionals have often gotten away with being bad at it. Technical folks need to learn how to communicate better within the team and with others who are technically adept.

Much of this comes down to the simplification of the message. They don’t need to give a monologue to express risks and threats. Coaching exercises in this step will promote creating an inclusive, shared language and active listening. Much of this involves reframing the interactions and reminding your people that others aren’t the enemy. Encourage them to stop hiding behind complex explanations and to strip communication down to informing others and asking questions.

Step Five: Monotasking

Aren’t technical professionals supposed to be great multitaskers? Unfortunately, many people believe this to be true, and multitasking has its place. However, monotasking is a necessity for improving people skills. When someone multitasks, there’s often a feeling of pressure, which can cause more mistakes.

Encourage your people to have specific monotasking periods in their day where they focus all their energy on one task. They’ll find they’re more productive with this kind of schedule. Challenge your team to practice this and block out distractions.

Step Six: Empathy

Empathy is a crucial step to transforming your cyber team. When your employees can put themselves in the shoes of others, the us vs. them mentality can fade away, and that’s necessary to eliminate their “bad” reputation.

Empathy, however, is something to develop. It’s not a natural part of being human. It requires them to care about what they do, the organization, and their colleagues. All the steps leading to this one have set the stage for empathy. If your staff can excel here, they’ll be the collaborators everyone needs them to be.

Step Seven: Kaizen

The final step is kaizen, which is a Japanese term meaning “continuous improvement.” Within the Secure Methodology, it’s the action of analyzing root causes. You can then uncover the real problems and work toward overcoming them. This step doesn’t end, as it’s a continuous state of adapting and evolving.

Rid Your Cyber Team of Their “Bad” Reputation

Now is the time to drive change in your employees so they can contribute more effectively. When they do, it’s good for security and their long-term job satisfaction. Take the first step by checking out the Secure Methodology course.