Great cyber security practitioners are not unicorns. They are mentored, not born. If you meet what you consider to be a unicorn, someone in their past took the time to mentor them to where they are today. Unfortunately, this may be why they are so few in number.
Your goal as a cyber leader should include mentoring your team to greatness. Anyone can work hard and become a good cyber security practitioner. It's a leadership responsibility to mold the team from good to great.
If you are a cyber security individual contributor, you deserve to become great. Insist upon it.
Red team? Blue team? Purple team? Doesn't matter.
Here is a guide to characteristics that separate good cyber security practitioners from great ones...
Here is a guide to characteristics that separate good cyber security practitioners from great ones...
Critical thinker.
Natural intellectual curiosity.
Insightful storyteller.
Successful negotiator
that can define desired outcomes and negotiate to them.
Skillful navigation of
ambiguous situations and inputs.
Willingness to take on
meaningful professional challenges.
Strong written
communications.
Concise oral communications
to both tech and non-tech audiences.
Can determine measures
for the efficacy of processes and the levers to improve them
Focused on continual personal improvement.
Consistently engages outward and manages upward.
Sufficient technical
skills for their specific area of responsibility.
Up to date on
adversary tactics.
Understands and
applies principles of risk.
Depth in at least one
security discipline.
Scopes their own work
and consistently delivers that work on time.
Tests, fails fast and
fails forward so they learn from each experience.
Identifies key
dependencies and gaps in their own part of the security program.
Find employees that have a base and then mentor them in the
others.
This is the way to build a crazy good cyber team.
Follow me on Twitter
for discussion and the latest blog updates: @Opinionatedsec1. Or, start your
own discussion using #crazygoodcyberteams on twitter or Linkedin and I'll read
it.
SEE ALSO
No comments:
Post a Comment