Wednesday, October 16, 2019

Characteristics Of Great Cyber Practitioners

Great cyber security practitioners are not unicorns.  They are mentored, not born. If you meet what you consider to be a unicorn, someone in their past took the time to mentor them to where they are today.  Unfortunately, this may be why they are so few in number.

Your goal as a cyber leader should include mentoring your team to greatness. Anyone can work hard and become a good cyber security practitioner. It's a leadership responsibility to mold the team from good to great.

If you are a cyber security individual contributor, you deserve to become great. Insist upon it.

Red team? Blue team? Purple team?  Doesn't matter. 

Here is a guide to characteristics that separate good cyber security practitioners from great ones...

Critical thinker.

Natural intellectual curiosity.

Insightful storyteller. 

Successful negotiator that can define desired outcomes and negotiate to them. 

Skillful navigation of ambiguous situations and inputs.

Willingness to take on meaningful professional challenges.

Strong written communications. 

Concise oral communications to both tech and non-tech audiences.

Can determine measures for the efficacy of processes and the levers to improve them

Focused on continual personal improvement. 

Consistently engages outward and manages upward.

Sufficient technical skills for their specific area of responsibility.

Up to date on adversary tactics.

Understands and applies principles of risk. 

Depth in at least one security discipline.

Scopes their own work and consistently delivers that work on time. 

Tests, fails fast and fails forward so they learn from each experience.

Identifies key dependencies and gaps in their own part of the security program. 

Find employees that have a base and then mentor them in the others. 

This is the way to build a crazy good cyber team. 

Follow me on Twitter for discussion and the latest blog updates: @Opinionatedsec1. Or, start your own discussion using #crazygoodcyberteams on twitter or Linkedin and I'll read it.


No comments:

Post a Comment