Talented cybersecurity professionals are in great demand. According to a study from Secureworks.
It’s a big deal because there’s no one can afford to cut skilled IT security staff as increasing macroeconomic and geopolitical challenges lead to new risks for businesses.
In fact, research from recruiter Nash Squared shows that managing cybersecurity has never been more difficult – and the larger an organization, the more likely it is to be hacked.
Therefore, it is crucial for the business to have a talented CISO in place; person responsible for overseeing network security and ensuring data and systems are safe and secure.
So, what traits do you need if you are a cybersecurity professional and you want to reach the pinnacle of your career?
For Stu Hirst, CISO at Trustpilot, the answer is clear: integrity, empathy and resilience.
These three qualities are becoming increasingly important to CISOs, says Hirst, who has years of practice building IT defenses at big-name firms such as Capital One UK, Trainline and Just Eat.
When it comes to integrity, he says a certain level of honesty is crucial for anyone who wants to be an effective cyber head.
As CISO for consumer review site Trustpilot, a public company listed on the London Stock Exchange, Hirst reports to the board.
It’s extremely important that he provides a “wart panorama” of what’s happening now and what could happen next.
“I’m not trying to paint a picture that doesn’t happen,” he said.
“I try and give a pragmatic view of what the industry is doing, where the company is and what’s needed for the next step. I think you need to have integrity to be able to do that. and comfortable being extremely honest with the information you have.”
Regarding empathy, Hirst says that the work modern CISOs do to keep systems and data safe means that their interactions span the entire scope of the business.
“You have to empathize with what’s going on in other teams and how your role and the work the security team does might affect them,” he said.
Finally, CISOs must be resilient. Hirst says that working in security is the hardest at the best of times. But when you’re responsible for securing the network at a large enterprise, you need to be really strong.
“Unfortunately, we have to deal with a lot of nonsense in terms of security and that can be a stressful job,” he said.
“I think you have to be able to deal with changing landscapes, conflicting ideas and priorities, and different people shouting at you at different times from different angles. .”
Hirst recognizes the pressure that comes with being a CISO can be difficult for some professionals.
Cybersecurity jobs often involve what he refers to as high-stress environments where you don’t know what’s going on or you’re waiting for something bad to happen.
Bev White, chief operating officer at Nash Squared, said the near-constant requirements regarding the CISO role mean that cybersecurity professionals should ask one key question: is it the right role? suits you?
“Be careful what you ask for because it’s not easy at the top,” she says.
“Make sure people have the skills and are fully equipped, resilience wise, to cope with the role when they’re at their peak is really important.”
The pressures associated with working in cybersecurity – especially in the context of resource constraints caused by a widening skills gap – mean that some people may decide that they would rather leave. out of the industry altogether rather than continuing up the ladder.
For White, it was a great shame. “I think it was a bittersweet decision,” she said.
“We’re finding that an increasing number of cybersecurity professionals are questioning whether they should choose a different career path or whether they should continue the path they have.”
With the network skills gap widening, it is imperative that all IT industry leaders encourage talented cybersecurity professionals to not only work around, but hone their skills and feel. feel confident that they are growing long term and fulfilling their careers.
That’s something that resonates so strongly with Hirst, whose ability to mentor up-and-coming cyber stars and people is heavily involved in the security community, including speaking to ZDNET from ScotSoft Annual Technology Conference operated by the trade body ScotlandIS.
He believes that many cybersecurity professionals suffer from ‘imposter syndrome’ and that is something that has certainly affected him in the past.
“I’ve probably gotten over it for years,” he said. “I think it’s more common in security for the simple reason that there’s so much we have to understand. And it’s impossible to know all of them.”
But despite the challenges and hardships associated with climbing the career ladder, Hirst still enjoys the problem-solving aspects of the role and enjoys the cultural side of leadership, especially trying to build and motivate teams.
Reflecting on her journey to becoming a CISO, Hirst offers 5 tips for cybersecurity professionals looking to pave the way in the industry:
- Learn from others – If you want to be a CISO, take the time to chat and learn from others who have done the role
- Really understand risk – Identifying what risk means to the business and knowing how to prioritize it as it is a key element of the CISO’s day-to-day role
- Build a balance between skills – Develop an even understanding of technical and business knowledge as senior roles require competence in both of those areas
- Take care of yourself physically and mentally – Security leadership is a high-pressure job that can entail some periods of very intense work and pressure
- Immerse yourself in online communities – Interact with people who can help you grow and learn, as that’s where you’ll find a great deal of information