What should you look for in a Cyber Security professional?

What makes the perfect candidate?

What should you look for in a Cyber Security professional?

What should you look for in a cybersecurity professional? 

Dominating the headlines since the onset of the digital age, cyber-attacks have grown to become of the deadliest risks businesses face today. Whether it’s a large-scale data breach using ransomware or a hacker working from inside the business, no one expects an incident to occur until it does: by this point, leaders usually regret not having dedicated more time in recruiting the right info-security experts to protect their network. After all, it’s not just an organisation’s reputation that can be damaged by a data breach – the financial costs can often have a more severe effect. 

Lloyd’s of London has estimated the global cost of a serious cyber-attack to be more than £92 billion. In an age characterised by constant threats, therefore, a strong cybersecurity strategy is a competitive advantage. That said, a quick glance at the info-security talent market might just be enough to make you lose hope. If recent predictions can be trusted, the industry is set to face a staff shortage to the tune of 3.5 million unfilled positions by 2021. If you are to secure the brightest sparks in cybersecurity to your organisation, you had better start your search as soon as possible. The question is, what makes for the perfect candidate in this fast-paced field? 

While there is no one-size-fits-all approach, it’s not a bad idea to keep an eye out for the following traits: The hacker mindset If there was any doubt in your mind as to the importance of a robust cybersecurity strategy, the daily news provides sufficient proof: with each passing week comes a new high profile cyber-attack; a data breach on an organisation that many would have thought impossible. Yet, all it takes is one weak link for your network to be breached and your reputation left in tatters. Unfortunately, there is no switch that can be flicked to protect your organisation one and for all: instead, you must seek to hire professionals who can keep up to date with each new development in the hacker handbook. Often, the best information security experts are master method actors; their ability to adopt the mindset of a malicious cyber-criminal allows them to easily identify weaknesses within the network and subsequently determine the best approach in mitigating the risk. 

Of course, that isn’t to say your search should begin on the dark web or in back alleys – just that you should keep a look out for individuals who are open and adaptive; candidates who display a commitment to keeping ahead of the curve when it comes to hacker’s techniques. The right profile It goes without saying that industry experience in this field is invaluable. However, don’t be too quick to discount candidates with less traditional career paths: individuals from military backgrounds, for example, often make for strong cyber-security professionals once equipped with the technological know-how. As well as sharing a similar lexicon, uniformed personnel are always alert; they are easily adaptable and have already developed the instincts to protect sensitive information. 

Beyond the military, you may find individuals with a background in engineering or computer science suitable for the role due to their deep understanding of core computational logic. Similarly, graduates of mathematics courses are usually expert problem solvers and can, therefore, be of incredible value to companies struggling to strengthen their defences. Even a psychology graduate can offer critical insight into the mindset of a cyber-criminal; their knowledge could allow a company to follow the breadcrumb trail of a hacker before they have the chance to execute their master plan. A willingness to learn Having scoured your usual sources for talent to no avail, it’s easy to feel disheartened and demotivated. Perhaps all the good ones have already gone. On the other hand, you may be restricting your results due to impossibly strict role requirements. 

If you’re like most companies, it’s likely you’re looking for a cybersecurity expert who boasts traditional education and university degrees in technology. But cybersecurity is a multilateral field; it requires staff who not only come equipped with knowledge in IT but a passion for problem solving and varied skills across different industries. IBM’s solution to the talent shortage, for instance, is to create “new collar” jobs in information security by prioritising advanced skills, versatile experience and drive to learn above university qualifications. And they are right to do so – after all, if the bar is set to high, you close yourself off to a wealth of budding cyber talent who could prove incredibly valuable in your organisations’ defences. Curiosity can’t be taught in the classroom, but it is by far one of the most important traits of a strong cybersecurity candidate.

What should you look for in a Cyber Security professional?
Date: 25 January 2019
Author: Chris Jones
Tags: #hiring #talent