There just aren’t enough cyber security professionals out there to meet the demand for their skills. The estimated personnel shortfall in the UK cyber workforce in 2022 was over 14,000.
When hiring, you may not be able to tick off every box on your list for the dream candidates – in fact, this is incredibly unlikely even when the market is saturated with good candidates. However, in the face of a skills gap, rather than focusing on technical skills, you could move your focus towards ‘soft skills’.
‘Soft skills’ are currently being rebranded into ‘power skills’, which is a far more apt name for them. These are skills that relate more to work culture, people and relationships, and can be seen as more of an art than a science. Where they might have taken on a ‘supporting actor’ role before, power skills are now in the running for the number 1 spot on a hiring manager’s priority list.
So, which power skills should you be looking for when hiring your cyber security team?
A cyber security professional must be able to communicate effectively. They may be able to understand all of the technical aspects of the job, but they’ll probably spend a lot of time communicating these to non-technical stakeholders, particularly with an industry shift towards better connections between cyber security teams and the c-suite.
Good inter-team communication is key in the cyber security workforce, as well as communication with external stakeholders, such as vendors and customers.
This leads nicely on to the ability to work well within a team. Cyber security is not a lone ranger profession. Cyber security professionals need to be able to display that they can work well within their own teams, and as a part of wider teams within an organisation.
Cyber security should take a pivotal role in many projects, so the ability to collaborate, share information and insights, and provide adaptive support where needed is a highly in-demand skill.
In the face of complex problems, you want to know that your cyber security team can handle the heat. Any examples they can give you of creative solutions they have found in response to cyber security incidents and concerns in the past should be a good indication of whether they will be able to cope with the problems thrown their way in your organisation.
They should be able to analyse data, identify patterns, and form solutions to protect your organisation’s systems and data.
The cyber security landscape is constantly changing and adapting, especially in recent years. Technological advances, the rise of remote working and the digitalisation of businesses have all resulted in a need for cyber security professionals to be able to cope with new and unexpected challenges.
There are new cyber threats emerging frequently, so staying up to date on industry news and adapting their practice should be prioritised as a desirable skill in your cyber security team.
Attention to detail
This skill is a must-have, not a nice-to-have, on your cyber security team. The difference between a very damaging cyber attack, and a well-caught cyber threat, can be down to the smallest details.
If your candidates can identify when they’ve previously been able to identify vulnerabilities in an organisation’s defences, and the steps they’ve taken to avert an attack, this could be worth more than all the cyber security qualifications available.
The importance of a moral compass in cyber security should not be underrated. Cyber security professionals consistently work with sensitive data and systems, so you need to be able to trust them. They also need to be willing to report any security breaches or incidents, and understand the importance of transparency and candour.
It’s hard to tell in an interview whether someone is trustworthy or not, so asking for examples of ethical behaviour they’ve displayed before can be a good way to broach this topic, and start a discussion about their views on the ethics of cyber security.
Although it may be tempting to try and hold out for that candidate with the degrees and letters after their name, sometimes you’ll be putting your organisation at more risk by leaving an empty desk in your cyber security team while you wait. During your hiring process, don’t forget to weigh up the benefits of the power skills that a candidate has – a lot of technical skills can be taught, but many power skills can’t. Investing in talent with the right foundations to build upon could be a defining moment in the evolution of your team, and the safety and security of your business.
Are you building your cyber security team? Focus on Security can help. We are 100% dedicated to cyber security and cloud infrastructure recruitment, so we’re best placed to give you the expert consultation you need. Get in touch today to start a discussion with one of our Recruitment Specialists.