In modern business, the digital landscape is constantly evolving, necessitating companies and organizations to stay abreast of changes, particularly in the realm of cybersecurity. This change is not only challenging for businesses, but it also places a demand on individuals working in the cybersecurity field to adapt their skills to the contemporary needs of the industry. Consequently, hiring patterns diversify, moving away from the old approach of looking for a fixed set of skills towards placing value on soft skills and learning adaptability.
Artificial intelligence (AI) and automation are the major players driving the change in cybersecurity. The emergence and implementation of AI and automation tools, as highlighted by the head of IT and cybersecurity Sameera Bandara, have made a significant impact on the requirements for cybersecurity professionals. With tools able to undertake some of the tasks that formerly required a substantial human input, tasks associated with coding and scripting have become more manageable. This means that employees in cybersecurity take on tasks that are more complex, alleviating the time spent on manual efforts.
In the response to the injection of AI and automation, analyst roles are taking a more ‘proactive’ approach, as described by Datacom’s senior cybersecurity analyst David Vaughn. With access to advanced tools and systems, professionals like Vaughn are moving from reactive tasks to proactive threat hunting. This means a shift from waiting for threats to happen to actively looking for potential threats to the organization, thereby enhancing organizational security.
However, AI is a double-edged sword. While it can help streamline processes and enhance incident-response capabilities, it can also be used to create new attack vectors and further digital threats. As such, governance, risk, and compliance (GRC) specialists must stay aware of AI-based risks, which were not a consideration in the past.
Today, the role of GRC specialists is progressively shifting towards a consultative one. Much like a general physician who identifies the problem and directs the patient to the right specialist, GRC professionals now coordinate between various specialties in cybersecurity to ensure the best protection for businesses.
Besides technical skills, professionals in the cybersecurity industry are required to have solid communication skills. Especially for incident responders, the ability to communicate clearly and efficiently with clients has become an important skillset, a point raised by CyberCX senior manager David Ulcigrai.
When hiring new individuals for cybersecurity roles, the CISOs are not just looking for technical expertise. An increasing emphasis is put on soft skills and communication abilities. Corien Vermaak, Cisco Australia and New Zealand Director of Cybersecurity, agrees with this viewpoint, stating that having the ability to explain technical matters to non-tech personnel is highly appealing.
In the end, hiring in the cybersecurity field is not just about ticking the boxes for certain skills. It all boils down to how open the potential hires are in acquiring new skills, especially given that the cybersecurity domain is always in a state of flux with constantly emerging technologies and threats. Therefore, candidates who have a strong craving for problem-solving and learning are the ones attracting the recruiters’ eyes.
So, if cybersecurity is your field of interest, remember that becoming a desirable candidate no longer solely depends on your technical expertise. Your soft skills, adaptability, and willingness to keep learning and growing are your ticket to making a mark in the industry.
Related Articles: