(5 min read)

Do you have what it takes to be a cyber security professional?

If you’re just starting out in the workforce or are making a career change, it makes sense to see if you have what it takes to succeed in a career in cyber security. The gap between qualified professionals and open jobs in security awareness is expected to hit between 1.8 million and 3.5 million by 2022.

Laraine Weglarz, former Chief Information Security Officer for multi-billion-dollar retail corporations and current CISO coach and consultant at Terranova, has been working with hundreds of security professionals since the 1990s – when phishing attacks came through AOL and human mistakes, and misuse or malice were (and still are) the biggest security challenges. Laraine shared 10 attributes and skills she sees in successful security pros.

10 Skills and Attributes of a Successful Cyber Security Pro

1 – Passionate about Security

cyber security professionalWhen you have a passion for something, you become self-motivated. A passion for cyber security can come from the sense that you’re making people’s lives better. You want to protect people and help them help themselves by adopting security-aware behaviors. “Passion is the No. 1 characteristic for someone working in cyber security,” said Weglarz. “If you don’t ooze passion for security, you come across to those you’re training or working with as just another mouthpiece. When others sense your passion for security, they’re inspired. A passionate attitude is infectious.”

2 – Good, Adaptive Communicator

cyber security professionalNo matter what your role is in security, it’s important to understand and be able to communicate about both technical and business aspects. Communicating at the technical level with coworkers within the security and information technology teams is table stakes. The ability to understand and communicate how security affects the business side of an organization is essential when it comes time to request budget for security awareness programs or to convince executives to change a long-standing procedure to a more secure process.

3 – Life Long Learner

Good security pros have a thirst for knowledge. The security industry is one of constant change. From cyber criminals employing new methods of attack to new regulations and new tools, security professionals must be in constant learning mode.

4 – Enjoy Problem Solving and Challenges

cyber security professionalCyber security is a chess game. The challenge is anticipating the moves of hackers and staying ahead of them to counteract their moves.

5 – Have a Flexible Viewpoint. 

cyber security professionalThe ability to see the entire picture is important in cyber security. Having that macro, or business level view is complemented strongly by the ability to also see the micro view – the view of those that provide the hands-on operational protections. This is incredibly important when implementing any security program or procedure.

6 – Planning and Project Management 

cyber security professionalEverything in security – from establishing policies to implementing technology – translates to a project. Good security professionals can plan and methodically complete a project.

7 – Ability to Delegate 

cyber security professionalCyber security is a team event. We will never win alone. The ability to delegate, share duties and seek opinions of others is a strong attribute in the cyber security world. The idea of two heads being better than one plays well. Another person may see something you don’t or have an additional idea for how to handle a situation.

8 – Vision for the Future 

cyber security professionalThe ability to anticipate “the next big thing” in security and technology overall will help your organization be more prepared for and protected against the exploits that inevitably follow something new. The ability to ground your vision in the reality of your budget and make the difficult risk / reward assessments is an added attribute that employers desire.

9 – Enjoy Engaging with People 

cyber security professionalSecurity is about people. Most data being protected is personal data – information about people or belonging to people. And ultimately teams of people are responsible for protecting that data. Addressing security from a personal point of view makes it real for people and they will respond.

10 – Self-driven, Self-managed 

cyber security professionalIf you can get things done without a lot of supervision, you are driven and can manage yourself. Passion can inspire a driven person, but self-management is the ability manage the work without a lot of supervision and to see things through to closure.



cyber security professionalDo you have a few of these attributes and skills? If so, a career in cyber security could be for you. If you think security awareness training – a people-focused area of security where the emphasis is on education and changing behaviors – might be a sector of cyber security you’re interested in, you can learn more about setting up a security awareness program in The Human Fix for Human Risk, by Lise Lapointe, Terranova CEO.