Cyber Security
However, critical thinking is an often over utilized skill. Being ‘negative nelly’ to other suggestions and input can stifle creativity, innovation and openness. skills, this no longer the case. Getting constructive feedback (a.k.a. ‘areas for improvement) should not be seen as a personal failure. If you find yourself talking about blame or denying feedback, you will have to ask yourself – if I need someone to blame, am I ever truly in control of my situation? This ability to be self-aware is a critical and fundamental step to many other soft skills advancements. All feedbacks (even those that are delivered poorly) should be viewed as a platform to extract personal learnings, and if you develop an appreciation and gratitude for any and all feedback you get – it’ll make it easier to take.
2. Accept that you don’t have to be a carbon copy of someone in the industry There are great role models out there showcasing fantastic soft skills. They’re blogging, showing up on TV interviews, and seated at conference keynote discussion panels. These folks are to be commended for their contributions. You do not need to emulate their interests in order to be successful. Instead you should embrace your own passionate areas of cybersecurity, topics you are interested in. You will find that people will be drawn in and interested in something you can speak passionately about.
3. Don’t forget what you’re here to do Information Security is now recognized as such a vital and important part of the success of the organisation. However, and I hope this doesn’t come as a surprise, it is not the most important thing – the business is. This is not the time to get complacent. Stay focused on being business aligned and seek collaboration opportunities with the business when you can. We should be humble in the face of the growing importance for our expertise by not forgetting the adjacent importance of being business centric.
4. Be open to thinking differently Critical thinking has served us since our ancestors were dwelling in caves and avoiding being eaten by large, clever animals. However, critical thinking is an often over utilized skill. Being ‘negative nelly’ to other suggestions and input can stifle creativity, innovation and openness. A well-known educator Edward De Bono called this ‘black hat’ thinking. In his book Six Thinking Hats he describes a mental framework (using 6 different coloured hats) for processing information
in different ways. This includes optimism, gut-feel reactions, listing facts, creativity and of course critical thinking. It is an example of something that can teach us to not always interpret information in a one-dimensional way.
5. You can’t do this alone. Work better with other people Stephen Covey in his book 7 Habits of Highly Effective People wrote that humans follow a path of maturity: - Dependence (infancy) - Independence (adolescence and early adulthood) - Inter-dependence. Relying on peers and work colleagues is a great way to get complex things done.
6. Things aren’t always going to go according to plan Not all communication exchanges go the way we want them to. You’ll aim to make more positive exchanges than negative ones and learn from the ones that didn’t go so well. Ask yourself, do you contribute to constructive, positive meetings? Do you get worked up when your ideas get shot down? Do you feel your recommendation to use a particular technology was shot down by the team? It’s important to become self-aware of these things, as a first step to doing something about it. Some security professionals feel that they have lost a fight when the business will not agree to a security recommendation. Ultimately, the business gets to decide and own any risk that they accept. It is important that no one leaves a meeting where ownership for a decision is in doubt. If you leave a meeting without ownership, it means there has been a lack of accountability on all parts. It can be frustrating when your plans do not get accepted by peers. It’s important to note that conflict is a natural part of our work environment and is healthy, so long as messages are sent and received in an assertive manner. Complaining to sympathetic peers to blow off steam in the background, is passive aggressive and not too helpful. Blowing up in a meeting and storming out is aggressive. When decisions do not go our preferred way, there is nothing wrong with letting people know – provided it’s done respectfully.
7. Let Management / Promotion / Opportunity come to you An incentive for developing soft skills is that it leads to career progression and opportunity. Be careful not to adopt a ‘fake front’, such as putting on an act. This is ultimately not going to work. It’s also very draining when you’re spending energy to put on a personal front. By setting out to make small, incremental improvements in soft skills, those opportunities will naturally come when you’re ready. Some people get complacent once they get promoted to managerial positions in information security, and this can be very risky. Personal Leadership is about knowing when to lead, and when to follow. You should continue to
Australian Security Magazine | 9