IT professionals in general, but especially IT Security professionals, take great pleasure in their technological abilities. keeping up with the most recent threats and demonstrations of one’s “worthiness” to peers and management. The lengthy alphabet soup of credentials in the signature—CISSP, CISA, MCSE, CCNA, and so forth—is both impressive and necessary. But technical expertise alone cannot solve cybersecurity mysteries. In fact, it may be argued that soft skills are just as crucial, particularly considering how crucial cooperation within the firm is. Everyone has a responsibility for security.


Security is everyone’s responsibility, thus the cybersecurity leader’s ability to effectively communicate with multiple stakeholders to encourage support, buy-in and behavior change is crucial to their success. The success of any cybersecurity program will be largely determined by your ability to collaborate with various people and departments within your organization.


Leaders in IT security speak in their field’s technical lingo far too frequently. It should come as no surprise that this has no effect on company executives or other team members whose involvement is essential to success. After all, an employee cannot modify their behavior unless they are aware of the risk and internalize it. Like many other skills, this one can be learned and developed with practice. A technically competent person learning and honing such a skill is uncommon, but it is very important and when encountered, its value is immediately understood.


The thoughts, attitudes, and beliefs that individuals within the organization have regarding cybersecurity are referred to in this context as culture. The incorporation of emotion is a process that technical people frequently find challenging to understand, yet it is crucial to successful communication, teamwork, and the acceptance of new practices. Old economy businesses with a “professional” culture, such financial or governmental institutions, may demand formality and protocol in communication and substance. Communications with humor or animation and a more casual approach may be better received by technology companies with personnel who are generally younger. Collaboration, communication, and cybersecurity will all be significantly improved with a better understanding of business culture.

Technical proficiency is ultimately required for success, but without these soft skills, a cybersecurity program cannot be successful. As an industry, we frequently highlight and respect technical talents; yet, soft skills are equally important.