For many business enterprises, the cybersecurity specialist is the individual responsible for securing and protecting the integrity of the company's communication networks and information technology systems. In a modern business environment, marked by relentless cybersecurity attacks on all interconnected systems, a cybersecurity specialist must have both superior technical skills and a certain tenacity of spirit.
Of course, not everyone is cut out for the life of a cybersecurity specialist. The ability to combine and effectively apply technical skills with the proper amount of ferocity required to thwart cybercriminals and their malicious activity is a relatively rare personality trait. So before you consider a life of patching a seemingly endless supply of security vulnerabilities, it's important to assess your ability to master the strenuous demands of the position and its nuances.
This article lists 10 signs you might not be cut out to be a cybersecurity specialist. For this purpose, we assume you have the technical skills to handle the role—the pertinent question is do you have the necessary nontechnical skills?
SEE: Malicious AI: A guide for IT leaders (Tech Pro Research)
1. You don't like change
The world of cybersecurity is chaotic. Old security vulnerabilities are closed or patched only to be replaced by new ones. Criminal elements are always refining and fine-tuning their attack vectors with new scams and new phishing techniques. The security threats change week to week, day to day, and even hour to hour.
An effective cybersecurity specialist must be able to see, adapt, and counteract these changes on the fly as they occur. If you don't have a personality that embraces the dynamics of an ever-changing work environment, you may not be cut out for the job.
2. You aren't fond of continuous education
Closely related to a cybersecurity world in a constant state of change is the need to continuously learn and implement new and better protection strategies. The balance between the attackers and the cybersecurity specialist is in a constant state of flux, with battles going to the side with the better technical know-how.
Is this environment, a cybersecurity specialist must be willing and able to learn and adapt to new ways of approaching security. If you have ever uttered the words, "But that is the way we have always done it," with any measurable sincerity, you may not be cut out for cybersecurity.
3. You don't work well under pressure
Building on the pressures of chaotic change and continuous learning is the relentless pressure to keep an enterprise safe from intrusion. Cybercriminals and their orchestrated attacks on enterprise information technology infrastructure never rest, never take a day off. There is no respite from the stress of knowing your systems. The systems you are responsible for protecting are under constant attack.
If you don't have a personality that can absorb the continuous pressure to perform and the stress that comes from knowing something will eventually go wrong—without having it manifest psychologically or physically or both—you will be better off not taking a cybersecurity specialist position.
4. You can't make peace with the fact that you will be ignored
Compounding the stress of change, continuous learning, and the pressure to perform is the fact that someone in your enterprise will choose to ignore your well-thought-out security directives on a daily basis. Whether it's your directive to never use the same password for different systems or to never click on attachments in an email, or any other common security procedure, someone will ignore it and that act of defiance will allow an intruder into the system.
The cybersecurity specialist can't escape from the knowledge that most of their worst days on the job will be caused by co-workers who carelessly circumvent security protocols for the sake of convenience. If you can't make peace with that inevitable fact, you may not have the temperament to be a cybersecurity specialist.
SEE: Eight things you should know before launching a cybersecurity career (free TechRepublic PDF)
5. You can't accept failure
Along with all the stressful pressures mentioned already, there's another stress-inducing factor that cybersecurity specialists must understand and embrace, despite how painful it may be:
No matter how well you do your job—you will fail!
You will fail to prevent unauthorized access, you will fail to protect enterprise data, you will fail to find all security vulnerabilities before they can be exploited—at some point, you'll just fail. It can't be avoided.
The modern always-interconnected, always-on business environment marked by mobile devices, big data, and IoT increases the number of potential attack vectors beyond any enterprise's capacity to timely close them. Cybersecurity specialists can't thwart every attack, which means at some point an attack will be successful. If you can't accept this reality, you may not be cut out for a life as a cybersecurity specialist.
6. You can't keep your cool
There's no doubt about it: knowing you are going to fail—and knowing that the reason you are going to fail is likely because someone else failed to follow your explicit instructions—is extremely frustrating. But a professional cybersecurity specialist must be able to keep cool under such circumstances.
Once a security breach is detected, a set of protocols is activated to counteract the intrusion. To be effective and to successfully mitigate potential damage, those protocols must be implemented with rationality and by cool heads. Inevitably, one of the individuals in charge of implementing those mitigation protocols is the cybersecurity specialist. If you can't keep calm, even if everyone else is in a panic, you may not be suited for life in cybersecurity.
7. You can't tolerate executive indifference
Another factor adding stress to the life of a cybersecurity specialist is that often the executives of an enterprise are less than enthusiastic about establishing strong security policies, procedures, and protocols. In fact, some executives are plain apathetic about security—at least, until there is a security breach, where suddenly security is the absolute most important thing.
Employees ignoring your directives and breaking security protocols for the sake of convenience, a perpetual problem for all cybersecurity professionals, will never be controlled if the highest-level executives don't support you and your efforts to implement security best practices. In some cases, those executives are going to be the worst offenders. If the prospect of that behavior and lack of support upsets you, cybersecurity specialist may not be a good career choice.
SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)
8. You can't accept blame when it's not your fault
The unfortunate reality of a work environment where employees and executives routinely circumvent your practical security procedures and protocols is that the cybersecurity specialist is always the one who gets blamed for a security breach. It doesn't matter that the CEO clicked a suspicious link in an email that loaded a keylogger onto their device—it is still ultimately your fault.
Of course, assigning blame in this way is counterproductive and does not help mitigate the potential damage of a security breach, but that is often beside the point—someone must be blamed. It's just part of human nature to assign fault to someone or something. If the prospect of being blamed for the actions of someone else makes you a little crazy, don't try your hand at cybersecurity specialist.
9. You aren't comfortable with explaining what went wrong in brutal detail
A vital part of the cybersecurity specialist's job is to brief stakeholders. This includes briefings on what security policies, protocols, and procedures are in place before a breach occurs. It also includes after-the-fact briefings and explanations of why and how a security breach was successfully accomplished. These briefings may sometimes include unvarnished and raw information about the actions of specific individuals in the enterprise.
An effective cybersecurity specialist must be able to give a totally accurate account of events even if that explanation will embarrass certain individuals—consider the CEO keylogger example we mentioned earlier. Such a presentation requires a deft touch and diplomatic aplomb. If you don't have those skills, you may not be cut out to be a cybersecurity specialist.
10. You can't accept that there are no winners
For all intents and purposes, the modern business environment, with regard to cybersecurity, is in a stalemate. Cybercriminals develop new vectors of attack and cybersecurity professionals find ways to close them. This happens over and over again, with neither side being able to fully overwhelm the other. There is no winning.
In many ways, cybersecurity at the enterprise level is a game that can't be won—only played. There is no finish line to reach first, there is just the ebb and flow of the competition. If you can't accept the fact that you will never truly win complete victory, only minor skirmishes, you may not be cut out for life as a cybersecurity specialist.
SEE: IT leader's guide to cyberattack recovery (Tech Pro Research)
Of course, not everything about the cybersecurity specialist job is negative. If you can embrace and master the challenge of the personality traits listed above, you may indeed achieve tremendous job satisfaction as a cybersecurity specialist. The position not only requires technical proficiency, but also the unshakeable confidence and sense of conviction to overcome obstacles that many would find discouraging and disheartening. If you can do that, perhaps cybersecurity specialist is your true calling.
- Only 9% of millennials are interested in a cybersecurity career (TechRepublic)
- The secret to successful cybersecurity programs? Training and automation (TechRepublic)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- 8 hard truths about working in cybersecurity (TechRepublic)
- 10 ways to develop cybersecurity policies and best practices (ZDNet)
Do you think you have what it takes to be a cybersecurity specialist? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.
Mark W. Kaelin has been writing and editing stories about the IT industry, gadgets, finance, accounting, and tech-life for more than 25 years. Most recently, he has been a regular contributor to BreakingModern.com, aNewDomain.net, and TechRepublic.