Myth: you must be a “techie” to lead in the CYBERS

Ok so you might be sitting here going… but Dan you send pews and do “techy” stuff… do you not lead? Well, I mean I do all kinds of things, I write business cases, I play with spreadsheets (fun right!), I integrate systems and look at data and sometimes write really bad code! (hey, the pews aren’t going to send themselves!) but… I want to talk about some realities here.

Leadership and Change

Leading doesn’t require you to be the BEST developer in the world! Or the best pentester or best architect evaaaaaaaaaa! It requires something far more… well human.

So, what does a good leader look like?

Well for starters they don’t “Look” like anything, looks aren’t important! Character is! Now what traits tend to work with “good” leadership?

  • Good listener
  • Good communicator
  • Good at networking
  • Good at building balanced views and being able to represent complex topics in “simple enough” explanations to facilitate change
  • Able to see things from multiple perspectives
  • Able to develop and grow a team to support them with the right set of diverse skills and capabilities
  • Domain knowledge
    • This doesn’t mean being an SME in everything
  • Able to understand and manage demand, requirements, and constraints

A leader is more than the sum of their own parts, they also leverage their teams capabilities, their networks and their customers (everyone has a customer even if you are not selling anything!)

Yo Ho Ho A Cyber Life for Me

So, notice how I haven’t laboured on about TCP/IP or buffer overflows or how weak passwords are a key issue for cyber leadership. See they might be topics for discussion for a specific scenario at a specific point in time, but they aren’t what cyber leadership is about.

Developing missions, visions, goals, and objectives in cyber security is a very business and human aligned aspect. I’m not saying human vs tech, I’m saying it needs both, but it doesn’t need to have everything in one person. I’d rather work with a leader who has the right attitude, approach, understanding and communication capability than someone who lacks all of these but is highly technical (it’s often not the technical areas that are the challenge, it’s usually human and political/financial ones).

Cyber security is a team game, it requires a broad and diverse range of skills from leadership to technical from finance to forensics. It’s an insanely fast, broad, and deep domain. Leading the future, we need people who can communicate, understand and who are empathetic with the right knowledge, capabilities, skills and supporting teams to enable them to succeed, that doesn’t mean a tech first approach, it means a human one (it doesn’t mean people also can’t do both!)