SVP, Chief Information Security Officer at Customers Bank
Technical skills typically relate to a Team Member’s specialized knowledge and expertise required to complete complex computational tasks, processes and analysis of hardware and software systems within an organization. Most assessment tools used to evaluate an individual’s technical skills focus on key performance indicators, including logic, mathematical reasoning, spatial reasoning, and much more.
Those indicators are important attributes for a Team Member seeking a career in Information Technology, Information Security or a related profession. A Team Members’ level of creativity is equally, if not more, important, especially within the security space. This is due to technologists being challenged to imagine new methods a fraudster or hacker would deploy to breach security protocols.
Many professional opportunities today also require strong soft skills such as emotional or adaptability quotients that focus on an individual’s ability to demonstrate empathy toward colleagues and the understanding to recognize that the cultural differences in each other’s background are important to the team’s success.
In the banking environment, security professionals have to interact with other departments within the organization. As a security team, we are required to have the technical skills to work with physical products and software solutions, as well as soft skills to understand how the mortgage operations team or sales team function and perform their jobs. We also have to understand the bank’s policies and how Team Members interact with customers and colleagues to manage risk.
Soft skills are increasingly becoming more important as technologists create a holistic view to providing security and managing risk beyond departments, physical hardware or software solutions to create a discipline for the entire organization. These skills enable security teams to turn outward and provide training and awareness to Team Members, as well as effectively communicate how everybody has an important role in ensuring the security of customers and the organization.
Upskilling Team Members’ abilities has also become a crucial component in retention strategies in today’s job market as turnover costs are higher. From a security viewpoint, making investments in security and technology teams to build new skills helps retain business knowledge. Upskilling existing Team Members also has the added benefit of improving operational risk over time as new hires introduce preexisting habits and new ideas that may not align with existing security procedures.
Upskilling current capabilities should also be the responsibility of each Team Member. One way to achieve this is by showing initiative and asking your manager to take on additional responsibility. Do not be discouraged if the feedback you receive is that there are skills gaps. This helps you identify the areas you should focus on.
Working with a mentor or participating in group projects is a great approach to developing soft skills. There are many low-cost education programs or free online courses that Team Members can take advantage of to strengthen hard skills. Create an individual learning plan that fits your schedule, and look for books that supplement the courses you take. As you develop your new skills, you may want to consider volunteer opportunities or freelancing to further develop and hone your new skills.
Today, cybersecurity has moved beyond protecting technology to focus on protecting customers and Team Members from hackers. This is due to hackers transitioning away from exploiting weaknesses in technology to focus on the path of least resistance – the individuals operating or accessing the systems. In this role, it is essential to constantly focus on upskilling and reskilling capabilities to stay ahead of the changing environment. Remember, the primary focus of information technology and security departments is to protect the livelihoods and information of customers, Team Members and the organization to ensure those with nefarious intent cannot cause harm or disruption.