What skills do I need for cybersecurity?

Cybersecurity is a complex industry with many roles demanding a diverse set of hard and soft skills, so it’s only natural to ask, “Exactly what skills do I need for cybersecurity?” The core function of a cybersecurity expert is to protect and defend an organization's IT systems against intrusions from both internal and external sources. This can involve several responsibilities, including vulnerability assessment, incident management, penetration testing and the development and implementation of solutions.

Cybersecurity professionals are currently in high demand, with many organizations lacking the necessary talent required to secure their IT systems. By 2021, there will be an estimated 3.5 million unfilled cybersecurity jobs.¹ Professionals with proficient knowledge of cybersecurity will find a wide range of jobs open to them in multiple industries. Beyond the prerequisite computer and IT skills needed, candidates should also possess certain personality traits or 'soft skills' that will help them conduct their job successfully.

Technical Skills

IT Fundamentals
All cybersecurity jobs require a firm knowledge of IT fundamentals, including detailed network, hardware and software configuration.² This encompasses the full range of IT protocols from TCP/IP and DNS to advanced intrusion detection and prevention protocols like IDS/IPS and firewall protocols. Most cybersecurity students have many years of experience in an IT background and have proficient knowledge of IT fundamentals. However, there are introductory cybersecurity courses available in which you can learn all the required IT skills.

Front-line cybersecurity professionals must know how to respond to active incidents and recognize threats like distributed denial of service (DDoS), malware, ransomware and phishing. Those in threat detection roles require pro-active analytics and intelligence gathering skills and the ability to investigate using computer forensics tools.

Coding Skills
While not all cybersecurity jobs require coding skills, they may be necessary for more advanced roles. Even just a basic understanding of the concepts that form the foundation of all coding languages may help analyze threats and implement solutions. Python is one of the primary coding languages used in cybersecurity and is easier to master. Creating simple automation scripts in Python or similar languages can be hugely beneficial to many cybersecurity roles.

Penetration testers are proficient in finding vulnerabilities in an organization's IT systems. They need to know advanced 'pen testing' skills like OS exploits, SSH tunneling, multi-level pivoting, privilege escalation and web application exploitation. Many of these processes can benefit from a decent knowledge of basic coding and scripting skills.

Understanding Architecture
Many cybersecurity jobs involve developing and improving security, detecting vulnerabilities and testing software for bugs. To do this, you must be familiar with the architecture that makes up IT security systems. Various computer architectures that cybersecurity professionals should be proficient in include Windows, UNIX and Linux plus standards like ISO 27001/27002 and COBIT frameworks.

Network Security Architects work with management to design a comprehensive network security solution. They will typically have a team of engineers working with them to ensure every aspect of an organization's IT systems are accounted for and protected in the best possible way.

Administration and Operating Systems
Cybersecurity professionals will need a solid understanding of all computer operating systems, including Windows, Linux and OSX. To successfully administer and secure an IT network, you will need to understand how various operating systems manage their users and implement account security. This includes knowledge of best practices documentation like Identity and Access Management (IAM).

Good IT administration includes adherence to compliance and auditing rules. Managerial roles, in particular, require a sound understanding of compliance regulations like HIPAA, FISMA, GDPR, ISO protocols and many others.

Soft Skills

Different personality traits benefit certain roles more than others but overall, cybersecurity professionals should be calm, patient individuals with a penchant for detail.³ Those working on the front line must be able to act quickly and communicate effectively when under pressure.

Strong Communication Skills
Communicating effectively, both verbally and in writing, is a must in all cybersecurity roles. Managers must have a decent level of authority over their team members and general staff to accurately communicate critical security procedures.

The ability to focus and collaborate in order to achieve goals is essential to the smooth running of a cybersecurity department. The best cybersecurity experts are dedicated team players with excellent problem-solving skills.

In many roles like that of a Security Architect, you should have good people management skills and the ability to communicate an in-depth knowledge of security protocols. A successful Incident Handler must be able to think, plan and communicate quickly and efficiently. This role involves a high degree of collaboration with other team members.

Critical Thinking and Problem-Solving Skills
Cybersecurity staff must be able to consider all possibilities, anticipate threats and 'think like a hacker.' This helps with the assessment and formulation of security solutions. Critical thinkers can quickly adapt to new situations and reformulate ideas to meet ever-changing demands. Cybersecurity is often a high-pressure, fast-moving environment that requires an open-minded, analytical approach. Those working on the back end to investigate and mitigate risks require lots of patience, dedication and critical thinking.

Implementation Skills

Even low-level cybersecurity roles require individuals that can independently plan and implement solutions.⁴ Cybersecurity employees should be able to take responsibility, delegate tasks, and manage time effectively.

Many cybersecurity jobs like that of a Security Analyst require planning and implementing network security, updating systems and documenting processes. They also evaluate existing systems and compile reports for IT managers and administrators. Ideally, you should be a self-starter with the motivation and know-how to implement new network hardware and software. This requires a comprehensive and up-to-date knowledge of new IT systems and security protocols as they become available.

The role of a Disaster Recovery Specialist requires a highly responsible individual pedantic about ensuring the implementation and adherence of backup procedures. They should be able to operate quickly and effectively in a high-pressure situation. Activities include testing and maintaining backup procedures, assessing mission-critical systems and keeping staff informed of recovery procedures.

Management Skills

Management roles require an enthusiasm for security and a desire to protect both the staff and your organization's data. A Security Operations Center (SOC) is most effective when a highly motivated team works together for the company's best interests. Management skills go beyond technical knowledge and require expertise in ethical practices, system requirements, financial planning and project management plus more advanced business intelligence subjects like data analysis and information security.

Staff Training
Being able to implement effective staff training can be a key factor in securing an IT network. Managers should work with supervisors and administrators to assist in training staff about security procedures like backup schedules and responsible password management.

An Information Security Officer is a high-level cybersecurity role that takes responsibility for an organization's IT security. They typically have a functional knowledge of all aspects of cybersecurity and ensure that all staff and departments are operating effectively. The job requires a willingness to get involved in a wide range of activities.

Get Started in Cybersecurity Today

Considering the large skills gap that exists in the market, a career in cybersecurity promises a wealth of exciting job prospects for those who are qualified. If you would like to enter this booming field, consider how earning your MS in Cybersecurity online from the Katz School of Science and Health can help you achieve your goals.