As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team.

But Jim was especially valuable when I needed help with other developers — especially Bill, who was brilliant but not very good at communicating with anyone else in the office. Simply put, Jim was a leader. And he bridged the gap between technical and non-technical staff better than anyone I had ever met. If I was really struggling to get information from Bill or figuring out what he needed to deliver a component, I would ask Jim for help. And usually, with just a quick conversation, he could help me translate Bill’s technical needs into project manager speak.

Working with others is key in cybersecurity

As collaboration in the workplace becomes more important than ever before, companies are increasingly looking to hire people like Jim over Bill. According to a survey of tech industry workers by Reign, 76% of managers thought soft skills were more important for success in tech jobs compared to 44.9% who said tech skills mattered most. Even more interesting, tech employees felt the same way. Employees (72%) ranked soft skills as most important, with 42% believing tech skills were more valuable.

When hiring for a cybersecurity position or looking for a job, it’s easy to focus on technical expertise. But I think it’s time to start thinking of technical expertise as the baseline requirement for a position. Soft skills should then be the reason you hire a specific tech employee over another once the expertise is relatively equal.

Yes, technical skills are a must for those working in cybersecurity. That’s a given. But even the most brilliant cybersecurity expert in the universe isn’t going to be very effective if they can’t share their expertise with others. And their brilliance can only go so far if they can’t collaborate with others who bring different skills to the table to create an innovative product or service.

Overall, a team member with poor people skills holds the team back and makes it very challenging to function as a high-performing unit.

Soft skills are more important with hybrid work

With the increase in hybrid work, soft skills are even more important than they used to be. According to McKinsey’s 2022 American Opportunity Survey, 58 percent of Americans can work from home at least one day a week, with 35 percent able to work fully remotely.

When everyone was in the office, it was possible to get by with mediocre soft skills. But working with people virtually requires a higher level of communication and collaboration. And the opportunity for miscommunication and frustration is even higher when working with others solely through video and email.

Team members must communicate proactively, such as when they make a change to a feature or spot a potential risk. In the past, you might remember to tell someone about an issue because you passed them in the hallway or saw them in the breakroom. But now, cybersecurity professionals must take the step to let everyone know about issues and changes without the visual reminder of seeing them in the office. While collaboration software helps, cybersecurity professionals must still proactively reach out.

Assessing people skills during the hiring process

The cybersecurity industry has evolved in its assessment of tech skills, with many companies now using certifications and badging for hiring. Even with a spectrum of expertise for tools and skills, assessing tech skills is relatively black and white. Either someone has them or they don’t.

But soft skills are harder to assess. Doing so is relatively new, and it feels a bit uncomfortable. Making it even more challenging is that these skills can be very subjective. I thought one of the developers on my team was a poor communicator, but both Jim and Bill felt differently. Here are some ways to make assessing soft skills more accurate:

  • Include a range of roles in the interview process. Many organizations have applicants talk to employees with cybersecurity expertise, which is important. However, also have candidates talk to people who they will be working with on a day-to-day basis. For example, if the role involves collaborating with marketing and sales, include these roles in the interview process.
  • Create a list of soft skills to evaluate for each position. Talk to employees in that role and the people they work with closely to determine which people skills are most important.
  • Have interviewers use a scale for ranking skill levels. It’s hard to say whether or not someone is a good communicator in a yes or no question. But by using a numbered scale, interviewers can compare candidates and feel more comfortable with the evaluation.
  • Ask questions that highlight soft skills. If you only ask technical questions during the process, you have a lower ability to evaluate their people skills. Try asking about a time when a candidate disagreed with a coworker, or what they did the last time they were working on a project that ran behind schedule.

Collaboration builds success

Teams that work well together are typically the most successful. By hiring employees who can skillfully collaborate, you set up your team for success. And if Jim ever applies for a job with you, be sure to hire him. He’s awesome.

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today