Wednesday, September 10, 2014

Fundamental Skills for Any Security Practitioner

As a consultant, teacher and author I am often asked about the key knowledge, skills and certifications required to be a "successful" CISO or security professional.  The questions are usually around such issues as "Should I get my CISSP or CISM?" etc.

My usual response is often focused on having the "fundamentals" down pat such as understanding the business and having strong communication skills -- especially with upper management and the groups you are supporting.

This past quarter in my Masters of Infrastructure Planning and Management at the University of Washington one of our assigned readings was in my Comprehensive Emergency Planning course (IPM501).  The reading was entitled, "Report of the 2013 Disciplinary Purview Focus Group: Scholarship and Research to Ground the Emerging Discipline of Emergency Management."

Sounds dull, doesn't it?

The report was written by a group of scholars studying the field of emergency management.  Their focus "...was to identify the body of scholarship and research related to emergency management's purview that could ground the discipline, particularly as it relates to the education of students."

The report had some interesting perspectives on the subject; however, my key takeaway -- and worthy of me spending time on this blog -- is Appendix J: Skills Emergency Management Students Should be Able to Demonstrate upon Graduation.

This Appendix lists the following skills -- of which I think any security professional should also have competence:

  • Verbal Communication
  • Written Communication
  • Interpersonal Communication
  • Group Communication
  • Network Building and Stakeholder Engagement
  • Analytical Thinking
  • Application of Research in Practice
  • Problem Solving
  • Decision Making
  • Leadership
So, to my friends, students and colleagues who ask me "What skills do I need to possess to be successful in the security field?"  The list to follow is above.....then work on your technical skills such as a CISSP, etc.

Thanks to my professor, Robert Schneider Ed. D. and Director of Emergency Management for Grant County, Washington for this reading requirement...Appendix J made it worth the read.