Above and Beyond Tech: The Human Factor in Cybersecurity
Defeating today's and tomorrow's threats involves leveraging intel, technology, and sound judgment. But what's the secret to a long, fruitful career in cyber risk management? According to Genevieve White, a cyber warfare specialist with decades of experience on the front lines, the answer is simple: Excel at being human.
In the battle against hackers and malware, it's natural to hungrily covet the brain's digital neurology of Star Trek's Data or Asimov's R. Daneel Olivaw. But the key to longevity in cybersecurity isn't an android's efficiency; it's a person's humanity.
While she's learned volumes over the course of her career, one of the overarching truths she's learned is the power of people, both those you work alongside and those you protect from attackers. Listen in to her podcast episode now:
The Power of Collaborative Teamwork
Gen's company, Telstra, was recently awarded the title of Cyber Risk Nation Partner of the Year by CyberGRX. While her role in helping her company earn these accolades is undeniable, Gen credits her success to strategic teamwork. "I'm fortunate to work with an amazing group of people," she said.
She adds that the teams she ends up working with aren't accidental. "I'm surrounding myself with clever people. That's something I've learned to do over the years," according to Gen. "They're wonderful individuals. We've got a great corporate culture, and we're doing everything we can to help uplift our customers' security posture and capability."
Going to Battle for Your Clients
Despite what may come across as a feel-good mantra, Gen often has to be a cyber-mercenary, fighting alongside clients to prevent digital catastrophe. At the same time, like all battles, this can result in powerful bonds between you and the people you're fighting for.
Gen puts it this way: "It's those conversations that you have with customers—usually late at night or very early in the morning—where they're under duress and almost at the end of their rope. You can feel the tension and the stress."
By internalizing the energy of these moments, Gen finds the motivation to improve continually.
"Those kinds of conversations—the human aspect of it is just so enormous that you can't help but feel an incredible amount of empathy towards a customer while they're going through a breach," she said. "That's what drives me forward to continue to be better."
At the same time, Gen sees AI as a sharp, two-edged sword. It is already being used to craft incredibly believable phishing emails featuring perfect spelling and grammar, devoid of the errors that used to raise flags.
It is essential not to lose sight of the underlying motivation: protecting people and their systems. AI's scalability, efficacy, and utility make it an ideal solution for safeguarding smaller organizations from virulent threats. With AI, cyber defenders can craft solutions that multiply the defensive capabilities of companies with fewer resources, giving them the powers that have traditionally only been available to the big players.
Fostering a Cybersecurity-First Culture
In some organizations, a cultural gap exists between cyber risk professionals and other department members. The key to bridging the gap is for cybersecurity professionals to step up as leaders. By leading the way in weaving cyber awareness through your organization's fabric, you unite disparate patches into a unified quilt. "I think we need to take more of a leadership position in making sure that all aspects of security, including risk management, needs to be embedded across an organization," Gen explained.
In line with this imperative, she continues, acknowledging the importance of "relationships in our field—and in particular the way that we build relationships with our customers, I think that often extends internally as well—to our business partners and business units that don't necessarily have the same level of appreciation for cybersecurity and cybersecurity risk."
By communicating the value of cybersecurity and then sharing the wealth of knowledge this engenders, risk professionals can lead their organizations to a more robust security posture.
The Key to Cybersecurity Success: Focus on the Greater Good
One of the most exciting elements of Gen's insights was the focus on genuine connections. Regarding long-term success, these may be more effective than the latest tools and intel.
As is the case with all challenging endeavors, in the end, success in cyber risk management all comes down to the purity of your intrinsic motivation. When no one is watching, or it's just you and a client or team member, what drives you to go the extra mile? For some, it's a paycheck, but intrinsic motivation makes all the difference for many of the more successful pros, like Gen.
The Power of Intrinsic Motivation
Finding an internal motivating factor, such as a desire to help others, can make the difference between success and failure in cybersecurity. An article in the Information Systems Journal by Kam, Ormond, Menard, and Crossler confirms the effectiveness of "self-determined motivation."
As it's done for Gen and others, a genuine motivation makes it easier for cyber defense professionals to engage in "actual learning behavior," the December 2021 paper finds. With this learning behavior comes both new and better-honed skill sets.
In the context of this research, Gen's parting advice is acutely compelling. "Rely on the bonds between you and the people you work with," she recommended. "Even though it seems like the world is a vast place, it's a very small, connected group of individuals in the cybersecurity community. Stay true to your values, and do everything you can for the greater good."
Fortunately, there are security tools designed for you and your fellow cyberdefenders. Connect with CyberGRX today to learn how predictive analytics and a global Risk Exchange combine to make organizations safer.
Get Cyber Risk Intel delivered to your inbox each week: