A career in cybersecurity can seem daunting, especially when you’re unsure of the essential skills and roles that can lead to success in this field. However, there is an estimated shortfall of 11,200 people to meet the demand of the cyber workforce.
If you’re currently a student, contemplating a career shift, or transitioning from a different industry, understanding what skills are truly valuable and how to use them is important.
I’ve wrote this article so we can explore the key attributes that make someone excel in cybersecurity—beyond just technical knowledge—and discuss how individuals from non-technical backgrounds can find their niche within the industry.
What skills are truly useful to get into cybersecurity?
I reflect on this a lot, not just because we’re frequently asked, but because we spend considerable time talking to people at various stages of their learning journeys.
Whether they’re still in school, considering an apprenticeship or university, changing careers, or pivoting into cybersecurity from a different industry—be it data analytics, IT support, or something entirely unrelated—this is a question that comes up time and time again.
So, what advice would I give to someone considering a career in cybersecurity? Honestly, it’s more about the softer human skills. When you look at what makes the very best in cybersecurity, it’s a wide spectrum, but it boils down to intuition and problem-solving skills.
Sometimes it’s logical, other times it’s less so. It’s not just about critical thinking—though that’s part of it—but also about having a never-quit attitude. This is a tough skill to teach, but it’s crucial, especially when dealing with complicated cyber problems that involve deception and distraction techniques.
Attacks can be prolonged and complex, requiring a deep understanding of patterns and behaviours. Traditional cybersecurity often focuses on pattern matching, but the best professionals are those who can dig deeper, who don’t give up when the answer isn’t immediately apparent.
Unfortunately, many courses don’t teach these softer skills. The ability to prioritise risk is something that matures over time—it’s not something you can rush. Looking back on my early days in managed services, the logical approach to breaking down problems, building on experience, and learning from others was invaluable.
There’s no substitute for experience, especially the kind you gain by being on the ground. Be it shadowing someone or participating in events where you can ask questions and learn from others, these experiences are priceless.
Going forward, having a diverse technical knowledge base is important. Technology is always evolving—quantum computing, for instance, is set to revolutionise cybersecurity in the near future. You need to be able to multitask effectively, especially in high-pressure environments.
When an incident occurs, it’s challenging to think the same way you did before it happened. As events escalate, managing the emotions of those involved becomes increasingly difficult.
Experience teaches you how to care for your customers, their brand, and their business, which often comes with high stakes and heightened emotions. You learn not to make rash decisions under pressure, a skill that only grows with time and exposure to real-world situations.
A love of learning is essential in this field. From the start, you need to demonstrate your passion for learning, your ability to multitask, and your intuitive problem-solving skills. These softer skills, coupled with on-the-ground experience and technical knowledge, are what will set you apart.
Above all, strong communication skills are important, particularly in pressure-filled, incident-response environments. Learning from others, participating in post-incident reviews, and understanding different perspectives will help you grow and eventually lead to leadership roles if that’s your goal.
You don’t come from a technical background—what roles can you get within cybersecurity?
This is a great question, especially since cybersecurity really interests so many people. What might surprise you is that there are plenty of critical roles in cybersecurity that don’t require a technical background.
In fact, a good number of people in our business come in with no previous experience in cybersecurity, yet they hold absolutely critical roles, particularly in client success.
Sometimes, it’s even better not to have a technical background because you’re bringing a fresh perspective. Your focus would be on scheduling and prioritising the technical people where they’re needed most.
One of the most important aspects of cybersecurity is understanding business change and the customer environment—essentially, understanding the risks that businesses face, both from an external viewpoint and from within the business itself. You don’t need technical skills to grasp these concepts.
What you do need is the ability to understand, communicate, and engage in active dialogue with customers, to listen and provide feedback as their businesses evolve.
Making connections and planning for customers are also crucial tasks that don’t require technical expertise. Roles that focus on customer experience and reporting are great examples.
We deal with a lot of data in cybersecurity, and while the technical team might understand that data, the real challenge is correlating it into actionable recommendations and ensuring that businesses actually implement those recommendations.
This involves planning, prioritising, and executing—what I often refer to as the A and E of cybersecurity: Action and Execution. These are vital components of cybersecurity that require tenacity and drive more than technical know-how.
It’s about working with a business to implement changes, staying as up-to-date as possible, and mitigating risks, threats, and vulnerabilities.
Great communication is key here—explaining why certain actions need to be taken, involving the right people, and effectively scheduling resources.
I want people to understand that cybersecurity is for everyone. You don’t need to be a tech expert to play a vital role in this field. These non-technical roles are essential for delivering a great customer experience and ensuring the overall success of cybersecurity efforts.
Final thoughts
Entering a career in cybersecurity involves more than just technical expertise—it demands a blend of softer skills and practical experience.
Whether you’re coming from a technical or non-technical background, the ability to thrive in cybersecurity relies on intuition, problem-solving, and a relentless attitude towards overcoming complex challenges.
If you dedicate time to practical learning, utilise online resources, and demonstrate a passion for continuous growth, you can build a rewarding career in cybersecurity.
Curious about a role in cyber? We may just have something for you. Check out our careers page here.