What are the skills we should be looking to teach the information security professionals of the future? It’s a good and timely question given the current proliferation of training courses and the growth in professional development schemes.
I’ve been disappointed with much of the accepted wisdom drawn from analysis of member surveys by professional institutes. They tend to have employed the wrong approach. We need some original, logical and lateral thinking. Inspired by this thought, I’ve drawn up a list of my seven top skills for the future information security profession. They are:
1. An understanding of psychology to plan interventions that can might actually have an impact on the behaviour of staff.
2. Social networking skills to influence and harness the support of large numbers of users and customers over social networks.
3. Skills in marketing communications to design compelling, effective awareness campaigns and materials.
4. Strong commercial management skills to specify and manage security across business partnerships and outsourced supply chains.
5. Sophisticated crisis management skills to safeguard the organisation’s intellectual assets (not just the data) in the likely event of a major security breach.
6. Digital forensic skills to detect and prove when an intruder has infiltrated or modified the organisation’s intellectual assets.
7. A sound knowledge of legal and regulatory requirements and issues.
You can read more about my thoughts on how to go about forecasting future trends and skills on my latest Infosecurity Advisor blog posting.