When the Log4J vulnerability sounded alarms in IT departments in late 2021, Oscar Morales, solutions architect at the managed security services firm Calian IT and Cyber Solutions, was getting a lot of questions from concerned CIOs, CEOs, and IT directors.
Could you scan for Log4J?
Were there any protections or workarounds?
What is Log4J?
Vendor advisories began appearing in early December, weeks after the flaw’s discovery on November 24, 2021, but those responding struggled to find authoritative sources of information.
While IT pros like Morales had to quickly learn about the vulnerability, find it, and patch it, they also had to calm anxious customers.
“Having those communication skills and being able to translate and explain what’s going on and what needs to be done is crucial,” said Morales.
As cybersecurity professionals continue to deal with the unexpected disaster—a surprise vulnerability here, a ransomware attack there—infosec job recruiters are looking not just for degrees and certifications, but for experience handling emergencies.
“Understanding how to keep cool during a crisis and push forward and make the best decisions and lead through that—that’s a skill that security analysts use every day, because they’re constantly dealing with potential breaches,” said Allie Mellen, senior analyst at the advisory Forrester.
A recent PwC survey showed that companies are making cuts, while also leaving room for the right cybersecurity talent. While 88% percent of respondent executives said they’re “concerned” about cybersecurity, 52% said they were “very concerned.”
Today’s job requirements for security operations center (SOC) analysts include non-technical, crisis-focused requests:
- “Ability to multitask, work with minimal supervision, and achieve results in a fast-paced environment.”
- “Ability to remain calm under pressure and respond to incidents, particularly in emergencies.”
- “Sense of urgency—reacts quickly to resolve situations.”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
In a ransomware attack, a technical services team may have to interact quickly with third-party experts and law enforcement, as well as communicate with end-users, often delivering bad news like: Shut down all devices.
In these kinds of high-pressure scenarios, a security pro with empathy is the best fit, said Mellen.
“These are the ideal candidates to bring into a security analyst role, because you can train them on the expertise. You cannot train them on how to interact with a user that is going through a breach, with a professional manner,” Mellen told IT Brew.
A potential opportunity to empathize: The help desk, where one-on-one requests range from printer fixes to password resets.
“There’s a fair amount of security in help desk to start. So, be willing to spend a bit of time there,” said Randy Gross, CISO and chief innovation officer for CompTIA.
Non-technical qualities are crucial to Morales as he builds an SOC team—which has already featured at least one former EMT.
“I can teach technical all day, I can’t teach attitudes. I can’t teach personalities. I can’t teach someone to be a team player, if that’s just not who they are. And that’s really what you need,” Morales told IT Brew.—BH
Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.