Most Important Skills for a Cybersecurity Head at Commercial Insurance Company
Malia, Head of Cybersecurity & Engineering, emphasizes that strong communication and interpersonal skills are surprisingly more crucial than technical skills for success in her field, stating the importance of convincing people "that it's in their best interest" to cooperate with security measures. This understanding of human psychology and the ability to prioritize tasks amidst constant challenges, including adapting to rapidly evolving technology like ChatGPT, are invaluable assets.
Communication, Project Management, Psychology, Technology, Problem-Solving
Advizer Information
Name
Job Title
Company
Undergrad
Grad Programs
Majors
Industries
Job Functions
Traits
Malia Mason
Head of Cybersecurity & Engineering
Commercial Insurance Company
University of Pittsburgh class of 2011
EMBA UCLA class of 2023
International Relations & Affairs
Insurance
Product / Service / Software Development and Management
Disabled, Took Out Loans, Worked 20+ Hours in School, Veteran, LGBTQ, First Generation College Student
Video Highlights
1. Strong communication and interpersonal skills are crucial for building trust and collaboration with colleagues and convincing them to follow security protocols.
2. Understanding human psychology and motivation helps predict user behavior and potential security threats, which is invaluable in cybersecurity.
3. Excellent organizational and prioritization skills are essential for managing multiple tasks and projects effectively in a constantly evolving environment. Project management skills are highly beneficial for this reason
Transcript
What skills are most important for a job like yours?
Surprisingly, communication and interpersonal skills are followed closely by tech skills and organization. You really need to convince people to work with you, not around you. Otherwise, your security programs will never work.
You need to help convince people that they want to work with you. You're not the "no fun police," and you're not just taking away their access for no reason. If you do, people will figure out ways to get around it, get around security. They'll subvert the processes.
But if you convince people to work with you and convince them it's in their best interest and that they're doing a good job, it makes your program so much better. It's not necessarily manipulation, but it is kind of manipulation.
When I'm hiring, I love career switchers or people who are coming from psychology majors. If you understand human psychology, or even political science majors, if you understand how to get into people's brains and what motivates them, you're excellent when it comes to interpersonal stuff. You'll know what your users are going to do today. Are they going to click on something weird? Are they going to push that button we told them not to push?
It's all trying to predict what your users are going to do and what the threat actors are going to do. So if you have that ability to understand what motivates people, that does so well in technology because you can always teach the tech. The tech is changing every day, sometimes even every hour. When ChatGPT came out, we all had to very quickly learn about it, play with it, and see what the threats are.
The tech will always change, but being able to understand human nature is something that's difficult to teach and difficult to get used to. So having those skills already, you'll go really far in this career.
It's also important to keep yourself organized and on track, and learn how to prioritize your tasks. There are going to be constant fires. Learning what's the biggest fire to put out, what can wait, what is essential, and what's super urgent is key.
Being able to recognize how to prioritize these different tasks will help you constantly. There will be a constant evolution of things, but being able to redirect that energy is really important for your sanity and for keeping track of all your tasks and projects. So learn project management, at least the basic part of it. That will help you so much later on.