Tripwire Survey: 72 Percent of security professionals say soft skills need has increased

Oct. 17, 2017
Organizations want non-security functions like IT operations, risk management and compliance to get more involved in cybersecurity

PORTLAND, Ore. – October 17, 2017 Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a survey conducted by Dimensional Research that looked at the need for soft skills in cybersecurity. The survey was conducted in July, and its respondents included 315 IT security professionals at companies with over 100 employees.

According to Tripwire’s survey, 100 percent of respondents believe soft skills are important when hiring for their security teams. The three most important soft skills cited were an analytical thinker (selected by 65 percent), good communicator (60 percent) and troubleshooter (59 percent). Tied for fourth place, “strong integrity and ethical behavior” and “ability to work under pressure” were selected by 58 percent of participants.

“The cybersecurity industry should not overlook the soft skills that are needed to build a strong security program,” said Tim Erlin, vice president of product management and strategy at Tripwire. “The reality is that today’s security pros need to go beyond technical expertise. Security practitioners need to be good communicators who can connect cybersecurity issues to business priorities, rally the rest of the organization to get involved, solve tough problems and handle sensitive issues with integrity.”

Respondents were also asked if the need for soft skills has changed over the last two years, with the following results:

  • Seventy-two percent said the need had increased.
  • Twenty-one percent said soft skills are actually more important than technical skills when hiring staff.
  • Seventeen percent expect to hire people without security-specific expertise over the next two years.

In addition, nearly all respondents (98 percent) believe non-security functions need to be more involved in cybersecurity in the future. Of those, 74 percent said IT operations need to be more involved, 60 percent said risk management, 53 percent said compliance and 45 percent said legal needs to be brought into the fold. Other mentions included human resources (32 percent) and marketing (11 percent).  

Erlin added: “With security-related regulations like GDPR on the rise, it’s unsurprising that respondents expect their legal and compliance teams to get more involved in cybersecurity. It’s become increasingly apparent that security is a shared responsibility, even for those without any technical cybersecurity experience. Employees from other functions can partner with their security teams to help them look at issues from different perspectives, help further the broader organization’s understanding of cybersecurity, and help enforce best security practices across the organization.”

For more information on Tripwire’s survey, please visit: https://www.tripwire.com/state-of-security/featured/survey-says-soft-skills-highly-valued-security-team

About Tripwire

Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics.

Learn more at www.tripwire.com, get security news, trends and insights at www.tripwire.com/blog, or follow us on Twitter @TripwireInc.