Purpose:
Cybersecurity advocates safeguard their organizations by promoting security best practices. However, little is known about what constitutes successful advocacy.
Methodology:
We conducted 28 in-depth interviews of cybersecurity advocates.
Findings:
Effective advocates not only possess technical acumen, but also interpersonal skills, communication acumen, context awareness, and a customer service orientation.
Originality:
We are the first to define and enumerate competencies for the role of cybersecurity advocate.
Implications:
Non-technical skills are deemphasized in cybersecurity training, limiting career progression into the cybersecurity advocate role for existing security professionals and those from other disciplines. We suggest improvements for professional development that encourage greater security workforce diversity.
Purpose:Cybersecurity advocates safeguard their organizations by promoting security best practices. However, little is known about what constitutes successful advocacy.Methodology:We conducted 28 in-depth interviews of cybersecurity advocates.Findings:Effective advocates not only possess technical...
See full abstract
Purpose:
Cybersecurity advocates safeguard their organizations by promoting security best practices. However, little is known about what constitutes successful advocacy.
Methodology:
We conducted 28 in-depth interviews of cybersecurity advocates.
Findings:
Effective advocates not only possess technical acumen, but also interpersonal skills, communication acumen, context awareness, and a customer service orientation.
Originality:
We are the first to define and enumerate competencies for the role of cybersecurity advocate.
Implications:
Non-technical skills are deemphasized in cybersecurity training, limiting career progression into the cybersecurity advocate role for existing security professionals and those from other disciplines. We suggest improvements for professional development that encourage greater security workforce diversity.
Hide full abstract
