Introduction
In recent years, the field of cybersecurity has witnessed a significant influx of professionals from non-Information Technology (IT) backgrounds who are making the leap into this dynamic industry. As a cybersecurity technical developer and instructor, I have had the privilege of delivering many customers in-person and virtual training courses and meeting numerous individuals seeking to transition into cybersecurity from diverse non-IT related fields.
I can remember Cindy, a lawyer in a large firm, not really finding fulfillment after a “boring” eighteen months at the firm. Also, Ann, an actress with over 17 successful years of movie and theater experience, wanting to get into the industry for higher income to support her daughter. Then Richard, a radiologist tired of the customer abuse he was receiving and wanting more in life.
Everything starts with the right mindset at the onset; and not every career in cybersecurity is deeply technical.
Cybersecurity is a broad field and cybersecurity professionals may do their jobs in a variety of ways. This includes the following roles – keeping in mind that at least two of them are not 100% technical.
They can have roles that protect a company’s internal networks and data from outside threat actors as information security professionals.
They can have roles in risk management where they can confirm businesses take appropriate measures to protect against cybercrime.
They can have roles where they can confirm businesses comply with local, state, and federal cybersecurity and data protections laws.
Aside from being super solid on the OSI Model, hands-on TCP/IP, networking skills, a couple of industry certifications, a drive to self-study, some basic coding and a couple of bootcamps, an aspiring cybersecurity professional must also consider their skills. They bring things to the table from the fields where they come from, which are useful, fully transferable and appreciated!
Sometimes as “seasoned professionals” we forget to investigate fresh ways to pivot in incident response (IR) scenarios for example.
Technical skills can, with some education, hands-on practice, and self-study, be mastered, but the main ones that you will need for the transition are not going to be found in the classroom, or in the computer screen. These are the face-to-face interactions we have with friends, family, coworkers, and strangers. In other words, the soft skills; those skills that cannot be coded or productized but indeed can be monetized.
Transitioning from entertainment/law/health and many other industries to the cybersecurity field does bring valuable transferable skills. In this article I aim to explore the many valuable skills career changers bring to the table and highlight seven essential skills they must possess to successfully embark on this exciting and amazing journey.
Attention to detail:
Actors pay great attention to detail, focusing on nuances in dialogue, characterization, and stage directions. In cybersecurity, meticulousness is essential when reviewing code, identifying vulnerabilities, conducting security assessments, and analyzing logs. Her ability to spot inconsistencies and pay attention to minute details can be valuable.
Radiology technicians work with complex medical imaging equipment, where precision and attention to detail are crucial. This skill translates well to the cybersecurity field, where professionals need to analyze large amounts of data, identify vulnerabilities, and detect potential threats with accuracy.
Lawyers pay great attention to detail when reviewing legal documents, contracts, and evidence. This attention to detail can be valuable in cybersecurity, where professionals must review policies, analyze security controls, and identify potential vulnerabilities. They can also contribute to ensuring cybersecurity practices align with legal and regulatory standards.
Communication and persuasion skills:
Radiology technicians often collaborate with radiologists, other healthcare professionals, and patients, conveying complex medical information effectively. This communication skill is essential in the cybersecurity field, where professionals need to explain technical concepts to non-technical stakeholders, present findings, and provide guidance on security measures.
Ann, as an actress, she has likely honed excellent verbal and nonverbal communication skills. This skill is crucial in cybersecurity, as professionals need to effectively convey complex technical concepts to non-technical stakeholders, write clear reports, and collaborate with team members.
Lawyers are skilled in written and oral communication, as they draft legal documents, argue cases, and negotiate on behalf of their clients. In cybersecurity, effective communication is vital for conveying complex technical concepts, presenting findings to stakeholders, and advocating for security measures. Cindy’s ability to articulate and persuade can be beneficial in this field.
Analytical thinking, research skills, and adaptability:
Lawyers are trained to analyze complex legal issues, conduct thorough research, and extract relevant information from vast amounts of data. These analytical and research skills can be applied to cybersecurity, where professionals need to investigate security incidents, analyze threats, and evaluate legal implications of cybersecurity practices.
Radiology technicians analyze and interpret medical images, looking for abnormalities and making diagnostic decisions. This analytical mindset is highly relevant in cybersecurity, where professionals need to assess and analyze complex systems, identify patterns, and evaluate potential risks and vulnerabilities.
Actors often face diverse roles and quickly adapt to different characters, settings, and situations. This adaptability translates well to the dynamic and ever-evolving nature of the cybersecurity field. The ability to learn and adapt to new technologies, methodologies, and threats is crucial for success.
Problem-solving and critical thinking:
Actors regularly encounter challenges during rehearsals and performances and need to find creative solutions. This skillset is valuable in cybersecurity, where professionals face intricate problems related to system vulnerabilities, breaches, and data protection. Ann can leverage her creative problem-solving abilities to analyze and mitigate risks effectively.
Lawyers are trained to identify and solve legal problems by applying critical thinking skills. This ability to assess situations, identify key issues, and propose logical solutions is valuable in the cybersecurity field, where professionals encounter complex technical challenges and need to mitigate security risks.
Radiology technicians often encounter challenges while operating imaging equipment, troubleshooting technical issues, or adapting to unique patient circumstances. This problem-solving ability is valuable in the cybersecurity field, where professionals face complex security issues, breaches, and emerging threats. Richard can leverage his experience to approach cybersecurity challenges systematically.
Compliance, legal, and regulatory knowledge:
In the healthcare field, radiology technicians must adhere to strict privacy and compliance regulations, such as HIPAA (Health Insurance Portability and Accountability Act). This familiarity with regulatory frameworks and data protection can be advantageous in the cybersecurity field, where professionals must navigate various compliance requirements, such as GDPR (General Data Protection Regulation) or PCI DSS (Payment Card Industry Data Security Standard).
With a background in law, Cindy possesses a strong understanding of legal frameworks, regulations, and compliance requirements. This knowledge is crucial in the cybersecurity field, where professionals must navigate various laws and regulations pertaining to data privacy, intellectual property, and cybersecurity standards.
In the entertainment industry, as an actress, Ann has encountered contracts and agreements throughout her career, such as talent contracts, license agreements, or production contracts. She may have developed an understanding of copyright laws, trademarks, intellectual property (IP) and trade secrets during her career. This knowledge can be valuable in cybersecurity where professionals need to safeguard sensitive information, protect proprietary systems, and ensure compliance with IP laws. In the same manner, she will have a solid understanding of the importance of data protection, confidentiality, and consent, when working with sensitive information in the cybersecurity field.
Ethical mindset and ethical hacking skills:
Integrity and an ethical mindset are fundamental prerequisites for success in the cybersecurity industry. Professionals in this field handle sensitive information and possess immense power to protect or exploit digital assets. Career changers should understand the ethical considerations surrounding cybersecurity and uphold the principles of integrity, confidentiality, and privacy.
Additionally, possessing strong ethical hacking skills can be advantageous. Ethical hackers, known as penetration testers or white hat hackers, play a crucial role in identifying vulnerabilities within systems and networks, helping organizations fortify their defenses against malicious actors.
Teamwork and collaboration:
This is the one that is most transferable for all three “non-IT related” fields. Perhaps it’s time that we in cybersecurity put on our humble hats on accept our new brothers and sisters where we will always find a plethora of unique experiences directly transferable and are 1000% “IT Related”. Career changers can bridge the gap between technical and non-technical teams, fostering a more secure and productive environment.
Conclusion:
By honing their analytical abilities, career changers can excel in threat analysis, incident response, and vulnerability assessment—key areas in which cybersecurity professionals are in high demand.
As the cybersecurity industry continues to grow rapidly, individuals from non-IT backgrounds are increasingly venturing into this field. While career changers bring diverse perspectives, they must possess certain essential skills to thrive in the cybersecurity domain.
Adaptability, analytical thinking, communication and collaboration, and an ethical mindset, are crucial abilities that aspiring cybersecurity professionals must acquire. By embracing these skills, career changers can successfully transition into this exciting industry, contribute to the ever-expanding and cross-pollinated disciplines of the cybersecurity workforce, and help safeguard digital ecosystems against emerging threats.
The very last thing is job interview preparation. That goes without saying. If you’re transferring internally to a cybersecurity position, or if you are coming in new, nailing the interview is paramount. The hard skills will get you the interview; the “soft” skills will get you the dream job of your future. Interview practice is another topic that plays a huge role in getting hired, but mastering the interview is another topic for another day.
We must act NOW and push for diversity and engrain it into our everyday life. If we hire people from diverse backgrounds, we gain the benefit of different viewpoints and different ways of thinking that we had not thought about. This will enrich and make it where we can go to work and have fun while doing already challenging tasks.