Light Dark
October 26, 2021 By Sue Poremba 4 min read
CISO
Risk Management
Security Services

Many people don’t realize a liberal arts degree opens the doors for a wide range of careers. That includes careers in cybersecurity. And with the skills gap and the number of available jobs, there is clearly a demand out there. Someone has to step up to fill those jobs. So, why not someone with a strong background in the so-called soft skills?

Cybersecurity Skills Beyond High Tech

Of course, working in the cybersecurity field does require technical skills. You may need to know how to code in different languages, how to build network architectures, understand analytics and so on. Also at the top of the list are skills like problem-solving, communication, attention to detail and natural curiosity.

As Leverage.Edu pointed out in a blog post, there is a strong need for people who have knowledge and experience beyond high tech. “Potential cybersecurity roles are so broad that even the non-tech-savvy fields are not protected from the dangers of cyber attack[s], such as psychology, project management, marketing and public relations,” the post stated.

Almost every job — and in this case, I do mean individual job duties versus an overall arching career — has unique aspects that new hires learn as they go. They build on what they learn and move on to the next position where they do the same. Any type of formal training provides a foundation, but the most complete way to learn the skills is at work. So what is stopping people with a liberal arts background from being hired into these positions?

Management and HR Need to Think Outside the Box

There has long been a standard cybersecurity skills list that human resources and management use for new hires. To be fair, human resources personnel are looking for tech skills and degrees. Managers should know that the job goes beyond those standard needs. However, they want someone who can come into the job ready to go.

Cybersecurity teams are overworked as it is, and no one has time to worry about training an unskilled candidate. So, many managers request five to 10 years of experience and an alphabet soup of certifications. That’s great for a specialized position or for someone who aspires to be a chief information security officer. It’s not so great for an entry-level position.

It’s up to the hiring team to determine what the new hire will be doing and what can be taught as they go. If the job requires interpersonal skills, effective and efficient communication, both verbally and in writing, and does low-level tech support, it could be the right position for someone without a traditional STEM background.

Cyber Awareness: Thinking Like a Threat Actor

A lot of the roles in this industry are reactive. They involve trying to figure out how a threat actor got into the system in order to mitigate an incident and prevent it from happening again. But today, nation-state threats become more prominent and threats against critical infrastructure are viewed as cyber war. There is a need for cybersecurity skills that can be proactive. Defenders need to figure out why and where a threat actor will make the next move.

Those with backgrounds in psychology and sociology, for example, understand the human psyche. They can find the patterns in threat actor behavior. Political science and history majors know about conflict and the reasons why threats from one region differ from another.

And if there is an incident that must be explained to the public? A writer or marketing specialist with cybersecurity training will be the ideal person to have on your remediation team. After all, they can present the technical information in layman’s terms.

The Cybersecurity Job Outlook for Liberal Arts Majors

Technical skills are still important. A cybersecurity worker at any level is going to need to know their way around a computer or a network. The skills gap in cybersecurity has left a lot of open doors, but the non-IT or cyber-skilled person is going to have to prove they are up for the challenge.

It helps to have some coursework or informal training to add to the resume. Maybe take coding classes on the side or work on IT certifications. These show you know the basics and desire to learn new tasks. Showing good security practices and being familiar with the industry behind the headlines is helpful. That way, you show you know where the problem areas are.

Where To Start

Two specific areas are good for people with a liberal arts background to build their cybersecurity skills. These are cybersecurity awareness training and working the help desk. Awareness training is an under-appreciated task. Someone needs to put together educational programs, even if it is to pull together a weekly Phish Test email. The help desk is already an entry-level position. It requires some research, some basic diagnostic skills and the ability to handle frustrated people.

Overall, the hiring team needs to have a clearly defined picture of the problem they are trying to solve. You should be able to define where your team is failing, where the weaknesses and strengths are in your defenses and the real skills needed to address the issues. If you want someone to reconfigure your cloud architecture, then you want someone with strong IT skills with a background in cloud computing. If you want someone to problem-solve with good attention to detail, you may find the ideal employee is the one with a B.A. in liberal arts.

 |  |  |  |  | 
Sue Poremba

More from CISO
October 27, 2023

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature