Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Trustwave SpiderLabs Exposes Unique Cybersecurity Threats in the Public Sector. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

The Most Important Personality Traits of Gifted Security Leaders

Like other professions that are not fully understood by the rest of the organization, cybersecurity is deeply personal. It becomes even more so when you consider the high-stakes nature of your job requirements. You are responsible for keeping cunning adversaries from infiltrating and mining your network to commit data theft and extortion - and, wait, it gets better - you also are charged with identifying and eradicating them if they do.

That is a mighty tall task. Such a complex undertaking is no doubt riddled with potential pitfalls - and can lead to burnout for professionals who lack the appropriate resources and the right mixture of temperament, psyche and pride to handle the high-pressure gig. That is not to say that you and your team (if you even have one) are the only people within the organization who recognize the importance of security. Threats and data protection are more regularly becoming boardroom affairs.

But even with executive support from the board and C-suite - something that is never a guarantee anyway - security is not a function that should ever be led exclusively from the top down. It won't be effective that way, and the wrong message will be sent to security practitioners.

And it appears such an outcome is being better avoided these days. The 2017 Security Pressures Report from Trustwave, which polled 1,600 IT decision makers worldwide, saw a shift toward individual pressures, meaning you the security pro - not anyone else - are more readily accepting the challenges, culpability and consequences that come with the job.

For example, we asked respondents to the survey which (non-malicious) individuals place the most security pressures on them. The highest ratio of respondents chose "boards, owners and C-level executives." However, that percentage drastically fell year over year because the pressure exerted by the respondents themselves soared 13 points to become the second-biggest human pressure pusher among respondents at 24%. Next came "direct managers," "nobody" (yikes!) and "peers."

In another question, we asked respondents when they feel their most security pressures. Forty percent said following a major breach anywhere that draws headlines. Next came at the end of each quarter. But the most evident shift was seen in the survey choice of "directly after a meeting with company bosses and the board," which precipitously declined. One would assume that the pressure-inducing tasks that come out of a high-level meeting wouldn't prompt such a statistical decrease, but that wasn't the case. Finally, we queried respondents on the biggest repercussions that stem from a successful cyberattack or data breach. The most chose "reputation damage to me and my company," which outpaced "financial damage." Another 11 percent selected "losing my job" - a clear indicator that job security is no guarantee in the era of big data breaches. 

There are clearly some takeaways here. For starters, the stats seem to underscore that organizations are doing a better job of placing the right candidates in the role of security leader (and trusting them to succeed). Secondly - and arguably far more importantly - there seems to be an understanding among security professionals of "owning" their pressures. This type of psyche is best identified by the following personality traits that may identify a make-or-break disposition.

 

1). Accountable

Feeling pressures is not wrong. After all, if you care about your job, you will naturally experience pressures to achieve big things. But you will also hold your feet close to the fire when difficulties present themselves and the going gets tough, which it will.

 

2). Motivated

You don't need someone else to ignite your inner drive. Sure, it is nice to know others throughout the organization care and want to support and empower your mission, but you don't need a trip to the board room to be kick-started into building a sound security posture and culture.

 

3). Inspirational

Not only are you motivated, but you also spark others to step up their game. This can lead to big results, especially in security, which requires a holistic approach that not only involves galvanizing the entire IT department, but also the rest of the organization, partners and industry through communication and shared intelligence.

 

4). Resilient

You will get beaten down in security. The human ego can feel pretty bruised when it is on the receiving end of constant bombardment from ruthless enemies. Just a couple of slip-ups can spell disaster for an organization. But you must stay strong. Of course, is that always possible?

 

5). Adaptable

And therein lies the rub. Defense in depth is very much alive - from testing for vulnerabilities to detecting and responding to threats on endpoints - but companies are having implementation problems. As a security leader, you are the one most likely to understand where your needs aren't being met, and oftentimes this centers around a lack of adequate internal resources.

Latest Trustwave Blogs

Using Trustwave DbProtect and Offensive Security Solutions to Protect Against Nation-State Cyber Threats

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from...

Read More

Defending the Energy Sector Against Cyber Threats: Insights from Trustwave SpiderLabs

It has always been clear, even before the Colonial Pipeline attack, that the energy sector is a prime target for not only criminal threat groups, but also nation-state actors. After all, halting fuel...

Read More

Trustwave SpiderLabs Unveils the 2024 Public Sector Threat Landscape Report

Trustwave SpiderLabs’ latest report, the 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies details the security issues facing public sector...

Read More