Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

#NextGenResearch: Are Communication and Presentation Skills Taught or Encouraged to an Acceptable Level?

At the start of this year, Infosecurity conducted its second State of Cybersecurity Report. This determined 31 distinct trends in cybersecurity that respondents believed were driving the industry.

Following on from the publication of this report, Infosecurity launched a second piece of research, engaging with students, people on work placements and those starting out their careers in cybersecurity to find out how these trends affected them.

Last week we talked about the top trend of technology problems, and how configuration and detection were a major issues for practitioners In this second part, we considered board recognition and engagement. In the 2018 report, board level recognition of cybersecurity as a business risk (was cited by 21% of respondents) while in the 2019 report, it was a smaller number (18%) but in the top five trends once again.

For our survey of new people coming into the industry, they were asked if communication and presentation skills been taught or encouraged to a level that you’re comfortable with. This was in consideration that more boards and regulators are understanding the issues around cybersecurity, and the next generation will be expected to explain risk posture and vulnerability to threats to senior management.

Altogether, 52 people responded to this question, with a split of 27 giving a positive answer, and 25 giving a negative response. Much like last week’s question about malware, there is an element of being self-taught in this area. One person said that this was their “largest skill gap when first looking to enter the world of cybersecurity” and the opportunity to present technical findings to a board of directors in a realistic (if staged and deliberately adversarial) way, was an invaluable (if nerve wracking) learning experience that the Cyber Security Challenge was uniquely suited to provide. “When I returned to my regular position I had improved my engagement in general meetings that my co-workers and supervisors actually commented to me on my improvement.”

This proves the need for real world experience, that the likes of hacking and security societies can provide. Another person said that they felt that felt that a lot of emphasis was put on having these abilities, and to be comfortable to present and also communicate. “Whether this is at university in modules, at events, or during competitions it is often said that to be successful in this industry you almost definitely need to have good communication skills and presentation skills.”
 
There was very much a feeling that there is opportunity to improve and ability to practice, but often there was a lack of formal training or mentoring to enable a more confident presentation. One person said that throughout the education system, “presentation skills seem to be a skill that is assumed to get better after trial and error, rather than having any specific training in it” while another said that some classes, societies and programs “dedicate whole modules to these skills while others do not.”

The determination of this as a “soft skill” were determined to be “very important for people within infosec as the industry changes” that there needs to be capability to explain these changes to people in layman’s terms.

It was agreed by several people that “presentation skills would help many young adults improve their self-esteem where in a world where criticism is seen everywhere.” Another person claimed that throughout their program management experience, communication and presentations skills were a priority. “Building these soft skills seem to be very encouraged throughout my privacy-focused team and throughout the technical security teams, since communication with non-security employees is a regular occurrence.”

As well as the positive responses, there was almost as many negatives, and these followed a theme of such soft skills not being taught. One person said that “communication and presentation skills are briefly introduced to (mostly) engineering students at universities” but these classes “are taught incorrectly and do not actually teach any skills that can be applied in the real world.”

Another person said that they have not had any presentation skill lessons, and did not think it would be covered at all in their current course. “I am not comfortable talking in big groups of people or presenting a presentation so it would be good to get taught these skills at some point, hopefully in the future,” they said.

Another person claimed that this was something that many new graduates will not have, and in his bootcamp program “many of the younger students were not as comfortable presenting to the cohort compared to Career switchers like myself, who most likely must present at their jobs.”

Maybe this is something where there is a need for industry support? One person cited meeting “people from the industry and these skills help us create a connection with them” as a way to improve, as whilst talking to and presenting in front of your peers gives you so much experience, in front of people who have done it and can pass knowledge on could be very valuable. 

Ultimately this is one that can be encouraged and trained, and for the lucky few, it comes more naturally. To better prepare people before they go to work full time means a better next generation of speakers, and that can only be a good thing.

What’s Hot on Infosecurity Magazine?