- The cybersecurity market size is headed for $248 Billion by 2023.
- “The smartest person in the room” outlines challenges and opportunities.
- Could Vulnerability, AI Fuzzing, Smart Contract Hacking and Deepfake are all major concerns.
- Covid-19 itself is considered a major cybersecurity risk.
As the world comes to terms with the fact that cybersecurity is a pressing concern for both national security and corporations, the cybersecurity market is growing rapidly alongside other cloud-related industries. To better understand the challenges and opportunities in the market, we have interviewed a leading authority in the field.
The Smartest Person in the Room by Christian Espinosa addresses the challenges of cybersecurity professionals. However, this book is not only aimed at those professionals in the cybersecurity profession; it reveals many truths about the insecurities that prevent people from various fields from reaching their full potential.
Christian Espinosa is the CEO and founder of Alpine Security and an Air Force veteran with decades of experience as a cybersecurity engineer, leader, and professor. He took some time off from his busy schedule to give us some insight into his seven-step Secure Methodology – the method that turns smart people into cybersecurity leaders.
Image Credit: https://christianespinosa.com/
As I read the book, I enjoyed the anecdotes based on your personal experience. Which experience do you consider the catalyst for writing The Smartest Person in The Room?
For a great part of my life, I craved certainty and significance. These needs stemmed from my difficult upbringing. My career in cybersecurity started in the military, and after six years of active duty, I moved into a successful civilian career.
I was the best at my job in a corporate company where I had a good position, and I had all the trappings of success. But even though I had reached society’s definition of what success looks like, I still did not feel happy inside or fulfilled.
My personal journey that was to be the catalyst for The Smartest Person in the Room began soon after I founded Alpine Security. For the first time in my life, I realized I did not have everything figured out, and I discovered I needed to do things differently. I really didn’t need to always be the smartest person around. I discovered that I needed to change, and if I wanted to become a better person and to succeed professionally, I had to get better, be vulnerable, and learn to communicate effectively.
How does someone determine they need to implement the Secure Methodology on their team?
If you feel you cannot trust in the abilities of your cybersecurity leadership and their team, then it is a sure sign you need to implement the Secure Methodology.
A leader needs to look for the signs, but also needs to know what to look for – some of the signs are posturing, talking over people’s heads, and bullying. These reactions in technical personal stem from their fears which are mostly caused by insecurities. Because they believe they are the smartest person in the room, they tend to use complicated language which hampers their work. They also display a lack of communication skills, and never actually listen to others or try and understand them.
Can you give us a bit of background on the seven-step methodology and what led you to develop it?
My need to understand my beliefs, behaviors, needs, values, and limitations set me on a laborious journey of self-discovery. It involved lots of reading, training, events, and reflection. At the start of this journey, I was so uncomfortable when it was time for event group activities that I would pretend to be on an important call or would sneak to the bathroom. However, I was determined to transform myself and stuck it out. I am now the greatest fan of group activities!
I now am a certified NLP practitioner, Certified High-Performance Coach (CHPH), and Time Line Therapy Practitioner. These practices and theories are touched on in the book where their context is important, and the seven-step methodology is based on many of these principles. The methodology concentrates on providing life and people skills.
In the book, you explain the need for companies to hire people with a passion for cybersecurity rather than those who are only interested in financial gain. How can companies go about leveling a role to attract passionate candidates, or should they be focusing on something else?
Unfortunately, we see a shortage of quality talent in the field. This shortage combines with many over-inflated egos and has also led to some over-inflated wages. Employers can attract passionate talents if they focus on choosing the right people, and ongoing training is essential. New recruitments are not always the answer. The talent is often already in the company.
The right candidates are those that are willing to face their insecurities and become passionate about their work. Additionally, most degrees and their theory arm graduates with the knowledge, but it all amounts to nothing without experience and people skills. It’s all about having a good screening process and training process in place. Do not hire anyone, regardless of how great they are technically, that is not a cultural fit or doesn’t share your values. Be slow to hire and quick to fire.
How can companies be successful in the war against cybersecurity through collaboration? Do you have any examples of true collaboration and its success?
Successful collaboration, both internal or external, requires the use of total intelligence and the development of people skills. Logic does not need to be replaced, but cybersecurity experts need to learn to follow their instincts too. This means they must listen to the heart and body (gut), and not only to the logic in their head.
At Alpine Security, we recently updated our hiring process. Our policy is to look at people’s attitude, beliefs, behavior, and motivations before technical skills when hiring. It is also vital they are a good cultural match to the company. The outcome is true and successful collaboration, followed by phenomenal growth.
What are the long-term benefits of adopting the mindsets you advocate in your book?
Success comes from shared purpose, mindset, and collaboration. When everyone works on the same page, the fight against cybercrime is more effective. The same principle applies to all other business environments.
Which signs indicate all the key traits of effective communication, true intelligence, and self-confidence are lacking in cybersecurity?
The signs are there when there is no connectedness among team members and with clients. This often manifests in little to no collaboration. Most people tend to focus on their differences rather than on their similarities, which results in a lack of connection, caused by egotism and insecurities. These inner feelings of posturing lead to highly complicated solutions and overwhelming processes. Focus should be on simple solutions, tailored and prioritized, based on risk.
In which segment of cybersecurity do you feel a poor mindset is causing the most problems?
In my experience, a poor mindset is seen in all segments of cybersecurity, from the technical guys through to the upper echelons.
In your book, you cover the crippling effects of the deficit in interpersonal skills on the cybersecurity industry. What will be the impact of a lack of interpersonal skills in the future?
Essentially, most jobs that do not require people, or soft skills, will be in jeopardy. Those that lack interpersonal skills will become less valuable and their jobs will be outsourced to AI.
How do you foresee the culture in the cybersecurity industry changing with the implementation of your seven-step methodology?
The implementation of the seven-step methodology increases empathy, listening, trust, and vulnerability. These are the soft skills that increase communication and understanding between the various parties, and mindset is as vital as cutting-edge technology in the industry. I foresee a huge culture change and people are already embracing the changes, something long overdue in the industry.
Finally, you are an Air Force Veteran, cybersecurity engineer, professor, owner of a successful company, and a high-performance coach. Do you have any free time to partake in activities you enjoy?
Throughout my life, I have sought excellence and have always enjoyed the challenges of the outdoors. I now find a great sense of fulfillment in my achievements, something that eluded me in the past.
Being outdoors fills me with awe, and that’s why I enjoy competing in Ironman Triathlons. I have climbed mountains, traveled widely, and completed hundreds of scuba dives and skydives. However, I also like being at the location I’m currently calling home. This is where I indulge my love of heavy metal music, close friends, and good food (preferably spicy).