Hello, good day. My name is Victor Onyenagubom and today I'll be talking about people power security, the role of sub skills in a DevSecOps culture. There's a lot of focus today around technical skills and, but not a lot of, there's not a lot of discussion around the role that sub skills could play to improve the security culture of an organization. So looking at how sub skills like communication, like empathy, like collaboration, like relationship building can actually improve security awareness within an organization. And this has to do with people. Thank you. So First of all, we need to understand that, there's a gap in the cyber security landscape. every day there are increase in the type of cyber security threats. the threats are evolving and organizations need to stay vigilant. Okay. And since these threats are becoming more and more complex, it's important for organizations to rethink the way they see cyber threats. And in terms of in that interdisciplinary approach, there needs to be a mix of. Technical sub skills in solving these challenges, right? We've seen the rise of social engineering attacks that does not just rely on technical expertise, but also people, right? To hack somebody, right? To hack people based on their emotions and take advantage of them. So there needs to be like, A combined approach as regards solving cybersecurity issues in the world we live in today. So, how can we empower human element? What are the importance of soft skills? Why am I even talking about soft skills? Is it important? Why not? Why should we not just focus on the technical skills after all? That is, isn't that what is always needed? But we would see that soft skills are like very important. For instance, effective communication is very crucial to the world. Because if you are a cyber security analyst, for instance, and you have to give a presentation to the C level, maybe to the CFO, to the CIO, to the CEO, they may not be very technical people, and you need to have effective communication skills to explain to them why you are doing what you are doing, why you need to take certain decisions, to boost the security posture of the organization. And there needs to be a collaborative approach. See you. aspect of things, collaborative problem solving individuals who are security consultants, whether it's in cloud security on any type of security, there needs to be, a voluntary or an intentional, effort to collaborate, in solving problems because some problems would need, One or more departments in the organizations for it to be solved, right? So for instance, if the accounting department of a of an organization is hacked and the security team comes in to solve that problem, the security team needs to work in a collaborative manner. With the accountant with the members of the accounting department to ensure that the root of the matter is found. It doesn't need to be adaptability because I'm cyber security is a few that changes very fast. People who want to walk in this line who wants to be into cloud security and in any other area of cyber security, they need to be adaptable and they need to be continuously learning. You cannot just depend on what you learned yesterday. You need to depend. You need to keep on learning. and Lenny, right? See, there's a lot of, issues. They even around generating. I aren't a I did fix, so it is continually changing the attack surface for many organizations keep increasing. So therefore, the cyber security, workforce needs to also keep learning and keep staying at the top of their game. So effective communication, why is it important, right? Effective communication is important because it is important for you as a cybersecurity consultant to be able to translate technical concept into non technical bits. that a layman can understand. In that way, you are able to drive across your point. If you are a cybersecurity awareness lead, for instance, in your organization, and you are in charge of security awareness in your organization. Remember that not everybody in your organization understands things around cybersecurity or technical bits. They may have some idea of IT, but they might not understand why they need to change their passwords regularly. They might not understand Why did they need to check emails properly so that they don't fall victim to phishing emails and things like that. So you need to simplify it into contextualize this. You need to break it down with storytelling to ensure that you the idea or whatever is the aim of the training you're conducting. Is, passed across to them and it's possible. Some people learn better when you show them a picture of what you're trying to talk about. they are visual learners, right? So that if you have a picture of adding diagrams, your presentations would actually really help. maybe dashboards, that might actually really help in terms of storytelling. So even though you're a cyber security consultant, Having that skill of storytelling is like very important for you to actually have. Then collaboration and empathy. We're looking at collaboration and empathy. Relationship building is actually key. Being able to form relationships with people who are not in your department. Like I mentioned the example of the accounting department and the security team. Being able to work in tandem with members that are not in your department. People who are not of the same background from you, people who are of different races or different cultures or different religions, and that talks about in relationship building here, it is essential to understand that what is important is for you to understand diversity and inclusion, okay, diversity and inclusion, you need to be able to work in a diverse environment, you need to be able to build relationships with people of diverse races and religion, very important, and you need to have emotional intelligence, You need to know what to say, when to say it, and in what manner to actually say it. Sometimes it's not really about what you say, but how you say it, mannerisms actually matter and body language actually also matters. Okay. So collaborative problem solving, I'm talking about that. The fact that if you're able to build a relationship with people, I'm able to have empathy. Collaborative problem solving comes naturally. Okay, comes naturally. That sort of skill comes naturally. So you're able to work with, people, in a team, if you have that, if you're able to build a relationship easily, very important people skills to have. Okay. in terms of navigating complexity. It is important that you are not resistant to change. Change is constant. And you must, like I said, you must keep yourself abreast with changes in your field. Okay. You must embrace change and you must not resist change. Okay. So you need to anticipate change because cybersecurity is a field that is constantly changing, constantly evolving. there are, there's always something new to learn, so in whatever line of cybersecurity, there's always something new to learn. It's always something, a new train, so it's very important and critical thinking is also like very important. if you're into cyber security, you definitely have to have critical thinking. How do you approach the situation? How do you communicate properly? How do you, when there's an incident, when an incident happens, how do you, how do navigate this instant. How do you communicate to the public in? How do you organize your team? How do you respond effectively? How do you make sure that okay, your data backups are restored? How do you ensure that okay, your business continuity plan is you stick to it and there's little minimal disruption to your business when an incident occurs. All this would take critical thinking. Okay. And there's also the case of agile responses. Okay, so being able to adapt Okay. being able to tips of agile. We're talking about the fact that you can always make changes. You can always go back and say, okay, we didn't, I've gone through this process, but I didn't see that we are going to have this kind of circumstance. Okay, let's go back and change something. Okay. So it's more like having a growth mindset. Okay. Very important to have a growth mindset. Been very important to talk about agile. Look at by you being able to be flexible in your approach to make sure that you're able to solve problems and navigate complexity. So it is important for you as a cybersecurity, workforce member or a cybersecurity consultant, or maybe a security analyst or a cybersecurity engineer to understand that you need to continuously learn. I've said, I've spoken about this. You need to embrace the fact that if you're in cybersecurity, you must be a lifelong learner and you must cultivate a growth mindset. I've spoken about that. This closely relates to the Agile. responses I spoke about, then it's also important for you to be able to share your knowledge and for you to be able to share your knowledge, you need to have effective communication skills. So you see that all these soft skills, they are like a chain, they connect to each other. Okay. So you need to be able, if you are able to have good relationship building skills. You have good collaboration skills. You have empathy. Okay. And you are willing to share you, to be easy for you to, collaborate and share knowledge in your team. It's easy for you to mentor people. Okay. And it's easy for you to mentor people. And it's also easy for you to be mentored. Okay. by people ahead of you. Because if you have empathy, you have emotional intelligence and you can communicate effectively to say, Okay, I think I'm lacking in this area. I need to be. I need directions on how I can navigate this. My learning journey and things like that. your superiors can actually help you and maybe place you on a certification or something like that. So you need to understand that. Soft skills are not just, something that is optional. There are things that are, very like important to have, it's important to be able to have the soft skills and so that to improve, your productivity. Okay, in conclusion, I would just say it's important for you to cultivate a people centric mindset. Okay. Understand that you cannot do cyber security alone. You need people and the members of your team are there to support you. Okay. So it's important you place, cyber security, understand, embrace the power of soft skills and understand the human element. is the center of, cyber security. And of course, if an organization wants to, build a resident, a resilient, culture, they need to put people at the center of that particular culture. Whether it is for their security awareness training, whether it is for their incident response planning, the future of cyber security lies in that. in empowering the people who drive it, and we empower these people by giving them technical skills and also soft skills. Thank you very much for listening. Have a great day. All right, I'm glad soft spoken in this event, and, I hope you enjoyed the presentation. Thank you very much.