Skills and Characteristics of Successful Cybersecurity Advocates

Website Maintenance Alert

Due to scheduled maintenance, the USENIX website may not be available on Monday, March 17, from 10:00 am–6:00 pm Pacific Daylight Time (UTC -7). We apologize for the inconvenience and thank you for your patience.

If you would like to register for NSDI '25, SREcon25 Americas, or PEPR '25, please complete your registration before or after this time period.

Authors: 

Julie Haney and Wayne Lutters, University of Maryland, Baltimore County

Abstract: 

Cybersecurity advocates attempt to counter the tsunami of cyber attacks by promoting security best practices and encouraging security technology adoption. However, little is known about the skills necessary for successful advocacy. Our study explores the motivations, characteristics, and practices of cybersecurity advocates. Preliminary analysis of 19 interviews reveals that effective advocates must not only possess technical and soft skills, but also customer service orientation and context awareness. However, little cybersecurity training is available to develop these non-technical skills. Additionally, the cybersecurity profession neglects to frame the field as service-oriented, a theme identified repeatedly in our interviews. We discuss implications of these findings for recruitment and greater workforce diversity.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
PDF icon Haney PDF
View the slides