Emotional Intelligence in Cybersecurity

Although numerous resources exist to help you develop technical skills in this field, both students and seasoned professionals often lack the situational awareness needed to handle unexpected challenges with interpersonal communications within cybersecurity. Situational awareness is closely linked to emotional intelligence, a critical skill that involves recognizing and managing emotions in various situations.

A common issue we face in our field, whether as penetration testers or defense analysts, is dealing with emotional reactions. Here’s an often-unspoken truth; many people, especially in IT, do not like security. Why is this? Generally speaking, the role of security is to make information systems as secure as possible, which often results in them being less accessible or more complicated to use. This often results in more work on both the end user and support staff for a given environment.

We must remember that behind our recommendations and security directives are people who may experience a range of emotions in response to our work. Human nature dictates that these emotions influence how smoothly or difficult they will transition to the changes we propose. 

Here are three tips that you can use to help navigate the emotional landscape to foster a positive outcome:

Avoid Using Email for Difficult Discussions

If you need to discuss a change that you anticipate will be difficult to accept, do so in person or on a platform where you can see faces. Sharing difficult news via email can give the impression that you’re avoiding confrontation, potential backlash and not open to receiving direct feedback. By engaging face-to-face, you demonstrate your willingness to handle difficult decisions directly and transparently.

This approach also allows you to gauge reactions in real time by reading facial expressions and listening to the tone of responses. It helps you understand how your message is being received and provides an opportunity to address concerns in a timely manner, fostering a more open and supportive dialogue.

Resolve Conflicts Individually

When people face uncomfortable situations, they often exhibit a fight or flight response. Those who strongly oppose a change may either resist it or become so disengaged that they don’t care about its success or failure. Neither scenario is ideal because achieving mutual understanding and support for the change is crucial for building effective relationships and overall success.

If you notice someone in fight mode, avoid challenging them in a group setting, as this can escalate tensions. Instead, acknowledge their feelings and arrange a one-on-one meeting to discuss their concerns before making any decisions. This approach allows both parties to calm down and prevents anger from escalating. Engaging calmly and empathetically helps foster a successful relationship and encourages constructive dialogue.

Similarly, if someone is in flight mode, also avoid challenging them in a group setting. People may be reserved for various reasons, often indicating they don’t feel comfortable or safe enough to respond openly. Observing facial expressions can help identify these scenarios, such as a lack of eye contact or a general sense of reservation. 

If you sense someone is in this position, invite them for a coffee or a walk after the meeting to discuss their thoughts. Emphasize that their opinion is important and that you value their input before moving forward. People in these positions just want to feel safe and won’t be subject to retaliation by sharing their opinions so giving them a safe avenue to do so will help them engage productively.

Be Willing to Step Back

As security practitioners, we often find ourselves feeling like the first line of defense when a security incident occurs and often the first ones to fall on the sword. This response is in of itself an emotional response to potential change, putting us in a mindset where our opinions seem unchallengeable, often triggering a defensive stance, a fight mode if you will.

It’s crucial to recognize that not everyone possesses the same level of understanding regarding security risks as we do. It falls upon us to effectively communicate these risks to all impacted parties. Sometimes, this requires going above and beyond, using demonstrations or engaging in additional dialogue before implementing security directives.

This is a scenario I commonly share within our community because from our perspective is an absolute no brainer, but when it came time to execute, it turned into an absolute nightmare. 

One of my first security directives when starting my tenure as a defense analyst was removing Domain Users from Administrators. Despite being such a critical security measure, I encountered significant opposition where I started to question my career choice. 

This prompted me to pause and meet with each sub-division within IT individually. This process took a few months but revealed a common concern: a lack of knowledge about UAC and how to utilize tools like Process Monitor to identify permission conflicts affecting application functionality. Once education material was created and disseminated, the change was made and the impact was nearly non-noticeable. 

While some changes may seem straightforward to us, it’s essential to ensure that everyone impacted understands the importance and implications of these changes. Be prepared to listen and educate, even if it means taking a step back in the process.

Wrapping Up

Now that you have taken the time to read through this article, take a moment and reflect. Are there opportunities in your own line of work where you think you have been emotional or others have been emotional in response to your work? By recognizing the emotions involved, educating impacted parties, and remaining open to feedback, we can foster understanding and cooperation, ultimately strengthening our security posture and personal relationships.