Super Cyber Fridays!
Join us TOMORROW, Friday [10-17-25], for "Hacking Next Gen Data Threats"

Join us Friday, October 17, 2025, for “Hacking Next Gen Data Threats: An hour of critical thinking about what you need to setup your AI guardrails.”

It all begins at 1 PM ET/10 AM PT with guests Abhi Sharma, CEO and co-founder, Relyance AI, and Caleb Sima, builder, WhiteRabbit. We'll have fun conversation and games, plus at the end of the hour (2 PM ET/11 AM PT) we'll do our meetup.

Register now

Thanks to our Super Cyber Friday sponsor, Relyance AI

Defense in Depth
What Soft Skills Do You Need in Cyber?

In cybersecurity, we often focus on technical skills. These are easy to demonstrate and are part of the foundation to getting the job done. But everyone needs soft skills. It's core to communication. Which soft skills are necessary for each role in cybersecurity?

Check out this post by Evgeniy Kharam for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining them is Ryan Dunn, leader of product and supply chain technology, Specialized Bicycle Components.

And check out "Architecting Success: The Art of Soft Skills in Technical Sales: Connect to Sell More" by Evgeniy Kharam we referenced in this episode.

Listen to the full episode here.

Beyond the technical playbook

Soft skills are key in cybersecurity sales. Product knowledge only gets you so far. Yana Klebanov of Valence Security emphasized that "two often overlooked, yet incredibly impactful, skills in sales are genuine curiosity and resilience." She explained that while understanding what customers want is important, "the real key is to dig deeper and uncover why they need it. With a true sense of curiosity, you can explore how your solution affects their broader goals, challenges, and vision." But even with curiosity, the work doesn't stop there. Helen Oakley of SAP pointed to another critical capability, "conflict resolution and stakeholder relationship management." In a field where tensions can rise quickly, "the ability to resolve conflicts diplomatically and maintain strong, trust-based relationships with stakeholders is just as essential as technical expertise."

Influencing without authority

Communication challenges plague cybersecurity initiatives more than many leaders care to admit. Dheeraj Joshi of BAAR Technologies noted that "soft skills are just as important as tech skills. I have seen projects drag along due to improper communication." It's essential to "effectively communicate complex technical issues to non-technical stakeholders, collaborate with cross-functional teams, and build trust within an organization." Because security work cuts across all aspects of the business, communication can be the difference. As Val Dobrushkin of Tricentis put it, in cybersecurity, "we often need to convince people where to spend their resources, we have cross-functional responsibilities with ownership of security, but no direct authority outside of our own InfoSec team. Communication and relationship building are key."

Partnering, not just selling

Soft skills are no less critical to vendors building customer relationships. Katherine Isaac of Flare described advocacy as "a group of essential 'soft skills' working together to help customers better meet their needs," explaining that "advocating internally for our customers demonstrates that we are more than just a vendor, we are partners invested in their success." When organizations advocate for customer interests, "they feel supported and empowered and are more likely to trust our recommendations and solutions." The importance of these human elements in technical sales is gaining recognition across the industry. George Mikhailov of Proofpoint recently reflected on this after reading "Architecting Success," noting that "in technical sales, we often focus so much on the specs and the tech that we forget the human side of things," and emphasized that "soft skills, like building trust, active listening, and clear communication, are just as important, if not more so."

The deliberate work of connection

The term "soft skills" undersells the effort required to master them. Fernando Montenegro of The Futurum Group pushed back on the terminology itself: "I'm not a fan of the word 'soft' as some may read as 'easy'. They're anything but!" He prefers "social skills" and emphasized that "being empathetic to what others need or are going through is essential: Cybersecurity is more and more about cooperation with others." Without understanding how others deal with their own constraints and objectives, "the chance of collaboration drops significantly." For some, developing these skills requires particularly intentional effort. Brian Laing of AccuKnox shared that over his 20-year cybersecurity career, "developing soft skills has been a deliberate journey. Being autistic, I've had to consciously work on skills like communication and empathy that may come more naturally to others. This effort has paid dividends throughout my career."

Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now.

Thanks to our podcast sponsor, HackerOne

Subscribe
Subscribe to Defense in Depth podcast

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type "Defense in Depth" into your favorite podcast app.

What everyone gets wrong during cyber incidents

At HOU.SEC.CON 2025, we asked attendees what mistake they see over and over again during security incidents. Their top answer? Panic. Followed closely by rushing, skipping the plan, and letting emotions take over.

It’s a short, honest look at how even seasoned professionals can lose their footing in the heat of response. Watch this quick clip from the CISO Series to hear what the community had to say.

Read more and watch the video here.

Thanks to the sponsor of this video, CrowdStrike

CISO Series Meetup in New York City!

Join us for a CISO Series meetup in New York City! On Tuesday, October 21, network with NYC security pros at Gibney’s NYC. Drinks, laughs, and cyber friends welcome!

RSVP here!

Thanks to our event sponsors, Anvilogic and ThreatLocker.

LIVE!
Cyber Security Headlines - Week in Review

Make sure you register on YouTube to join the LIVE "Week In Review" this Friday for Cyber Security Headlines with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be Andrew Wilder, CISO, Vetcor.

Thanks to our Cyber Security Headlines sponsor, Vanta

Cyber chatter from around the web...
Jump in on these conversations

“Oh no, what a brilliant idea!! Age verification with ID uploads what could possibly go wrong?” (More here)

“Unity has found a security vulnerability that has sat dormant for almost a decade: 'Take immediate action to protect your games & apps'“ (More here)

“My enterprise level company only has a team of three cyber-security staff, what is the norm?” (More here)

Coming Up On Super Cyber Friday...
In the weeks ahead on Super Cyber Friday we have:

• [10-17-2025] [Hacking Next Gen Data Threats]

• [10-24-2025] [Hacking the Death of EDR]

• [10-31-2025] [Hacking CISO Self-Interest]

 Save your spot and register for them all now!

Thank you!
Thank you for supporting CISO Series and all our programming

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.