Common Personality Types That Can Disrupt Teamwork & Expose Firms to Risk

essidsolutions

Without key personality traits that can help foster effective IT environments,  teams often struggle to manage successfully, monitor and mitigate security threats. Despite their knowledge, abilities, and competence, personality flaws can undermine information security initiatives and expose firms to heightened risk. But what does this look like in practice? Here’s a look at four common personality types that can disrupt team efforts.

Humans are an integral part of cybersecurity efforts. Employees play a critical role in detecting, identifying and mitigating threats. The ability of infosec professionals to think outside the box can help companies discover new ways to combat security concerns and limit attack impact.

The caveat? Staff is simultaneously the weakest link in securityOpens a new window . Solving this problem starts with education: Front-line staff, managers and C-suite executives need to recognize the potential problems associated with behaviors such as opening unknown emails or using unapproved apps.

But there’s another side to this security story: IT professionals themselves. Personality pitfalls can undermine infosec efforts and expose companies to increased risk despite their knowledge, skills, and expertise. 

IT Takes a Village

The sheer volume and variety of security threats — from ransomware to account compromise to cryptojacking to phishing and DDoS attacks — makes it impossible for IT pros to operate in isolation. Instead, team efforts are required to assess current concerns, anticipate new threats, and deploy tools to address these issues.

According to Jenai MarinkovicOpens a new window , vCISO/CTO for Tiro Security and a member of ISACA’s Emerging Trends Working Group, this technical teamwork requires “strong communication skills and strong human skills that are often lacking, especially as more work becomes automated.”

She points to four key personality traits that can help foster effective IT environments:

    • Crisis management
    • Communication
    • Conflict management 
    • Critical thinking

Without these skills, teams often struggle to manage successfully, monitor and mitigate security threats. But what does this look like in practice? Here’s a look at four common personality types that can sidetrack team efforts.

See More: Top 10 Must-Have DevOps Tools in 2021

Type 1: The Traditionalist — Conformity over crisis management

IT security frameworks are constantly evolving as attackers look for new ways to compromise key systems. As a result, tools and techniques are adapting to match. Consider the rise of next-generation firewalls — instead of relying on predefined states and lists, they leverage artificial intelligence (AI) to monitor and mitigate threats actively.

Traditionalists, meanwhile, like things the way they are. They prefer familiar tools and frameworks and aren’t inclined to change. “This doesn’t engender trust among teams,” says Marinkovic. “Threats agents are diverse by design. If you’re not adaptable, there is no role for you.”

In some cases, traditionalism stems from fear of failure. In others, it’s tied to worries around job security. Either way, says Marinkovic, “you need to take a step back and see what’s happening to create this.” Ideally, traditionalists can make a move to more modern infosec approaches. If not, they may not be a good fit.

Type 2: The technical wizard — Challenges in communication

The technical wizard is a master of their domain. The problem? They’re often unwilling or unable to communicate with other teams or C-suite executives effectively, in turn leading to security disconnects.

“When security teams speak too technically,” notes Marinkovic, “people often think they’re speaking over their head. IT staff need to recognize that their team isn’t just the security team — it extends across the organization.”

To help encourage better communications, companies must invest in team-building efforts to encourage staff to become more comfortable giving and receiving feedback. Marinkovic points to issues with her own organization around attack containment times. “We had problems with containment times,” she says. “It could take upwards of an entire day to fully contain, and we realized there were massive breakdowns in communication. Every single breach was handled differently.”

The company turned to American football as an example of great communication and created a framework that assigned specific roles and responsibilities, in turn allowing them to “call plays” more quickly. It worked: “By the time we got finished,” she says, “we reduced containment times from hours to six minutes.”

Type 3: The superstar — Cultivating conflict

Cybersecurity is a team sport. “It’s the success of the team that matters,” says Melissa Elza, Chief People Officer at Tiro. “You can’t have two superstars and three people struggling. If managers allow this to happen, it’s a problem — your quarterback is only as good as his team.”

While cybersecurity superstars often possess a seemingly preternatural ability to handle threats and think outside the box, the hard truth is that they can’t do it all alone. Expanding attack surfaces combined with increasing IT complexity requires teams to act in unison — one player charging ahead because they’re confident in their abilities can create gaps in the defense and allow attackers to circumvent protective efforts. 

“Security is now down to microseconds in our responses,” says Marinkovic. “Our communications have to be in a way we’re not necessarily trained.”

See More: Cybersecurity Careers: Are Women in Cyber Faring Better Than Those in IT?

Type 4: The micromanager — Curtailing critical thinking

Managers also play a critical role in cybersecurity effectiveness. If staff feel like they aren’t trusted to do their work, both morale and performance suffer. 

“I’ve worked on enough internal investigations to see when these skills are not developed,” says Elza. “Management teams are critical — staff need to feel appreciated, and they need to be able to fail.” She points to the recent Solar Winds attack and subsequent company response: In a statement, the CEO chose to identify an intern as the cause of the breach rather than taking responsibility as a team. 

As a result, micromanagers can negatively impact corporate culture and frustrate efforts by cybersecurity staff to think outside the box. If they know minor mistakes will be met with stiff criticism, they won’t perform to their potential.

Marinkovic puts it simply: “You have to get people comfortable with failure. They need to fail cheap, fail fast and fail forward.”

Team effort Is key to overcoming personality pitfalls

Effective cybersecurity frameworks depend on humans. No matter how advanced tools and technologies become, IT staff will always play a key role in keeping data, networks and devices safe. 

But technical skills and in-depth knowledge aren’t enough in isolation. For IT teams to react, respond and remediate issues on-demand, staff must work in concert to achieve security goals. In practice, this means identifying potential personality pitfalls — including traditionalists, technical wizards, superstars and micromanagers — and actively taking steps to mitigate their impact on infosec response.

Do you think  these common personality trains can sidetrack team efforts? Let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA