The increasing prevalence of cyber security attacks has made businesses within every industry question their own security measures. How secure is your network? What new trends—like artificial intelligence or the IoT—could pose a threat to your organization, and how should you safeguard it? In order to maintain a secure infrastructure and keep business running as usual, it’s essential that you hire the right cyber security talent for your company. But making a new hire for these highly sensitive jobs requires more than just finding someone who “feels like a good fit.” There are specific questions you should ask to determine whether or not a cyber security candidate will help your company stay protected and successful.
- Are You Getting Into The Industry On Purpose Or On Accident?
When hiring cyber security staff, it’s important to get a brief history of their experience. Whether it’s immediately transparent or not, some people are reluctant cyber security staff, like the network analyst who was asked to add cyber security onto their current role, for example, as opposed to someone who has actually been passionate about the field and has purposefully pursued a career in it. You don’t need to bluntly ask them if they got into the industry “on purpose,” but asking a few questions about their experience—like where they started, how they got into cyber security, etc.—can help you determine the answer.
- What Are Some Current Industry Trends You’ve Been Following?
When it comes to cyber security, things are continuously evolving and changing. Cyber criminals are constantly finding new ways to exploit the latest digital advances to their advantage, whether that be artificial intelligence or the cloud. It’s not enough to hire someone for cyber security and have them tune out the constant barrage of new updates and trends in the industry—they should have their ear to the ground at all times. Because of this, it’s crucial to ask a potential cyber security hire what they think of current industry trends to determine how clued in they really are to the industry. You want someone who can aggregate industry trends, forecasts, and data to plan out how they can best protect your company.
- What Type of Security Initiatives Did You Bring Forth In Your Last Job?
Rather than just posing a blanket statement like “tell us about your previous experience,” ask about specific protocols a candidate has implemented. You want to find out if they’ve taken initiative in setting up new security protocols in the past, not just skated by on the bare minimum. It’s helpful to have specific examples so you can get an idea of how they’ve solved problems and troubleshooted in the past. You can also ask “what flaws did you identify in the system and how did you attempt to fix them? What was the result?”
- What Do You Perceive As The Biggest Hacks Of The Last Year? And What Could Those Companies Have Done To Prevent Them?
This is a great question to ask a potential cyber security hire because you’ll get a sense of how they conceptualize real-world situations. People might point to large-scale hacks at companies like Uber or Equifax—these are great opportunities to ask the candidate how they would have handled such a large attack and what they would have done differently to prevent it. You’ll get a sense of how in-tune they are with current industry trends and if they’re able to problem solve when it comes to something as high-level as a large-scale attack.
- What Preventative Security Measures Would You Take In This Role?
Some security candidates have the habit of giving one-size-fits-all solutions, but this is a great question to determine what specific measures they would implement that work for your company. This also gives you a chance to see if a candidate has done thorough research on your company, which is always a good indicator of both a candidate’s passion for the industry and interest level in the position. If someone has done their research and has great solutions to offer, it makes hiring them a fairly easy decision.
- What Sources Are You Monitoring To Assess Current Threats?
There are many alert system out there, and a cyber security professional certainly can’t listen to every one of them. But you should be listening to a handful of them—so it’s a good idea to understand which alert systems your potential hire uses. Do they match up with ones your company currently uses? Or could this candidate potentially introduce new systems that your company should be monitoring? While it may seem like a formality, asking this type of specific question will also help you get a clear picture of their experience and how it could fit into your company.
In the end, having a secure network is essential for your company’s success—you simply can’t run your business without it. Because of this, choosing the right cyber security candidate is perhaps one of the most important decisions your company can make. It’s imperative that you hire someone with the right experience, initiative, and problem-solving skills to keep your organization safe both now and into the future, wherever the future of cyber security leads.