IT projects have many moving parts and require the kind of strategic approach provided by a project manager to limit problems and delays. Applying project management skills enables IT pros to maximize budget and resources while maintaining the scope of work.
Cybersecurity professionals are increasingly expected to master project management, but technical skills are only the tip of the iceberg. It’s essential to approach cybersecurity not just from a security knowledge standpoint, but also with business goals in mind. Below are six project management skills that can help more cybersecurity projects succeed.
6 Project Management Skills for Cybersecurity
1. Set Clear Project Expectations, Focus and Outcome
When expectations are not clear, projects can lack focus and project participants have a hard time seeing how their tasks tie back to the final outcome. With project management training, IT pros learn how to prepare a clear and complete project plan so everyone knows what they are supposed to do, what to expect from the final product and how what they’re assigned relates to it.
“Often something is produced and it doesn’t really meet the needs of the group,” said Richard Rieben, director, audit operations, at KirkpatrickPrice. “Clients are unhappy with what’s been created or produced because requirements weren’t successfully evaluated in the initial stages of the project.”
2. Articulate Project Scope and Match Tasks to Goals
Outlining business objectives and setting the project scope ensure that everyone knows what they’re working toward and what is and isn’t part of the project. Taking a project management approach helps cybersecurity pros see what deliverables result from the tasks and how each task impacts the outcome of the project.
“Unless you are formally putting some constraints around the project, you often deal with challenges like scope creep, you keep changing things,” Rieben said. “Unless you’ve clearly defined deliverables and expectations for everybody, then the project is not going to be successful.”
3. Identify and Mitigate Business and Cybersecurity Risks
Identifying and mitigating risks is at the core of both cybersecurity and project management. While cybersecurity addresses risks to infrastructure, software and other IT deployments, project management assesses business impact and organizational risk. When IT pros don’t understand the business risk or executives don’t connect decisions to security risk, projects can fail.
“Both cybersecurity and project management are often times bringing a shared element of addressing risk,” said Pamela McComas, program manager at General Dynamics Information Technology. “In project management, there’s risk elements too, such as what happens when you go out of scope or when your labor allocations aren’t accurate – there’s a lot of overlap.”
4. Gain Buy-In and Support from the Right People
Having a decision maker on board is vital to a project’s success. Through project management training, IT pros learn how to choose their project champions who can help move projects forward and how to effectively communicate with executives and stakeholders to gain buy-in.
“Understanding who the stakeholders are is very important,“ said James Burton, senior security consultant at Delta Risk LLC. “Having to uninstall a cybersecurity product or reengineer the implementation of it because we find we don’t have all the necessary eyes on it at the beginning...it causes projects to fail.”
5. Communicate Clearly with Non-Technical Staff
When it comes to cybersecurity protocols and systems, it’s important for IT pros to be able to effectively communicate with and educate non-technical staff. Leadership skills, also known as soft skills, like communication and project management only enhance the effectiveness of cybersecurity teams and position IT pros for moving up in their careers.
“I think if we spend more time on soft skills it would benefit organizations and I think project management is the right way to do it,” said Steve Sims, co-founder of Cascade Defense.
6. Meet Timelines and Budgets
Project managers look at the big picture of how missed deadlines and added costs can derail projects, but IT pros can become so focused on the technical tasks that they lose sight of how their work impacts the larger effort. Project management skills help IT pros stay on time and on budget.
“As experts, we do the work, but we don’t always understand the ramifications of being on time and on budget,” Burton said.
Pushing the Limits of Productive Projects: Enabling Cybersecurity Professionals with Project Management Skills outlines why project management is crucial to IT, and to cybersecurity specifically and how cybersecurity professionals can apply project management skills to their work. Click through to read the full whitepaper.