Presentation for the University of North Carolina-Wilmington 6th Annual Cybersecurity Conference
Authored by Wilson Bautista Jr., CEO of Jün Cyber
I began my IT career as a Communications Officer in the Marines, managing teams across single-channel radio, satellite communications, and more. My fascination with cybersecurity led me to transition into the role of a cybersecurity analyst for the Marine Corps, preparing bases for DISA Cyber Readiness Inspections. In the private sector, I quickly advanced from an analyst to a services portfolio manager and eventually took on the challenge of building an IT and InfoSec program for a defense manufacturer, ensuring compliance with 800-171 standards. Today, I run my own compliance-focused technology managed services company, supporting compliance efforts for companies from SaaS firms pursuing SOC 2 or ISO 27001 to defense contractors preparing for CMMC.
The Unlikely Connection Between Music and Cybersecurity
A significant part of my success as a cybersecurity professional stems from my education as a musician. I know what you’re thinking—how is this applicable to cybersecurity? We tend to think in absolutes, but like in music, creativity and adaptability are key in cybersecurity.
In cybersecurity, success isn’t just about tech or protocols—it’s about improvisation. Like music, it’s about creativity, adaptability, and leading your team to make the most of what you have. Today, we’ll explore how improvisation fosters an agile cybersecurity culture.
Stages of Cybersecurity Maturity
Cybersecurity maturity is a journey. From focusing on vulnerability management and patching to frameworks like SOC 2, NIST CSF, or ISO 27001, and finally to adaptive security. Progression is subjective and dependent on each organization’s context. Developing capabilities in parallel allows for holistic growth.
The Problem: Are Hard Skills Enough?
In our talent pipeline, we focus on developing hard skills like firewalls, malware analysis, and threat detection. But soft skills, which are often overlooked, are equally critical to success. Music provides an analogy for these soft skills: collaboration, leadership, empathy, adaptability, and problem-solving.
Music Education and Cybersecurity Skills Development
Stage 1: Foundational Skills (Hard Skills) – Technical discipline, repetition, and analytical skills are like mastering a new cybersecurity tool.
Stage 2: Collaborative Skills (Soft Skills) – In an ensemble, teamwork, communication, and collective goals mirror the collaborative nature of cybersecurity teams.
The Orchestra Analogy: ISO 27001
ISO 27001’s organizational, people, physical, and technological controls are like sections of an orchestra. To achieve harmony, each section must collaborate, just like a well-coordinated security team.
Jazz Improvisation and Adaptive Security
At the highest level of cybersecurity maturity, we achieve adaptive security—the ability to respond fluidly to emerging threats. This stage is like jazz improvisation: structured but free, based on deep technical knowledge but adaptable to change.
Key aspects of Level 3 Adaptive Security include:
- Creative Problem-Solving: Responding instantly to unanticipated threats.
- Collaboration: Fluid, real-time communication across teams.
- Experimentation: Willingness to test new approaches, much like jazz musicians explore new musical phrases.
- Practice and Iteration: Regular incident response simulations and drills to hone adaptive skills.
- Trust and Competence: Just as musicians trust each other’s abilities, cybersecurity teams need to trust and collaborate effectively.
- Unique “Sound” in Cybersecurity: Developing a tailored security approach, blending frameworks and adapting to specific organizational needs.
Building an Adaptive Security Culture
Achieving adaptive security is about more than mastering technical skills. It’s about fostering trust, creativity, and adaptability within your teams. By embracing improvisation, cybersecurity professionals can become agile problem-solvers, ready to tackle the ever-changing digital threat landscape.
At Jün Cyber, we’re committed to building security programs that are not only effective but agile and evolving. Learn more about how we support organizations through compliance efforts by visiting Jün Cyber.
Let’s work together to build cybersecurity programs that are in tune with the threats we face—because like jazz, cybersecurity is about continuous learning, adaptation, and performance.
For more insights on cybersecurity and compliance, visit Jün Cyber.