FREE to IEEE Members
Bansal discusses current cybersecurity trends, and the role a cybersecurity product manager plays in developing and launching new cybersecurity tools and strategies. The author clearly believes this is a good career choice, discussing the skills needed to succeed as a cybersecurity project manager. He starts by making a strong case that cybersecurity is a growing concern — not only in the United States — but around the world, one that creates a need for more cybersecurity project managers.
The author discusses these trends in cybersecurity:
- Increasing costs to businesses of cybercrime and data breaches. Bansal points out that in 2023, damages from various types of cyberattacks totaled more than $8 trillion, and the average cost had grown to more than $4 million each data breach.
- Increasing sophistication of cyberattacks. As cybercriminals have become more sophisticated, the number of attacks has grown. Microsoft claims that its security analysts, investigators, and threat hunters blocked 70 billion suspicious and malicious emails in 2022.
- Emergence of advanced attack technologies, including those using AI. Bansal emphasizes that attackers are now leveraging “automated tools and AI to attack organizations, gain access to business-critical resources, steal identities and perpetrate financial fraud.”
- Rise of Cybercrime-as-a-service (Caas). Cyber criminals on the dark web now offer such services as ransomware attacks, company disruptions, blackmail, espionage, or a variety of other frauds — as a service for a fee. Bansal suggests that this market will reach $140 billion in 2033.
- Emergence of security issues with the cloud. Bansal points out, “As organizations move to the cloud, so are smart cyberattackers, who target vulnerabilities in enterprise cloud environments.”
All of these trends create positions and careers, as well as whole businesses designed to combat them. Bansal defines the key role that a cybersecurity product manager plays in this environment, as one who “defines, creates and manages a cybersecurity strategy and product throughout its lifecycle.” The product manager, he explains, works with a cross-functional team of engineers — as well as research, development, sales and marketing professionals — to “defend organizations against cyber threats, including data breaches, ransomware attacks, phishing attempts, and more.”
Bansal explains that cybersecurity product managers handle product lifecycle, from planning and requirements gathering, to development, testing and launch. The tasks involved include:
- translating product vision and strategy into detailed development, testing and go-to-market plans
- defining features and prioritizing deliverables
- understanding current cybersecurity trends
- designing strategies for product marketing, positioning and promotions
- identifying and mitigating risks
- always putting the customer at the center of the development effort
Bansal indicated that the cybersecurity product manager goes through a similar process for other engineered products, and he outlines this process in detail. He stresses that “the role of a product manager is critical in the cybersecurity domain, because they are involved in all of the steps of the product life cycle.”
The author notes overlapping roles often occur between cybersecurity product managers and product owners, project managers and program managers. He provides a comprehensive chart that differentiates the various roles in such areas as focus horizon, building a business case, developing road maps, and identifying and mitigating risk.
From his experience, Bansal feels that successful cybersecurity product managers can be indispensable to their organizations, if they possess:
- strong technical skills
- business acumen and strategic thinking
- security landscape awareness
- interpersonal skills
- research and analytical skills
- commitment to quality
- knowledge of compliance issues
This book is excellent for someone wanting to understand the dynamic cybersecurity field better, especially for those wanting a better understanding of a cybersecurity project manager’s role, and its growing importance for businesses.
A Comprehensive Guide to Cybersecurity Product Management is free for IEEE members at the IEEE-USA Shop. Non-members pay $2.99.
Abhishek Bansal is an experienced identity and access management thought leader, with experience in building and scaling cybersecurity products and professional teams globally. He has delivered enterprise security architecture design and implementation at more than ten Fortune 1000 and Global 2000 companies. Bansal is a graduate of the University of Southern California, where he studied Electrical Engineering. He has a strong focus in Identity Governance and Compliance in heavily regulated sectors.
Bansal is a contributing member of the IEEE, Cloud Security Alliance, Information Systems Security Association and Identity Defined Security Alliance (IDSA).