Right now, IT is a very competitive and rapidly changing environment, but many organizations still can’t fill cyber security jobs. There is an increasing demand for cyber security professionals as the impact of cyber attacks continues to rise. The 2017 Global Information Security Workforce Study (GISWS), in its 8th edition, estimates that there will be a shortage of 1.8M cyber security professionals by 2022, while ISACA estimates a global shortage as much as 2M in 2019 and 3.5M by 2021. The increasing threat landscape and the growth rate of the Internet of Things (IoT) is outpacing our ability to expand security. It’s unfortunate, but true: we are losing ground.
Cyber crime damages also continue to increase and are expected to reach $6T by 2021. With projections like that plus the lack of current cyber security talent, it’s safe to say there’s probably no better job market than cyber security. Cyber security professionals help protect our critical infrastructure and our most important and private information. A lot of organizations are doing some great work in educating the workforce, but we need more pros who specialize in security. If this is a path you are interested in pursuing, there are a few ways to get you there.
Cyber Security on the Job
If you are just starting out, focus on networking basics. Everything security-related starts at the network, so a good understanding of how the network works will start you off in the right direction. If you’re already in IT and work in an environment where you have access to networking hardware, spend some time studying network design, endpoint security, and data protection. IT-related jobs such as Network Engineer or Systems Administrator together with some analytical abilities and good communication skills can pave the way and provide a transition into a cyber security career.
Cyber Security Certificates
Another great place to begin is with a certificate program. Certificate-level training will mean that you are job-ready when you start your career, and you can obtain these certificates in a few different ways, such as classroom-based trainings, online instructor-led modules, private on-site training, or self-paced learning. Either way, you can differentiate yourself from other candidates with a certificate in hand.
Individuals interested in a certificate path will need an IT-related specialization. CompTIA A+, Network+ or Security+ is where many people start. Some employers will be looking for applicants entering the workforce with an industry-recognized certification from organizations such as CompTIA or ISC2.
Professional Cyber Security Career
If you are focusing on a professional degree, look at Computer Science or Information Technology courses with an emphasis on cyber security. Many universities offer specific cyber security degrees as well. Most employers and recruiters will be looking for a bachelor’s degree or a minimum of 3–5 years’ experience. Having that degree will help get you in the door and can lead to higher pay and promotions and a lifelong career. You can then advance your career by building knowledge through a certificate program such CISSP, CISM, or CEH.
If you are just curious about entering the cyber security workforce, there are also cyber security educational conferences held around the country that provide high quality professional development opportunities. ISACA offers an annual CACS (Computer Audit, Control, and Security) conference. NIST offers their NICE (National Initiative for Cybersecurity Education) conference. There also are a number of vertical-specific security conferences, such as local HIMSS (Health Information and Management Systems Society) events or ICS (Industrial Control Systems) SCADA conferences. These educational conferences offer an environment where you can quickly catch up on the latest technologies and learn how many vendors are combating the latest threats.