Right
now, IT is a very competitive and rapidly changing environment, but many
organizations still can’t fill cyber security jobs. There is an increasing
demand for cyber security professionals as the impact of cyber-attacks
continues to rise. The 2017 Global Information Security Workforce
Study (GISWS), in its 8thedition, estimates that there will be
a shortage of 1.8M cyber security professionals by 2022, while ISACA
estimates a global shortage as much as 2M in 2019 and 3.5M by 2021. The
increasing threat landscape and the growth rate of the Internet of Things (IoT)
is outpacing our ability to expand security. It’s unfortunate, but true: we are
losing ground.
Cyber-crime
damages also continue to increase and are expected to reach $6T by 2021.
With projections like that plus the lack of current cyber security talent, it’s
safe to say there’s probably no better job market than cyber security. Cyber
security professionals help protect our critical infrastructure and our most
important and private information. A lot of organizations are doing some great
work in educating the workforce, but we need more pros who specialize in
security. If this is a path you are interested in pursuing, there are a few
ways to get you there.
Cyber
Security on the Job
If
you are just starting out, focus on networking basics. Everything
security-related starts at the network, so a good understanding of how the
network works will start you off in the right direction. If you’re already in
IT and work in an environment where you have access to networking hardware,
spend some time studying network design, endpoint security, and data
protection. IT-related jobs such as Network Engineer or Systems Administrator
together with some analytical abilities and good communication skills can pave
the way and provide a transition into a cyber-security career.
Cyber
Security Certificates
Another
great place to begin is with a certificate program. Certificate-level training
will mean that you are job-ready when you start your career, and you can obtain
these certificates in a few different ways, such as classroom-based training,
online instructor-led modules, private on-site training, or self-paced
learning. Either way, you can differentiate yourself from other candidates with
a certificate in hand.
Individuals
interested in a certificate path will need an IT-related
specialization. CompTIA A+, Network+ or Security+ is where many
people start. Some employers will be looking for applicants entering the
workforce with an industry-recognized certification from organizations such as
CompTIA or ISC2.
Professional
Cyber Security Career
If
you are focusing on a professional degree, look at Computer Science or
Information Technology courses with an emphasis on cyber security. Many
universities offer specific cyber security degrees as well. Most employers and
recruiters will be looking for a bachelor’s degree or a minimum of 3–5 years’
experience. Having that degree will help get you in the door and can lead to
higher pay and promotions and a lifelong career. You can then advance your
career by building knowledge through a certificate program such CISSP, CISM, or
CEH.
If
you are just curious about entering the cyber security workforce, there are
also cyber security educational conferences held around the country that
provide high quality professional development opportunities. ISACA offers an
annual CACS (Computer Audit, Control, and Security) conference. NIST offers
their NICE (National Initiative for Cyber Security Education) conference. There
also are a number of vertical-specific security conferences, such as local
HIMSS (Health Information and Management Systems Society) events or ICS
(Industrial Control Systems) SCADA conferences. These educational conferences
offer an environment where you can quickly catch up on the latest technologies
and learn how many vendors are combating the latest threats.
NOTE: The views expressed here are those of the author's and not necessarily represent or reflect the views of DoT Club as a whole.