The field of Cybersecurity currently has a global workforce gap of between two and three million available jobs, depending on the information source. In the United States alone, there are over 600,000 of those jobs waiting to be filled by qualified individuals, yet they remain vacant. This gap continues to grow each year and so does the criminal activities that created the need for these jobs in the first place. So, what does it really take to have a great career in Cybersecurity and contribute to closing this workforce gap?
Let’s discuss 5 very specific things you need to consider while making this a reality.
1. First, understand the difference between Information Technology, Cybersecurity and Cybercrime. This is so important to understand for new graduates entering the field, job transitioners and even experienced technologists moving into the field. A good Cybersecurity professional knows these differences well and they apply it every day. The difference is that Information Technology is what allows the existence of valuable digital data in the first place. It also enables the transfer of this data via telecommunications channels which then places that data at risk of theft or damage by cybercriminals. Cybersecurity is an overarching concept of methods and frameworks to apply very specific information technologies that are focused on the protection and security of data. Cybercrime is the set of activities exhibited by criminals to illegally and immorally benefit from the theft or damage of digital data rightfully belonging to others. The understanding of differences between these concepts, and more importantly how they interact with each other, is many times the first skill recognised by employers that may either get you your first promotion or send you back to the job sites.
2. Know your role and your place in the organisation. A cybersecurity professional is focused on the security of the organisation’s data from a variety of perspectives and attributes that traditionally include confidentiality, integrity and availability or the CIA triad as it is referred to in the industry. Cybersecurity professionals that stray into areas of non-security related corporate policy or information technology decisions that do not apply or affect the security of the organisation’s data, can make a cybersecurity professional less effective at their role. It also may reflect poorly on them as an employee since they may be crossing boundaries that they were not meant to cross. Do your job, play your role, and do it well and you will be just fine.
3. Like what you do. You don’t have to love it, but you do need to find a bit of passion, and even wonder, in what you are doing every day. If you do not find the everyday effort of thwarting criminal attempts to damage or steal data somewhat rewarding, then you may want to find another career path. Cybersecurity is the magical place where you get to apply all of your hard-earned technology skills and your natural instincts to stop, and sometimes even catch, threat agents and attackers who are out to harm others. If you lose this wonder along the way that’s Ok but make sure you find it again quickly because it’s blaringly evident to your employers that you have lost the edge.
4. Be a curious and critical thinker. Cybersecurity is a field based around really sharp criminal minds thinking of new and nefarious ways of breaching perimeter security systems and tricking innocent users into letting them access their system. This is no place for mundane thinkers. Technical skills are great, and obviously required, but if you do not know how to use them and when to use them because you lack the insight to identify the origins of the attack, then you will struggle. Attain, improve and maintain your technical skills but if you don’t know when, or in what capacity, to use them you will be looking for your next gig very quickly.
5. Finally, know and understand the Cybersecurity career landscape really well. Understanding the differences and requirements of various job titles and industry sectors is key for you to move quickly and successfully up the ladder. This is important because succeeding in one role doesn’t necessarily mean the next one will be the ideal fit for you. If you know these sectors and incrementing roles ahead of time, you can better plan out your climb to ultimate success!
In conclusion, yes there is a huge job market for skilled cybersecurity professionals if you are adequately qualified. However, this is not a guarantee by any means, and those entering the workforce should be cognizant of these 5 things that could mean the difference between a great career in Cybersecurity or none at all.
Author: Dr Michael Nizich, an Adjunct Associate Professor of Computer Science and Cybersecurity at New York Institute of Technology and the author of the new book, The Cybersecurity Workforce of Tomorrow.