Maybe you have read about the expected 3.5 million unfilled cybersecurity jobs by 2021. Or that 74% of companies recently surveyed said that the skills shortage is impacting their business, including their ability to keep their information secure. With the reports of large salaries, job security and strong career progression, there are many reasons why cybersecurity is one of the best careers to be in right now. Knowing where to start isn’t necessarily as obvious.
One of the best solutions to the skills gap problem can be seen in the executive order President Trump signed earlier this year, in which appropriately skilling and hiring cybersecurity personnel is put front and center. The strategies set out in the order include training people who have the aptitude for a cybersecurity career. If that is you, how can you take advantage of the current situation and jump-start your career?
The easiest way to begin your career in security is to go to some events and network. The industry is crying out for people. People who already have technical skills or who have a particular interest in security can get jobs very quickly by showing an interest before the right people. Just being at the event demonstrates your interest level. It allows you to connect quickly with relevant professionals who can help you make that next move.
We have seen previously that candidates coming from related business areas (IT, risk, project management) can quickly accelerate their careers and earnings once they transition into cybersecurity. Networking is also essential for those who want to quickly advance their career within cybersecurity. Meeting new people at the right events shows that you are involved in the industry and committed to your professional development.
Understand The Opportunities Available
Talking about a career in cybersecurity is as broad as talking about a career in IT or digital; it can mean any one of 100 different things. Some of the roles are very technical, such as penetration testers or security architects. Other roles are more people-focused, such as cybersecurity awareness managers. There are roles within sales, marketing and training. Often, privacy and data protection positions get tagged as cyber. These roles couldn’t be more different from a hacker or security engineer. Understanding the different type of roles can help you work out where you might fit, so be sure to research and know your options.
Analyze What Skills You Need
Each of the roles will require different skills, and you need to consider what skills you have against the roles you consider most interesting. For management roles, consider how strong your business communication skills are, and work on those if necessary. Within cybersecurity, I see numerous examples of candidates jumping to leadership roles within three years. These people are passionate and able to communicate technically to nontechnical peers. If you are unsure about your own strengths, seek out feedback from your manager or people you work with often, and take their advice on how you may be able to improve.
For more technical roles, communication skills can be much less important. Here, technical skills, interest and training are most important. While experience is generally the most important thing, qualifications can help for certain career moves. Penetration testers who want to jump to the next salary bracket can benefit from a recognized qualification (offensive security certified professional (OSCP) being the most respected currently). A certified information systems security professional (CISSP) or certified information security manager (CISM) can help security analysts looking to move into a more senior role. Obtaining an entry-level qualification, such as a certified ethical hacker (CEH) for pen testers, can help demonstrate your commitment to starting your cybersecurity career.
Once you have considered these steps, they don’t just need to apply to roles outside of your current organization. With so many companies affected by the cybersecurity skills shortage, it is likely your current company is also experiencing some of these challenges. Even if your company has an established team, it will know how hard it is to find passionate people with an interest in the area. You can ask to move internally, or ask for projects where you could add cybersecurity on to the list of tasks. Cybersecurity is one of the most exciting career paths to be involved in right now, and it has never been easier to make a change.