Are you familiar with the saying, “you are the average of the five people you spend the most time with?” It speaks to how our social environment and relationships can define the scope of our worldview and attitudes. For example, if you spend time with people involved with information security, you likely know there is an ongoing cybersecurity skills shortage. However, if your peer group has few connections to the IT industry, you may be unaware of the current opportunities in the field.
In the U.S., there’s an extreme need for qualified cybersecurity professionals, a career that pays pretty well. At the same time, 62% of workers report living paycheck to paycheck. The cybersecurity problem we face has an obvious solution – we must bring both pieces of the puzzle together. To this end, I hope you will read and share this article with anyone who may benefit from it. By helping people outside the industry discover a rewarding cybersecurity career, we help ourselves by improving the global security posture. It is a win-win situation.
The skills shortage
Last year, the Department of Homeland Security (DHS) did a 60-day hiring sprint for cybersecurity professionals. The DHS recruited roughly 300 new workers, falling far short of its 2000 vacant cybersecurity positions. Even with rapid inflation and the looming threat of a recession, the U.S. has roughly half a million cybersecurity job opportunities waiting to be filled.
Since the COVID-19 pandemic, many workers have resigned from their jobs, a phenomenon referred to as the Great Resignation. This shift from in-person to remote work has only increased the need for cybersecurity workers. Consider the number of personal and home office devices (not to mention networks) that suddenly started accessing workplace resources. Each unmanaged app, device, and connection from these home offices introduce new opportunities for threat actors to exploit.
Mobile computing, mass adoption of cloud services, work-from-home, and other factors drive the demand for cybersecurity specialists sky-high while the supply remains critically low. Outsiders hoping to break into the industry could not ask for more favorable conditions.
Is cross-training right for you?
How can you tell if cybersecurity is a good fit for you? Certain skills, interests, and attributes that interest people in the field and allow them to excel. For example, people who enjoy analysis may like cybersecurity. Several people from adjacent fields, including criminal justice, finance, the military, and business, are making the switch.
Others may be hesitant to try, believing cybersecurity professionals must have considerable technical knowledge – but technologies can be learned. Anyone who is naturally curious, self-motivated, and logically inclined has the foundation attributes needed to become a great cybersecurity analyst.
What about those with no history of higher education?
While most cybersecurity professionals have a college degree, 18% of entry-level professionals do not. Typically, IT professionals and cybersecurity experts can find entry-level positions simply by obtaining the correct certifications. One example is the CompTIA Security+ required for U.S. Government cybersecurity jobs. Many free resources are available on YouTube and elsewhere for people interested in pursuing this certification. Cost-wise, the Security+ exam can be taken for under $400 in the U.S. and less in other countries.
How much can you earn?
The average income of a U.S. cybersecurity professional is $112,974 per year. Some security consultants with low-level certifications can earn over $120,000 per year, depending on their other qualifications.
Additionally, career advancement options are almost endless if you continue pursuing your education. Cybersecurity is truly a field where one can follow their passions. People can specialize their security knowledge in software, cloud, endpoint, network, mobile, AI, and many other categories.
There are many cybersecurity opportunities in the public sector for those seeking stability in uncertain economic times. Cybersecurity professionals often work remotely, which makes the profession particularly accommodating to various lifestyles.
Get certified and start your career
People interested in cybersecurity can choose from various certifications, depending on their desired career path. Some are targeted at entry-level jobs, while others aim to sharpen the skills of experienced practitioners. Top companies like Microsoft, Amazon, Zscaler, Alphabet, and others regularly seek experts trained in cloud security and zero trust principles.
There are many established cybersecurity certifications that can help a newcomer find their first job. However, these certifications often focus on legacy network infrastructure and architecture. While older systems certainly need to be secured, much of today’s world is migrating to the cloud. This means cloud security opportunities are likely to continue to grow, while the demand for legacy support is uncertain.
For this reason, I advise taking a look at the certification offered by the Cloud Security Alliance. They offer a great first step into the world of cloud security with their Certificate of Cloud Security Knowledge (CCSK). This program provides students with a strong foundation of relevant security knowledge including identity access management (IAM), data encryption, incident response, and more. The CCSK also provides a great stepping stone for various other cloud security certifications.
Zscaler also offers several certifications for cybersecurity professionals of all levels. Studying for these certifications can help you understand IT infrastructure, cybersecurity threats, and how zero trust frameworks function. Understanding zero trust and cloud security are especially important as more organizations embrace cloud-based platforms and solutions.
Seize the moment
Today, there is a massive shortage of cybersecurity experts and countless people who feel undervalued in their current careers. This is a golden opportunity for people typically underrepresented in cybersecurity to transition into this lucrative field. In addition, people favoring work-from-home arrangements, self-starters, and those already possessing adjacent skill sets can seize this opportunity to advance into new careers.
One thing that keeps people from making wise career choices is their lack of contacts in a thriving industry. Knowing a job opportunity exists is good, but understanding how to break into the field is better. We all benefit from having more trained cybersecurity professionals fill the overwhelming vacancies in our public and private institutions. If you are in a position to guide a potential candidate into a cybersecurity career, consider sending them this article and sharing your expertise.
What to read next
If a recession comes, cut cyber professionals at your peril