Posted October 10, 2018
The cybersecurity industry is in a crisis. The cost of a data breach hit a whopping $3.86 million (a 6.4% increase from 2017), cybersecurity is considered one of the top four threats to business growth, and “mega breaches” (where 1 to 50 million records are lost) are becoming a weekly occurrence. The solution seems easy enough – hire more people.
Except… we have no more bodies to throw at the problem. Currently, there are 350,000 open cybersecurity positions in the United States and a predicted global shortfall of 3.5 million cybersecurity jobs by 2021.
This is a far cry from being able to keep up with the demand, and organizations are starting to feel the pressure to build and/or maintain skilled teams. Putting that into context, 59% of enterprises have unfilled cybersecurity positions, and it has taken over 50% of enterprises 3-6 months to fill them. When it comes to cybersecurity job applicants, only 1 in 4 are well qualified for the position.
What does that mean for you? If you have ever had an interest in a highly engaging, ever changing field, a career in cybersecurity may be the place for you. But, how can you bridge the skills gap and find a career in this rapidly growing field?
While cyber security professionals come from all walks of life, many share common backgrounds in their educational paths. Typically, professionals who were enrolled in programs in the STEM field (Science, Technology, Engineering and Math) or in Business are highly sought after by employers. While you can start your career with an associate’s degree, many professionals choose to get their Bachelor’s or an advanced degree. If you are looking for resources to get some exposure into cyber security, look to places such as StaySafeOnline’s C-SAVE, which was created to help educators teach young people about cyber safety and cyber ethics, as well as plant seeds for developing more cybersecurity professionals. There are also more advanced resources like CyberPatriot, which is a national youth cyber education program was created to inspire students towards careers in STEM. To help bridge this cybersecurity skills education gap there needs to be an increased cyber awareness for new or seasoned professionals looking to start their careers.
Technical Skills Needed for Cyber Security Professionals
Cyber security is a vast field with many different roles within the industry. But, regardless of what role you decide to take, there are going to be technical skills which will be utilized across the board. From conducting vulnerability testing, analyzing security breaches, or conducting security audits, here are some of the technical skills which you should have under your belt.
- Strong understanding in Information Technology fundamentals: Being able to decipher and make active changes to web applications, firewalls or computer systems
- Scripting and Coding: Speaking the language, whether it’s C, C++, Java, PHP, Perl, Ruby or Python, as well as being able to navigate within multiple cyber security platforms.
- Research and Analytics: Utilizing popular search platforms and search engines to further understand the ever-changing cybersecurity landscape is pivotal to both your future organization and your own continual education.
Certifications: There are many cybersecurity certifications such as CEH, Comp TIA Security+, CISM, and CISSP that can be further leveraged technically in a professional role.
Organizations realize there is a gap between the supply and demand of cybersecurity professionals, but 62% of organizations aren’t providing proper training for their employees. While security budgets are increasing, few companies spend that money on training current employees. Employees are not just one of your biggest targets, but they are also your first line of defense. Some of the biggest threats to an organization could come from an employee clicking on a malicious link in an email, using weak or reusing passwords, leaving devices unlocked, or bad user credential sharing practices.
Preventing cyber attacks is not just the responsibility of your security team, but with all employees. Educating employees about phishing attacks, password hygiene, social engineering, and other IT security topics can help protect your organization from cyber attacks and data breaches.
The Soft Skills Needed for Cyber Security Professionals
Professionals who want to distinguish themselves from other applicants have a mastery not only in the technical skill set for the job, but also in the soft skills. With the role of a cyber security analysts continually evolving, employers are not just looking for someone who can keep the organization moving smoothly, but a well-rounded individual who can take their expertise and communicate it across an entire organization from the top down. Valuable soft skills for a role in cyber security include
- Written and verbal communication: Being able to take the abstract ideas and educate all parts of an organization. Whether it be in reports, over the phone, or in a meeting, the ideal cyber security profession can articulate themselves in a way where stakeholders can fully understand.
- Detail Oriented: Because of the nature of cyber attacks, cyber security professionals must be able to see between the lines and understand even the most minor of changes across systems.
- Problem Solving: Taking a step back to best understand any problem, from a threat actor to a system malfunction and articulate what are the steps needed to solve a problem.
Thinking about your next career jump? Look to our careers page for new, exciting roles in a continuously growing cybersecurity organization!
Looking to Hire Cybersecurity Professionals? Go “as-a-Service”
Even though cybersecurity is present in organizations’ budgets, there’s still not enough to cover the robust tools, people, and infrastructure needed to efficiently and effectively keep up. On top of that, building in-house capabilities can be costly and take months to get up and running. That’s why many organizations who don’t have the resources to build their own team, as well as those who are simply looking to augment their current team, are adopting a hybrid approach – in-house and outsourcing. This is becoming so prevalent that 87% of IT security professionals expect to move to an “as-a-Service” model in the next year. Outsourcing your security needs to a company with deep roots and expertise in cyber threat intelligence delivers the skills and scale necessary to protect your organization in a cost-effective and efficient way.
With LookingGlass’ Threat Intelligence-as-a-Service™, leverage our 20+ years of experience 24x7x365, so you can focus on business-critical tasks.
To learn more about how you can bridge the skills gap and secure your organization, contact us.