Like many high-tech businesses, the cybersecurity industry is facing a widening skills gap. One of the main reasons why many companies do not have effective data security practices is the lack of actual skilled cybersecurity practitioners. In a November 2019 report, the International Information System Security Certification Consortium suggested that in the US market alone, the cybersecurity workforce needed to increase by 62 percent to close the gap, and that 4 million security professionals would be required to close the gap worldwide.
In 2020, the Enterprise Strategy Group and the Information System Security Association produced a report that concluded, “No single action (funding, college programs, retraining, etc.) is working to bridge the cybersecurity skills gap. What is needed is a holistic approach of continuous cybersecurity education (starting with public education), comprehensive career development, and career mapping/planning – all with support from and integration with the business.”
The flip side of the skills shortage is cybersecurity professionals are in high demand and can pick and choose where they want to work. They tend to be highly compensated and have more flexibility to choose nurturing and comfortable work environments than their counterparts in other disciplines within information technology.
Sounds like a pretty good deal: the skill set required is in high demand and the people doing the front line work are prized. So how can someone “break into” cybersecurity? The answers are as diverse as the people doing the work, but there are some common threads. In this post, we’ll lay out six prospective paths into the industry.
- Get a cybersecurity degree. If you are just starting out, considering a degree program can shorten the distance between you and landing a cybersecurity career. Many universities offer specialized cybersecurity programs, but a computer science degree helps, too. If the four-year university program doesn’t fit with your life, you can also look for community college cybersecurity study programs that take two years to complete. In addition, many trade schools — online and brick and mortar — offer certification programs. Some of these programs require as little as 400 hours of in-depth instruction. Oftentimes, these educational institutions have placement programs and paid internships with local companies, so you have a position waiting for you when you complete your coursework.
- Learn through informal self-teaching. If you are not a traditional classroom student and acquire skills more effectively through self-guided learning, there are many resources available online that can introduce you to the basics of the cybersecurity field. Some online learning websites will also provide a certificate of course completion which is a strong proof to potential employers that you are serious about entering the field. Get more information about free subscription-based cybersecurity jobs training resources here.
- Join the workforce of the US government. If you are an American citizen, you can find and apply for government cybersecurity jobs through the USAJOBS website. The logical first place to look is with the Cybersecurity and Infrastructure Security Agency, though the Federal Aviation Administration and the Department of Energy are two examples of agencies that often look for cybersecurity professionals to join their ranks. In reality, however, there are cybersecurity jobs in virtually all federal government agencies. If you are part of a preferred group of applicants for federal jobs, you may have a clearer hiring path than others in the general public. These groups include military veterans and military spouses, Peace Corps or AmeriCorps VISTA volunteers, Native Americans, and people with disabilities.
- Win the interview. There are several approaches you can take to landing an interview, regardless of your educational background. If you know someone in the industry, reaching out to them for advice is a good first step. Find and take advantage of opportunities to converse with people who work in the field, like attending certification programs and participating in cybersecurity in-person and virtual groups and meetups. Sooner rather than later in the job-seeking process, the people with whom you’ll be speaking in an interview will be tech-savvy, so be sure you have a legitimate understanding of major industry terms and work toward becoming fluent in the technical language of cybersecurity professionals. Taking the initiative to do some self-learning, even if it’s free, and documenting it demonstrates you are serious about a cybersecurity career. Showcase skills that have strong transferability to the rigors of a role in cybersecurity. Make sure you have gathered relevant information on what the role you are seeking entails, so you can tie it to your abilities to do the work. Ask questions that show an understanding of and a curiosity about the role for which you’re interviewing.
- Be the “needle in the haystack.” Cybersecurity is such a rapidly changing landscape, and hiring managers are changing the way they assess talent for the roles they are trying to fill. While a formal degree certainly has value, fewer companies hang their hat on it like they used to. It’s more important to ascertain how well you will work and look beyond the degree to understand the many ways that people can gain an education. Do you know how to take on a challenge? Do you enjoy the thrill of problem-solving? Your ability to show you have the raw talent and mindset and that you understand the cybersecurity space should help get you to the shortlist.
- Join a company that will foster your career. While some jobs will require a degree in computer science or information security, it is possible to land an entry-level position within the field of cybersecurity without one. In an entry-level role, you can expect to take on lower-level security matters such as log monitoring, maintaining backups, and managing updates. Many companies offer additional staff training and continuing education opportunities for people starting cybersecurity careers. Other companies, like Imperva, offer undergraduate internships in all business units and have initiatives to help young graduates and employees to develop their skills. With a bit of legwork, you can find companies that will foster your career and help create an environment where you can grow into a cybersecurity role.
Try Imperva for Free
Protect your business for 30 days on Imperva.