Information security: A career at the forefront of an exciting industry

Demand for information security specialists is growing, and there are many routes to qualification. Do you have the skills to transform cybersecurity?

Demand for information security specialists is growing, and there are many routes to qualification. Do you have the skills to transform cybersecurity?

With technology advancing at an almost breathtaking rate, it can be a challenge to keep up with developments. This is why, for governments and industry worldwide – as well as everyday consumers – the opportunities and convenience afforded by new tech can be threatened by its downsides.

Notably, in the 21st century, this is characterized by the growing threat of cybercrime, which, as a study revealed in early 2016, costs the global economy up to $450 billion every year. As the authors of this research stated, if it were a US industry, “it would be bigger than the entire farming or oil and gas extraction industries”.

Skills shortage is troubling

The worry is that against this troubling backdrop, there isn’t the resource to keep various threats at bay. A major issue facing governments and enterprises is the lack of cybersecurity professionals to fill demand in this increasingly challenging field. This shortage of security staff was also highlighted by NICE (National Initiative for Cybersecurity Education) at their 2015 conference.

According to Rodney Peterson, director of NICE, in the US alone there are over 200,000 unfilled cybersecurity positions meaning that companies are unprepared for cybersecurity threats: “In the US there are over 200,000 job openings that can’t be filled, and we expect this number to grow.”

The need for more cybersecurity recruits has also been recognized this year as part of European Cyber Security Month (ECSM), which hopes to draw attention to the “strong demand for IT security professionals” and the fact that “these specialists are very rare.”

Consequently, as a global problem, this evident skills shortage is “hampering efforts to defend information systems against criminals,” as ESET’s Stephen Cobb recently highlighted in a new paper at Virus Bulletin. More needs to be done to address this.

Small steps are being made

And efforts are being made. Companies, for example, are beginning to realize the importance of having a strategy in place in order to respond to potential threats. According to Phil Sheridan, senior managing director at Robert Half: “In order to successfully confront a proliferating breed of cyberattackers, companies need skilled IT talent who understand the current and evolving cyber threat environment.”

But how do people gain access to these lucrative and challenging roles? Whilst there are many IT security courses available, such as university courses and apprenticeship schemes, Peterson believes that cybersecurity professionals needn’t necessarily come from traditional routes.

“Employers still tend to search for employees with traditional requirements, but there are younger people with the aptitude and who, with the right training and mentoring, could succeed,” he notes. “We need to shift the workforce planning to recognize that there are alternative skills and ways to validate skills. Traditional routes are not the only way.”

Peterson elaborates, adding that although traditional qualifications may aid job security, in the future, should the “market become more competitive,” young people who wish to crack into the information security market should consider ways to demonstrate their experience.

“For example, purchaser paid competitions, volunteer work as an intern during the summer,” he says. “Young people can also seek internships or volunteer in roles that will give them the experience and work that will lead to a cybersecurity position.”

Virtual challenge

This fact has been recognized by schemes such as the Cyber Security Challenge in the UK, which this year has launched a virtual skyscraper in which participants can interact and game in a virtual space, with “security-related games, ciphers and competitions, all designed to spot talented individuals”.

As Stephanie Daman, CEO at the Cyber Security Challenge UK, remarked in 2015: “This is the next logical step to inspire an audience who may not yet even know that cyber is the career for them.

“By harnessing industry, government and candidate knowledge and expertise to find talent in new and innovative ways, we’ve created a world first – a virtual community that can be accessed whenever our candidates desire.”

Other recruitment initiatives include a Cyber Boot Camp run annually in California in which groups of high school and middle school students receive five days of intense education in cybersecurity, and government sponsored initiatives, such as the UK’s National Cyber Centre.

A secure future

With work likely to be stimulating, challenging and constantly evolving, and employers beginning to recognize and value skills and experience as well as traditional certification, it seems that those considering a move towards roles in cybersecurity can look forward to a lucrative, rewarding career with excellent prospects and most importantly, plenty of job security.

Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center