Email hacks. Computer attacks. Device hijacks.
Cybersecurity woes have been all over the news lately. And those incidents play a big role in prompting government agencies and private companies to fill thousands of jobs in the growing field of cybersecurity to keep us safe online.
“We need enough good guys to protect against the bad guys,” said Renault Ross, Symantec chief cybersecurity business strategist, in a recent #iamtech article about jobs and training.
Recent cybersecurity assessments reveal:
- In 2015, Symantec’s Internet Security Threats Report noted the reported number of exposed identities jumped 23 percent to 429 million, and there were over 1 million attacks on people each day.
- From 2000-2015, demand for cybersecurity professionals increased 3.5 times faster than the demand for other IT jobs and increased more than 12 times faster than the demand for other non-IT jobs, says the Peninsula Press.
- An estimated 500,000 to 1 million cybersecurity jobs remain unfilled in the United States. This gap is expected to grow to a staggering 1.5 million by 2020, says CSO Online magazine. Globally, by 2019, the demand for cybersecurity professionals is expected to increase to approximately 6 million.
“We must bridge this gap,” Ross said.
Threats at home and work
As the Internet of Things ties more of our devices together, threats and challenges grow because manufacturers rush to market with cool products with weak protections, Ross said.
You could feel a hack in your own home, Ross explained:
“If you own a smart refrigerator and a smart coffee maker, it’s only a matter of time before someone does a denial of service to your refrigerator to turn off your coffee maker before you wake up. Imagine if that happened in every kitchen nationwide: people would be walking around like zombies without their coffee.”
More seriously: Hackers could hijack your Wi-Fi-connected thermostat and hike it up to 99 degrees until you pay a ransom. When you go to the office, they could use your smart device that talks to your hacked refrigerator to connect to corporate servers.
“And suddenly bad guys are searching company infrastructure,” Ross said.
How to get hired
Cybersecurity jobs span industries such as finance, retail, education and media.
The median annual pay for an information security analyst is $90,120, says the U.S. Bureau of Labor Statistics. Traditionally, you need a bachelor’s degree and experience in a computer-related job.
But the demand for a broader cybersecurity workforce has led to the creation of specialized certificate programs, some even free.
Top certifications include:
- CISSP: Certified Information Systems Security Professional, a high-level credential focused on security policy and management
- CISA: Certified Information Systems Auditor, for professionals who audit, control, monitor and assess information technology and business systems
- Security+: Systems Security Certified Practitioner, an entry-level certification
- CISM: Certified Information Security Manager, geared toward managers
The U.S. Department of Homeland Security, through its National Initiative for Cybersecurity Careers and Studies (NICCS) provides a centralized online catalog with an interactive map showing where more than 2,800 cybersecurity-related courses are offered.
Homeland Security also offers free online cybersecurity courses for federal employees and veterans.
The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) on Nov. 1 introduced CyberSeek, an online tool to make it easier for cybersecurity job seekers to find openings and for employers to identify skilled workers they need. An interactive map of the U.S. shows supply and demand of cybersecurity jobs, while a career pathway explains jobs, starting at entry level and advancing to midlevel and advanced career opportunities, along with the skills and credentials needed at each level.
For example, more than 17,000 job openings exist for entry-level incident analyst/responder with an average annual salary of $71,000. About 15 percent of the job postings do not require a bachelor’s degree. From that job, you could advance to, say, midlevel penetration and vulnerability tester, which has nearly 13,000 job openings, each paying an average of $91,000 yearly. From there, you could advance to be a top-level cybersecurity engineer, which has nearly 46,000 job openings with an average salary of $108,000.
To help build its workforce, Symantec’s Cyber Career Connection (SC3) partnered with nonprofits in New York, Dallas and the San Francisco Bay area to offer free training programs focusing on underrepresented young adults, including minorities, women and veterans.
Up to 20 percent of cybersecurity roles can be filled by candidates with proper training but without a four-year degree, Symantec estimates.
Patrick Roserie, a security researcher at the New York Times, said in another #iamtech article that he learned IT training was available free at a nonprofit called NPower while he was a security guard at New York Foundling, a children’s services charity. NPower trained him in the basics of computers as well as how to interview for jobs.
“I wanted to get into network security, not physical security,” Roserie said. “I went back to school to earn my associate’s degree in network administration and security.”
He did an internship with Symantec, which introduced him to SC3, through which he specialized in cybersecurity.
“Even though I spend a lot of time looking at tiny pieces of code, I feel like I’m part of a bigger picture,” Roserie said.
“At the Times, I feel like I’m supporting the mission of the newspaper and its reporters. It’s like they’re in the Wild West as they travel around the world. It’s a fun challenge, keeping them cyber secure as they report their stories. In my own way, I’m helping get the paper out every day.”
Would you be interested in a cybersecurity career or know someone who might be? Share your thoughts in comments below or on our Facebook page.