The cybersecurity sector is one of the hottest job markets in the world. In 2016, Forbes projected the total market for cybersecurity services would grow from $75 billion in 2015 to $170 billion in 2020. This has increased the need to hire qualified IT security professionals who can help protect businesses networks and customers.
What has caused the cybersecurity skills gap? Truth is; IT related field jobs aren’t as sought after courses in college or university as they once were. Enrolment is less than half of what it was from the 90’s. Same could be said for Teaching and Policing jobs, newer generations aren’t as excited to take on those once fought after positions.
Obviously, you aren’t one of those people, here are some tips in how to get into a cyber security career:
Pick a Speciality
Specialization is key, you can’t be a jack-of-all traits, and you shouldn’t have to be. Figure out what you are already good at and see how you can apply that to a security field:
- Security engineering, or defensive security: anti-DDOS, Web content filtering, IDS/IPS, firewalls
- Security auditing: pen testing, patch deployment confirmation, password audit, forensic, ethical hacking
- Information assurance / incident response: SIEM, security policies, log analysis, external audit response, DLP
- Application security: application code security review, AppDev QA, architecture review, AppDev security standards
Follow Experts on Social Media
I’ve learned more from security experts on Twitter, then any certification could provide. I love how theories you are learning about are discussed in real-time.
Cyber security isn’t glamorous, it isn’t all CSI Cyber. A lot of it is repetitive and everything you do will somehow be loosely related to Networking protocols.
You should understand how a servers work (cloud, dedicated, raspberry pi…), how clients work (access the internet, files, VPN when working remotely…), and how they could be exploited.
This doesn’t mean you need to know how to code, but you should at least understand the theory behind how the internet runs.
If you have no real world experience or an IT related degree, the only way someone will every be willing to hire you is with a Security Degree
CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career. It’s the most competitively priced certificate, and most widely accepted.
Figure out what your job will really look like
Take Pentesting as an example. The job sounds cool and “sexy”, but in reality you can’t break into anything connected to the internet. Pentesting is more like Boxing; boxers get their big break and get front page news once in a while, but what people don’t see are the countless hours in the gym, getting beat up by trainers and better boxers.
I suggest looking the worst part of any job, and ask yourself if you are willing to do with a smile. A teacher has that problem kid that disturbs the class, in construction you work the coldest & hottest days of the year… what issues are you going to have to deal with when you start your new career? Is your family going to be ok with you responding to a breach during Christmas dinner? These are things you should reflect on before selecting which specialty you want to take on.
With the nature of cyber security, this job will always require constant learning. You have to love to learn 🙂
I hope this article will be a recipe for success.