NCSAM Week 2: Educating for Careers in Cybersecurity

People sitting using different devices

This week’s theme of National Cybersecurity Awareness Month is “Millions of Rewarding Jobs: Educating for a Career in Cybersecurity.” There’s good reason why this topic deserves a week in the spotlight – it’s a hot job market, yet there are not nearly enough candidates to go around and an even worse deficit of talent ahead.

We all need to engage more with the people in our lives who are interested in pursuing a cybersecurity education or switching jobs to enter the field. Let’s give them a little encouragement, share resources, and introduce them to others in our networks.

And here’s why this is so important.

More Crime Requires More Crime Fighters

As a result of an ever-increasing rate of cybercrime attacks we need more skilled professionals to bolster defenses against a common threat. According to Cybersecurity Ventures, more crime will lead to triple the number of job openings over the next five years. The firm also noted that the current deficit of qualified cybersecurity candidates will only get worse – with 3.5 million unfilled positions by 2021.

Cyber Seek, a NIST-funded program, identified nearly 302,000 cybersecurity job opportunities listed online in the twelve months ending this past March. In tandem, they estimate there were 768,000 people employed in cybersecurity-related jobs last year.

Security professionals are problem solvers, just like their peers in IT. But there aren’t enough of them available to join an organization, and without enough resources, cybercriminals will pounce on every opportunity and gap they can uncover.

Not everyone is cut out for a career in cybersecurity. The job typically (but not always!) requires a good amount of technical acumen. It can be stressful. There’s a constant battle against  shapeshifting malware variants and social engineering techniques. And not unlike other areas of IT, budget and resource constraints can make the job even harder.

But for those with the mettle to take on the challenge and get satisfaction from keeping information out of the wrong hands, a career in cybersecurity is a great fit.

A career in cybersecurity provides for a variety of roles including analyst, engineer, researcher, architect, tester, consultant, and educator. On the job, you can expect to protect data, networks and systems, and in some cases protect people and physical sites. You will learn how to implement and manage security tools and services, create plans, and monitor activities. And when an event or incident occurs, managing and solving the problem will move front and center immediately.

Security Pro Q&A: Weighing in on Education and Career Paths

I spoke with three cybersecurity professionals to learn more about how they got where they are today, advice and encouragement they have for others, and why they like their jobs. Here’s what they had to say:

What was your path that to your current role?

  • “My career in cybersecurity began twelve years ago with a serendipitous introduction. At the time I did not have a technical background. My work was focused on executive communications. A friend connected me with a contact at a firm that needed someone to write and communicate about security. I found that I had a knack for effectively translating the technical and complex world of security for broad audiences. Over the years my scope has grown to creating security content for training, education and awareness. In tandem, I bring the user’s perspective to product development teams and gather requirements for design, testing and implementation.” — Deborah Ferrazano, Security Engagement Manager at Logmein
  • “I have been interested in computers my entire life and pursued an education in engineering and computer science. While in school I took courses on cybersecurity and found my passion. I am active in local security communities and am now a security researcher and analyst for a large company.” – Julien T., Security Researcher

What advice or encouragement would you give to students or others who are interested in a cybersecurity career?

  • “Develop a deep understanding of a technical subject: hardware, operating systems, networking, cloud platforms, software architecture. Whatever it is that you look at and say ‘how does thatwork?’. Learn how to code, at least a little, no matter what you’re going to do next. Then broaden your scope so that you have at least a little depth in other areas and can see how they interact, because the interfaces between them – especially between the humans and the computers in each case — are where a lot of interesting security problems live. Read a lot – books, blogs, whitepapers, security news of the day. Dig in until you understand what broke in a given case. How did that malware spread? How were those credit cards stolen? Tinker – build stuff, tear it apart, build it again, because if you can’t build it you probably can’t break it. It’s a great time to be a security researcher. Find the communities working on problems you find interesting and contribute.”  – Grant Kahn, Director of Product Security, Nuance Communications
  • “Read, research, listen to security podcasts, and find internships and mentoring programs. There’s a huge range of roles and experiences available within the cybersecurity field – some highly technical, some operational, some (as in my case) more focused on educating people and positively influencing their behavior. The sky’s the limit, the demand is huge and the rewards – professionally, intellectually, and monetarily – are great.” – Deborah
  • “Do what you truly believe in. If you try and fail, learn from it, and keep on trying. Stay curious and open-minded.” – Julien

What do you like most about working in cybersecurity?

  • “I’m on a mission to help family, friends, coworkers, customers and perfect strangers stay cybersafe and secure.” – Deborah
  • “As a curious soul, I’m almost always learning new methods and ways to protect my company, my colleagues, and our customers.” – Julien
  • “I like working with the kind of people who are drawn to cybersecurity – smart, curious, focused, and usually a little devious.” – Grant

Cybersecurity Education and Career Resources

After you’ve shared encouragement and opportunity with those in your life who are considering a cybersecurity professional education, pass along some resources to get them going in the right direction: