Working in cyber security gives me a first hand view of what its really like, especially the viability of cyber security as a career. Many people ask me about the prospects in cyber security and whether it’s reached its peak and is now slowing dying as a good career choice.
So, is Cyber Security dying? Cyber Security is not dying and has a positive outlook as a career currently and for the future. Primarily due to heightened awareness to cyber threats and attacks, especially after high profile cyber attacks, as well as acute shortages to meet demand for cyber security professionals.
Cyber security has gained plenty of prominence in the last few years with many serious cyber security incidents making prime time news. These cyber attacks have highlighted how so many organizations have been ill prepared to the threats in cyber space. Especially as the threats have continually evolved into more complex attacks, that can do a lot more damage than previously thought.
The repercussions to cyber attacks has also been realized, as it’s not just the loss of data but also the financial costs in terms of rectifying breaches, paying fines and penalties to the serious reputational damage caused by a cyber breach. Customers simply lose faith in organizations that fail to protect their data and put them at risk to cyber fraud like identity theft when they lose their data in data breaches.
For the foreseeable future with the number of cyber attacks increasing and becoming more and more daring, as well as complex, the demand for cyber security skills and knowledge will remain high.
Organization simply can’t afford to ignore the threat of cyber attacks and need to invest heavily in ensuring they are protected. The ones that fail to invest substantially, are the ones most likely to end up suffering financially, as the information stolen, damaged or destroyed is worth so much, that many consider it to be the ‘new gold’.
Cyber Security Awareness
Organizations are more aware of cyber security in the current climate as there have been a number of very high profile cyber attacks. We’re seeing more and more stories in the media about cyber attacks and their repercussions.
Why is Cyber Security awareness important? Many of these organizations have previously failed to take security seriously as they should have had. Their lack of awareness of the importance of cyber security has left them wide open to cyber attacks and threats. Now with cyber attacks on the increase and tougher government fines for data breaches like with the EUs GDPR, these organizations are now investing heavily into cyber security.
Cyber aware organizations are continually striving to improve their cyber security posture and invest for the future. Building security into their normal day to day policies and procedures including running training and awareness programs for their staff to ensure they are up to date with remaining vigilant against cyber attacks and threats.
So from simple cyber awareness programs like mandatory short courses on cyber attacks like phishing, password protection and avoiding viruses and malware to more complex, training involving detailed threat modeling to ensure development is done with considerations for security.
Cyber security has started to reach every facet of an organization from their frontline staff to the backroom staff involved in running the systems and services that keeps these organizations operational. Including the security of their vendors and the third parties they are involved with, from simple liaisons to complex data sharing arrangements. All areas with scope of significant damage from a cyber attack.
Cyber Security Skill Shortages
Cyber security has a shortage of people with the required skills needed in cyber security for the many job opportunities available. Resulting in organizations finding it incredibly difficult to find the right people to fill their cyber security vacancies.
Why is there a shortage of cyber security professionals? There is an acute shortage of cyber security professionals as there aren’t enough qualified and trained people with cyber security skills available to meet the demand for the increasing number of jobs requiring cyber security skills.
As a consequence of the skills shortage, the resulting salaries and rates being paid to cyber security professionals has seen a marked increase over the past few years. With some salaries and rates easily exceeding six figures a year in total.
With continued rises in pay expected as the cyber skills shortage shows no sign of correcting itself and will remain in place for a number of years. It’s difficult for organizations to get cyber security skills on the cheap as getting the hiring wrong could end up to hiring people who are I’ll equipped for the job with their substandard skills.
Organizations who haven’t invested enough in cyber security training within their organizations are the ones to feel the main brunt of the cyber security skill shortages. They are having to reach out to external cyber security sources like consultancies and independent contractors to try to fill the gap.
I work as a Cyber Security Architect where my role involves me reviewing what organizations are doing to prevent cyber attacks and threats and making recommendations to them, about what additional protections and procedures they need to put in place. So, they can have sufficient protection against attacks and cyber threats.
I’m never out of work for long, even when I’m looking for work, a large proportion of jobs I apply for on the job boards, ends up with a call. Compared to other IT fields, where there’s too much supply to meet demand and people struggle for opportunities, I don’t have that issue.
My only issue is whether I want to work for the organization looking to hire me, as I can end up being selective about the roles I take. I love working for large multinational organizations as I find the international diversity a breath of fresh air. I’ve not seen demand for my skills wane and expect to see the demand to remain high at least for the next ten years or so.
Artificial Intelligence and automation doesn’t bother me, as a lot of my role involves decision making and relationship building. Whilst decision making might be considered a good candidate for artificial intelligence to replace, without relationship building skills, the decision making becomes difficult for machines.
As the complexity of environments isn’t just a simple yes or no decision and requires a deep understanding of the people, technologies and processes involved. This is why I see cyber security not being wholesale replaced by artificial intelligence. Even now with increasing complex artificial intelligence being used to determine cyber threats using real-time threat intelligence, the jobs market is still buoyant.
Cyber Security Incident Management
Organizations are improving the way they deal with cyber security related incidents by having better planning through response plans and dedicated incident management personnel. This allows them to deal effectively with any incident, minimizing on the potential damage an incident can cause.
Likewise, incident management has seen an increase in demand for cyber security professionals with skills in this area. From working in dedicated security operations centers (SOC) to providing in-house incident management support.
Living and breathing cyber security as a living as shown me how in demand this career is, especially the acute skill shortages fanning ever increasing higher pay rises.
I can see this continuing into the future, with many more years of exponential growth in job opportunities as organizations end up struggling to find the right people to hire. I always recommend cyber security as the perfect choice for a good career for my friends and family to consider.
A friend of mine did a cyber security bootcamp in India. It was cheaper than doing one in the UK where he lived, even when flight costs, accommodation and meals was taken into consideration. Are...
I've worked in Cyber Security for a number of years and frequently get asked about the difficultly of working cyber security. Especially from people who are looking to break into cyber security, as...