Rethinking cyber learning—consider gamification

This post originally appeared on Microsoft’s Security Blog, authored by Mark McIntyre, Executive Security Advisor, Enterprise Cybersecurity Group

28 Bits and Bytes About Cybersecurity Careers You (Probably) Didn’t Know

According to a report from ProtectWise and Enterprise Strategy Group, only 9% of millennials said they are interested in pursuing a cybersecurity career at some point in their lives. Much of the reasoning behind the low percentage of cybersecurity professionals is due to lack of awareness around cyber. Many are aware of other computer-related fields including video gaming, engineering and IT but “cyber” never quite rises to the top of the list during career path conversations with aspiring professionals.

To bring cybersecurity to the surface as a strong and lucrative career option for young professionals, we’ve taken the liberty to share some fast facts and fun things about the industry.

Fast Facts About the Cybersecurity Industry

·     The market is expected to grow to over $300 billion by 2024 according to a report from Global Market Insights

·     The demand to fill cyber jobs is great – over 300,000 cyber positions are available in the U.S alone

·     There are 33 distinct areas of cybersecurity work according to NIST/NICE

·     The national average career salary is $93,000 (on the low end) for a security-related position in the U.S. according to the Robert Half Technology’s 2019 Salary Guide

·     Earning cyber certifications like CompTIA Security + Certification and Certified Information System Security Professional is highly regarded and respected amongst prospective employers (impress the hiring manager and prove your value)

·     Information security jobs are expected to increase by 32% through 2028 according to the Bureau of Labor Statistics

Technical Abilities and Knowledge Needed for the Cybersecurity Industry

·     IT fundamentals like system and web application administration

·     Coding skills (C, C++, Java, Python, Ruby, Perl, PHP)

·     Understanding network architecture, administration and operating system functionality, policies, performance, and features

·     Database knowledge from permissions access to structure to storage security

·     Understanding of how attackers operate and function

·     Foundational understandings of things like risk management, networking basics, toolkit maintenance and situational awareness of what’s happening in the industry today

Professional Skills Needed for the Cybersecurity Industry

·     Leadership – Call the shots alongside a team of cyber pros to build decision-making skills

·     Communication – Articulate what and how threats need to be mitigated to teams

·     Analytical thinking – Reflect and continuously learn the hacker mindset to grow your understanding of why and how attacks happen

·     Passion for learning and developing skills – Learning never stops as long as technology keeps advancing. You’ll find new ways to secure assets and data with every keystroke and software update

·     Determination – You’ll want to protect critical assets just as your own PII is at stake (imagine having your own bank account hacked and wanting to do something proactive about it)

·     Collaborative – You’ll likely work alongside a crew of cyber enthusiasts, and will need to work in harmony in order to keep security posture hardened

·     Writing – Developing reports to roll up to your security and business supervisor will require stellar writing skills so they can understand the technical jargon in laymen’s terms

The Benefits of a Cybersecurity Career

·     You’re never bored—there’s always an attacker to stop or a vulnerability to assess

·     You get to learn about and use cutting-edge technology

·     There’s always a new challenge to tackle (and if you’re a problem-solver, this is fun!)

·     You’ve likely got job security as positions like information security analysts and penetration testers are in demand in every industry

·     You can advance in your expertise as a professional (there’s no limits to moving up the ladder or laterally across it to grow in knowledge and abilities)

·     Remote work in cybersecurity is prevalent as cloud-based services and VPNs are expected parts of how companies operate today—you can live and work anywhere

·     A cyber career straddles both public and private sectors, so you can have the benefits either division brings based on your professional preference

·     Increasing your value in cyber is easy with persistent training platforms like Project Ares that can complement degree programs and virtual, online courses

·     Recruiters will look for candidates on LinkedIn so if you think you’ll have a sweet gig out of college or your school training, just wait. Google might call. No, seriously.

Getting a job in cybersecurity doesn’t have to be an intimidating process. If you haven’t been taught the basics and/or are looking to change careers for something different, launching a cybersecurity career can start with basic learnings that lead to more formal training, certifications, and skills development. And there are several online resources for developing security competencies that are free or at minimal cost. These can be complemented with cyber range training to expedite learning to land the cybersecurity job you want.

In addition to your own search about how to start a cyber career, NIST/NICE is kicking off National Cybersecurity Career Awareness Week (November 11-16, 2019) by asking for commitments from businesses and professionals: commitments to promote the awareness and exploration of cybersecurity careers via event hosting, sharing materials on social media or distributing creative assets. Be on the lookout for these businesses sharing important details about job postings, hiring in their own company or distributing materials and advice to help career searchers learn, grow, discover, and thrive in this dynamic industry.

Happy cyber career searching!

Photo by Danial RiCaRoS on Unsplash
Photo by Fabian Grohs on Unsplash