2017 has been a very busy year for cybersecurity professionals. It seems weekly, if not daily, news breaks of a new data breach or intrusion of critical systems. Among others, WannaCry, Petya, NotPetya and Brickerbot malware has been introduced from multiple threat actors across multiple global sectors. While emerging threats have companies and governments scrambling around the globe, it provides significant opportunities for cybersecurity professionals seeking to apply their skills in defense of targeted systems.
Estimates vary when analyzing costs associated with data breaches, but most security leaders agree on two points: the frequency of cyber attacks are increasing, and the attacks are becoming more sophisticated. With the increase in sophisticated attacks comes the greater need for a talented workforce armed to counter the associated threats. Growing threats and a rapidly changing set of security requirements has led to a shortage of cybersecurity professionals. According to cyber non-profit ISACA, the skills gap will result in a shortage of two million security professionals by 2019. Cybersecurity careers are not limited to IT companies or professional service firms, but transcend across the many private and public sector industries most often targeted by cyber criminals, including healthcare, financial, retail, transportation and government. October is National Cybersecurity Awareness Month, and now is a great time to pursue education and certification credentials to help fill the skills gap. Here’s a look at a few of the positions that will see explosive growth:
- Cybersecurity engineers aid in acquiring and developing secure computer networks by bringing together aspects of systems engineering, operational security and software engineering.
- Cybersecurity analysts deploy complex security assessment tools to monitor network traffic and activity in order to identify and respond to potential intrusions and data breaches.
- Network architects design and build data communication networks, including local area networks (LANs), wide area networks (WANs), and organizational intranets for internal communications and data transfer.
- Cybersecurity managers typically have hard and soft IT skills required to oversee teams of people who are responsible for protecting digital assets from cyber threats.
- Software developers research, design, program and test computer software in support of core business objectives, usually in close collaboration with end users.
- Systems engineers integrate multiple disciplines and user groups into a team. They facilitate process structure with multiple business objectives in mind and seek process efficiency in design, development, operation and retirement phases.
- Systems administrators configure, maintain, troubleshoot and repair operational components of computer systems, especially those connected by interoperable, multiuse networks.
- Information technology auditors conduct periodic reviews to evaluate IT infrastructure. While typically done to ensure compliance with policies, rules and regulations, auditors also can determine whether appropriate controls are in place to protect organizational assets from damage or theft.
- Penetration testers perform controlled attacks against an organization’s computer systems, networks and web applications. The tests are undertaken to reveal vulnerabilities which could be exploited by adversaries and identify steps to mitigate the risk.
The above list is certainly not exhaustive, nor do the titles or descriptions fit in nice little boxes. Like the cybersecurity landscape overall, professional cybersecurity positions are ever-evolving. Threats are growing more persistent, and becoming more sophisticated. Attacks are growing in frequency, targeting financial assets, industrial control systems, IoT devices and data-rich content. Now is the perfect time to obtain or hone the skills so desperately needed to defend against the cyber threats of today. But be prepared, as the needs of tomorrow will require awareness of the changing landscape and constant education to remain ahead of the curve.