Cyber Security Jobs & The Skills Gap

Both the UK and US governments are continuing to hire cyber security professionals. Commercial business  around the world is hiring IT and Cyber professionals with the requisite knowledge and skills to help organisations protect themselves against the growing cyber security threats.

The number of unfilled jobs in this area continues to increase, with no foreseeable drop-off in the immediate future. More importantly, however, is the fact that this career path already has a million unfilled jobs. 

Corporations, businesses, and governments cannot seem to fill all of their open positions. This is a troubling trend, especially considering the growing number of cyber criminals and the growing threat of cyber-crime. Knowing ahead of time which jobs you might apply for matters. While most cyber security professions do require a similar set of skills, most will have certain upfront requirements that you may not meet. 

When that happens, you’ll likely have one of two primary options: Gain the requisite knowledge before you apply, or acknowledge your lack of training, but apply anyway.

The first option might seem like a better one, but don’t jump to too many conclusions here. Cyber security jobs are still incredibly hard to fill. If a company believes that you have a good technical foundation, they may be more than willing to hire you for the job and help you get the rest of the skills you need to perform those job duties in full.

Computer security jobs cover several core skills areas, but they are far from the same. And when applying for your first job in cyber security, you might want to avoid sounding like you’re not talking about the correct field. You’ll see the computer and internet-related security fields come with a lot of different titles: internet security, network security, cyber security, information security. It’s easy to assume they’re all the same thing, but understanding the nuances between them may place you further up the list of potential applicants. 

Network Security and Cyber Security
IT and networking leader Cisco states that “network security” is “any activity designed to protect the usability and integrity of your network and data.” That protection includes both software and hardware solutions. It’s best to think of network security as security efforts designed to help ensure that the network is strong from the inside, and focuses its efforts on ensuring that the “castle walls” are strong.

Undoubtedly, of the many computer-related security branches, network security is perhaps the largest and as you might notice, while network security primarily focuses on activities that occur within the network, it’s designed around keeping malicious actors from accessing those networks. 

A large focus for network security is on looking at how individuals within the network are working with and accessing the information or resources. After all, there’s no point in having internal security measures in place if someone on the inside with rights access is giving it all away (or acting against the network themselves).

Information Security
Perhaps one misconception with cyber security is that the only individuals hired into this industry were former hackers or those who have been poking around networks since they were children.

However, anyone can get into cyber security by acquiring the proper training and education.

Where network security is more centered around preventing unauthorized access to a network or misuse of that network from within, information security is more singularly focused on preventing information from falling into the wrong hands. Quite understandably, information security (often called “infosec”) and network security have a lot of overlap. For example, some of the same software used by network security professionals will also be used by information security professionals.
Information security professionals, who may also be called “data security” workers, are often concerned about the acronym C.I.A: Confidentiality, Integrity, and Availability of data. 

For infosec professionals, this means that network architecture is not so much important as it is making sure that the data within that network is protected, viable and accessible for users, as well as kept out of the hands of individuals who might abuse that data. 

Infosec professionals will, therefore, be far more concerned about what happens to the data after a data breach and will spend far more time concerned about data stored on the servers. All of that taken together, however, cyber security/network security and information security are increasingly falling under the same banner. Still, there are some differences you may want to consider when looking for jobs, as most security jobs will eventually require you to specialise in a few key areas. 

Much like any other area of study, the entire field is a bit too broad for one person to easily become an expert in all facets. You can, however, focus more on data security or more on network security as your primary field of expertise.

Cybersecurity talent is still expensive and hard to find.
One reason for this is the very fact that cybersecurity is now more widely considered a critical function. Demand for security skills, once limited primarily to government and the defense industry, has spread throughout the economy. The changing priorities and tactics of cybersecurity are reflected in hiring patterns.

Overall, the field is emphasizing deploying automation and managing risk more effectively. That is partly in the belief that these tactics will be more effective in preventing breaches, but it is no coincidence that they also alleviate the need for hard-to-hire human workers. In addition, projections show that the next generation of cyber-security workers will need skills in Cloud Security and the Internet of Things.

Key Findings in the US, which often apply World-Wide:

  • The number of cybersecurity job postings has grown 94% since 2013, compared to only 30% for IT positions overall. That’s over three times faster than the overall IT market.
  • Cybersecurity jobs account for 13% of all information technology jobs. On average, however, cybersecurity jobs take 20% longer to fill than other IT jobs, and they pay 16% more. On average, that works out to more than $12,700 per year.
  • Yet for most IT workers, cybersecurity is one among many responsibilities rather than a dedicated role. More than half of jobs demanding cybersecurity skills are in fact other IT roles, where security is only one part of a broader job description.
  • Demand for automation skills in cybersecurity roles has risen 255% since 2013, and demand for risk management rose 133%.
  • Public cloud security (170%) and knowledge of the Internet of Things (140%) are projected to be the fastest-growing cybersecurity skills in demand over the next five years.

Comparitech:           Burnng-Glass:          Computerworld

You Might Also Read:

Want A Career In Cybersecurity?:

Are Women Better At Cyber Security?:

 

« Is The Cloud Skills Gap A Problem?
Shockwave - A Global Transformation In Warfare »

Perimeter 81

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

Networkers

Networkers

Networkers is a global recruitment consultancy helping unite job-seekers and hiring companies across the technology industry.

Armorblox

Armorblox

Armorblox uses deep learning and natural language understanding (NLU) to analyze all textual data and associated metadata to protect organizations against attacks.

Tortuga Logic

Tortuga Logic

Tortuga Logic provides expertise, design tools, and technologies to facilitate the design of secure hardware.

Aria Cybersecurity Solutions

Aria Cybersecurity Solutions

Aria Cybersecurity Solutions deliver solutions for enterprise-wide network security and data protection.

CriticalStart

CriticalStart

CriticalStart provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

Secure Systems Innovation Corp (SSIC)

Secure Systems Innovation Corp (SSIC)

SSIC is a cyber risk analytics firm whose mission is to improve how businesses manage cyber risk through the power of data analytics. SSIC developed the X-Analytics cyber risk decisioning platform.