The path to becoming a Cybersecurity Professional
Cybersecurity is one of the most in demand disciplines in the technology world today. With cybersecurity risks increasing each day, month, and year, skilled cybersecurity technicians are sorely needed to help protect the digital assets of organizations around the world. Attackers are using more sophisticated tools and technologies than ever before. Meeting the security challenges to defend business-critical assets requires skilled cybersecurity professionals to counter increasing attacks against organizations.
What is cybersecurity? How can one enter into the world of cybersecurity? Do you have to have a specific background to work in this field? How has cybersecurity changed in the last few years? What skills are needed now?
What is cybersecurity?
Cybersecurity is an ever-evolving description of the overall processes, people, and technology used to protect an organization’s digital assets and people from cyberattacks. While it involves a combination of resources, the cybersecurity professional provides a crucial component of any cybersecurity methodology. No matter how advanced the technology or security mechanism, skilled cybersecurity technicians are still needed to provide intelligent implementation, monitoring, and the “human factor” to the overall cybersecurity framework.
How can you become a cybersecurity professional?
There is one common theme among cybersecurity professionals – there is no standard path. The paths and backgrounds of cybersecurity professionals today are as vast and varied as the cybersecurity field itself. Some cybersecurity professionals studied information technology or application development. However, many did not study information technology or take any college programming classes and may have degrees in other disciplines.
A few years ago, cybersecurity degrees, classes, and other training was unheard of and simply included with general IT disciplines. Fast forward to the current state of affairs. Cybersecurity is a hugely popular field of study with countless jobs available and many specialized disciplines apart from general IT. How many jobs are available? Cybercrime Magazine noted:
“Members of the ISC(2) leadership team recently posted a blog on their website which states “the cybersecurity skills shortage is expected to result in 3.5 million unfilled positions by 2021” (according to Cybersecurity Ventures via Forbes) — which underscores ISC(2) ‘s alignment to our research.”
Getting a degree in cybersecurity can undoubtedly help to ensure one stands out among other candidates for certain positions. However, never underestimate the value of co-op or internship positions that can help you gain valuable hands-on experience and on-the-job training in real-world cybersecurity operations.
An added benefit to working in a co-op or internship position with a company or other organization is that you can get hands-on experience learning their specific cybersecurity tools and getting the same training as a full-time employee. Many companies hire interns straight out of college to fill cybersecurity positions as they already have the fundamental training they need to hit the ground running.
What can you do if the door to co-op, internship, or other position does not open to you? While on-the-job training as an intern is a great fast track to learning cybersecurity, it is by no means the only way. What are things you can do to gain experience and get exposure to the world of cybersecurity?
A great way to connect with others and get exposure to various opportunities is through the cybersecurity community. Connect with others on platforms like Twitter, Reddit, Instagram, and other social media networks. Attending conferences provides opportunities to meet and network with others. Even though most conferences and seminars have been held virtually this year, take advantage of the opportunity to connect with others.
Build a cybersecurity lab environment, either at home or in the cloud, and gain experience using tools and platforms widely used by many organizations. Companies like to see cybersecurity professionals that not only treat the profession as a job but view it as a hobby and have a passion for learning new cybersecurity tools and disciplines.
How has cybersecurity changed in the past few years?
Many of the changes seen in cybersecurity involve new and emerging threats coming on the scene. Ransomware has certainly been major news over the past two or three years, increasing in both scale and sophistication. It is only going to become worse. Cyberattacks and the tools used to perpetrate them were traditionally associated with sophisticated hacker groups with the skills and prowess to pull off an attack. However, new Ransomware-as-a-Service (RaaS) services can be purchased by anyone on the dark web for a small monthly fee.
Now relatively inexperienced “script kiddies” can have access to very sophisticated tools that can devastate entire organizations with a destructive ransomware attack. Also, ransomware groups are forming what is now called “ransomware cartels.” These equate to organized crime groups working together to pull off major ransomware attacks around the world.
Cybersecurity professionals not only have to protect against the more traditional “lone wolf” hacker of days gone by, but these much more prevalent sophisticated cybercrime groups. Hackers are also going after the cybersecurity companies themselves, such as the recent FireEye breach where hackers compromised “red team” source code.
Cybersecurity is an ever-evolving world of new threats and skills required to combat those threats. It will be part of the growing challenge for cybersecurity professionals to stay ahead of the curve with new and emerging threats on the horizon.
Cybersecurity skills needed in 2021
There are many different areas of cybersecurity that will continue to see tremendous growth in 2021 and beyond. With that in mind, what specific skills will tomorrow’s cybersecurity professionals need? According to CSO Online, Top 10 in-demand cybersecurity skills for 2021 include:
- Risk identification and management
- Technical fundamentals
- Data management and analysis
- Threat hunting
- Interpersonal skills
- Business acumen
There is no question. Cybersecurity is an exciting field with tremendous potential for growth. There will continue to be a shortage of cybersecurity professionals in the foreseeable future. It will prove to be a large open door of opportunity for those interested in the field and have a thirst for learning and hard work.
Be sure to look at SecOps Studio’s interview with a cybersecurity expert detailing her journey to becoming a cybersecurity professional.
Guest: Shannon Brazil