The cybersecurity sector is one of the sectors with the highest prospects for job growth. In 2016, Forbes forecast that the total market for cybersecurity services would grow from $ 75 billion in 2015 to $ 170 billion in 2020. Both small and large companies have noted the need to hire qualified IT security professionals who can help them protect their networks, customers and partners.
Our recent research indicates that last year, a third of companies included improving internal security among their top three priorities in their IT security investment. Almost half acknowledged that they were experiencing a talent shortage.
But finding the right talent to fill this growing opportunity is being a challenge: It’s rare to find a lack of skills for an industry in constant technological growth like this. The Forbes article mentioned that in 2016, 209,000 cybersecurity jobs available in the United States remained unfilled. And this gap does not seem to decrease. At the beginning of the year, TechRepublic estimated that the number of cybersecurity jobs that would not be filled due to talent shortages would reach 1.8 million job openings by 2022.
What is causing this talent gap in the cybersecurity sector, and how can we increase it? What additional skills do college students need to meet the requirements of the best cybersecurity companies?
To answer this, we have spoken with various IT and HR executives at Kaspersky Lab. And based on their responses, we have compiled these six tips:
1. Get Scholarships And Certifications
Our first tip seems obvious, but it is one of the most important steps in a cybersecurity career. The best cybersecurity companies want employees with a basic level of experience. Gone are the days when the entry-level was for inexperienced people. Technology workers must master the basics and have the experience to demonstrate that they can enter a position ready to contribute.
For those who are looking for work, we advise you to look for advanced certifications, for example, CISSP (Certified Information Systems Security Professional) as a minimum. Additional certifications will make you more attractive to employers.
2. Master The Basic Principles In Cybersecurity
Certifications for a cybersecurity novice can vary. But any student who wants to enter this industry must have solid fundamental knowledge and technical understanding of networking. Here are some basic areas to focus on:
- How the servers work
- How clients work
- How cloud networks and services work
- How an SPI Firewall Works
- How a Next-Gen Firewall Works
- How IPS / IDS systems work
- How exploits work
And those interested in a career in fighting malware, reverse engineering skills are necessary.
3. Follow The Leaders
Few IT sectors go faster than cybersecurity. So how do you keep yourself updated? It is very easy: read, read, and read a little more. Create a list of cyber leaders on Twitter, follow the news and analysis on the latest cyber threats.
Learn all available information about Petya, NotPetya, and other threats, and follow the news on international hacker groups to familiarize yourself with the threat landscape. Understand how hackers infiltrate networks and learn how professionals detect and mitigate DDoS attacks.
4. Show What You Are Worth
As in our advice on scholarships and certifications, it is important that each applicant to this sector has the experience and can demonstrate their skills. One way to demonstrate your skills is by setting up a test environment. This will help you gain experience and demonstrate your potential to employers. Any work you can do to gain credibility as a threat analyst or engineer will be time well spent.
5. Choose A Specialization
Specialization is important to the success of your career, especially in computer engineering. Below, we leave a series of recommendations for those future leaders in cybersecurity.
Security engineering, or defensive security – anti-DDoS, web content filtering, IDS / IPS, firewalls
Security audit – pen testing, patch deployment confirmation, password audit, forensic, ethical hacking
Information Security / Incident Response – SIEM, Security Policies, Log Analysis, External Audit Response, DLP (Data Loss Prevention)
Application security – review of application code security, quality control of application development, architecture review, security standards for application development.
6. Have A “Hero” Mentality
An important part of working in cybersecurity is having a strong and positive mindset, a kind of hero complex. At Kaspersky Lab, our mission is to save the world from cyber threats, and we don’t take it lightly. Criminals are a great threat in our society, and cybersecurity professionals need to have high ethical and moral standards, they must want to do good and make the Internet a safer place.
It is also important to note that ethical hacking is a very stressful job. Cybersecurity professionals not only have to stay on top of the latest threats, read and research these topics in their spare time, but they must also take advantage of black hat hackers. You will have to be at events to know protocols, operating systems, and policies from foot to foot. You have to like this stress and be aware of everything that happens in the industry.
There are more opportunities than ever available in cybersecurity for smart and persistent researchers and developers. Follow these tips and you will soon be at the forefront of the war against cybercriminals.