As a part of the new reality brought on by recent times, the past year and a half have prompted enterprises across industries to go online to ensure business continuity. While the increased digital reach has enabled businesses to connect with new customers and serve the existing ones better, the push for online channels also presented a new concern in the form of digital risks.
Cyber-attacks have become increasingly prevalent in the new normal. According to Verizon’s Data Breach Investigation Report 2021, the number of confirmed data breaches increased significantly from 3,950 in 2020 to 5,258 in 2021. As such attacks and reports of stolen user/customer data regularly make the headlines, enterprises are recognizing the need for cybersecurity services, and there has never been a better time to pursue a career in this rapidly growing field.
Why a career in cybersecurity?
To begin with, zero percent unemployment is undeniably an attractive perk. Imagine being part of an industry that is likely to stay relevant and in demand for the foreseeable future. Cybersecurity is the need of the hour, and firms are always competing for the best talent.
According to the Cybersecurity Workforce Study by (ISC)², 65% of organizations involved in the study had a shortage of staff dedicated to cybersecurity. Moreover, 51% of cybersecurity professionals mention their organization is at moderate danger because of this shortage.
With the growing risk of cyberattacks, many enterprises are incorporating security and business continuity planning, right into their corporate culture, for which cybersecurity professionals are highly sought after right now. As the demand for qualified talent in the industry far outweighs the supply, those with the right set of skills stand to earn very lucrative salaries. Furthermore, the job is highly challenging and engaging. With continuously evolving cyber threats, no two days at work will be the same as there will always be new challenges to tackle and something new to learn in this field.
Our reliance on the internet has exponentially increased in recent years, and as our technology advances, so do criminal exploits. Cybersecurity professionals play a vital role in ensuring the safety of critical systems like electricity, healthcare, transportation, and financial institutions, among others. Thus, for those who want to pursue a career that has a real impact on people’s livesin terms of data security and smooth running of data systems, this might just be the domain.
The most in-demand skills for a career in cybersecurity
To sustain a thriving career in cybersecurity, professionals need practical, hands-on technical skills for carrying out their tasks effectively. These can include:
- The technical know-how of configuring networks,installing firewalls, development/deployment of applications
- Robust pen-testing (or penetration testing) abilities
- Knowledge of a key framework, compliance, and/or industrial controls. For example, Lockheed Martin Kill Chain, OSI Model, PCI-DSS, OWASP Top 10, MITRE ATT&CK, HIPAA, FedRamp, SOX, etc. This is especially important for cyber security engineering roles
- Strong hold on common programming languages, such as Java, C/C++, disassemblers, assembly languages, and scripting languages (PHP, Python, Perl, or shell)
- Working knowledge of architecture, administration, security issues, and management of operating systems (Windows, Mac OS, and various Linux distributions), along with networking tools and virtualization software.
Furthermore, it is also crucial for aspirants to develop domain skills in areas of digital identity, application security, cyber defense, infrastructure security, and cloud security. The ability to link cybersecurity solutions to address business challenges will allow cybersecurity professionals to connect with business requirements and enable faster career growth.
In addition to technical skills, acquiring the following soft skills is equally important:
- Communication – Excellent written and verbal communication skills are a must-have, for cybersecurity professionals are required to interact with people within the organization who may not have a technical background (such as C-Suite executives, stakeholders, and management) to educate them about cyber threats. In the event of a cyber-attack, a cybersecurity analyst must be able to communicate the problem and coordinate an incident response with other members of the organization. Hence, possessing the ability to present and defend complex concepts in layperson’s terms, provides a significant advantage. Communication skills also play a vital role in facilitating training to address security policy and protocol.
- Critical Thinking for Problem-Solving– A career in cybersecurity requires an individual to have strong analytical skills and critical thinking to find unique solutions to a problem. Analytical listening is highly sought after in cybersecurity because professionals need to convert interpreted information into action. Security threats are often dexterous and difficult to recognize. Minor changes to incoming traffic can reveal suspicious activity, and security analysts must recognize and interpret these small but significant indicators. They need to think through the risks that may arise in all relevant aspects of an organization’s operations which may impact security, including human factors, web services, and system upgrades.
How to build cybersecurity skills?
While one may naturally have the soft skills required for the job, acquiring technical skills would require formal training or education. A certificate course or degree is definitely a great place to start, for it would provide a solid foundation in the fundamental and advanced concepts of cybersecurity. However, if one aspires to become an expert in the field, completing industry certification and clearances, keeping up to date with the latest developments, networking with other professionals, and most importantly, gaining hands-on experience, is the way to go.
The world as we knew it has changed; possibly forever. Our ability to adapt and to perceive new threats and prepare in advance is fast becoming a key survival trait, especially in the field of data protection and security. This also presents a huge opportunity to learn and gain skills that would make one an expert in this domain; and eventually create a highly sought-after talent pool for today’s extremely dynamic and competitive markets.
(The author Rashmi Chandrashekar is Head – Security, DXC Technology India and the views expressed in the article are her own.)