When I was asked to write about cybersecurity careers for National Cybersecurity Awareness Month (NCSAM), my first thoughts circled back to how my career started. This was the late 1990s and although we were several years past such landmarks as the Rainbow Series (government computer security guidelines), the Morris Worm (first computer cyber worm released on the Internet) and the publication of the book, The Cuckoo’s Egg (depicting one of the first instances of computer hacking), careers in cybersecurity – or as we called it then “information security” or “information assurance” – were not that common. By that time, I had spent about a decade working in IT from helpdesk support, to system/network administration, to system engineering and application development. Along the way, I’d had brushes with cybersecurity – patching and configuring systems, reviewing logs for activity, designing access controls and more. So, when the federal agency I worked at created a division dedicated to cybersecurity, I jumped at the chance to join…and haven’t looked back since.
Cybersecurity careers and opportunities have changed and grown over the past 20+ years. Some applicants still come to a cybersecurity career the “old way” – working their way up through an IT support path, but now, expertise can be developed outside of traditional work experience. Many colleges and universities offer cyber degree programs, and professional organizations and vendors offer cyber training, courses and certifications.
Additionally, the breadth of roles in cyber has exploded. The National Initiative for Cybersecurity Education (NICE) Framework lists 52 separate roles including a Systems Requirements Planner, Cyber Crime Investigator, Security Control Assessor, Threat/Warning Analyst and Cyber Intel Planner.
Some common attributes of a successful cybersecurity professional include sound, fundamental IT knowledge, a sense of curiosity, attention to detail, and flexibility to adapt to evolving challenges. However, with a wide range of cybersecurity roles available today, we also need a diverse range of skillsets, backgrounds, and interests in practitioners. Cybersecurity careers are well suited to both those individuals who prefer to work alone, and those who like to work in groups; those who enjoy writing reports and papers, and those who cringe at the thought; and those who love to pore through event logs, as well as someone passionate about high-level security design. There’s a place for everyone.
The future is bright. My colleagues in the Department of Labor’s Bureau of Labor Statistics, in their Occupational Outlook Handbook, project a 33% increase in job growth for Information Security Analysts over the next decade, much higher than the average of 8% growth.
If you’re looking for meaningful IT work, cybersecurity is the place to be. Cybersecurity professionals help protect peoples’ finances, clean drinking water, traffic control systems, food supply chains, health information, and more. If you have the interest and aptitudes needed for a career in cybersecurity, I highly encourage you to give it a try…just like I did some 20 years ago…I think you’ll be glad you did it.
Please visit Nist.gov for more information on cybersecurity careers.