Amid waves of layoffs and economic uncertainty, it’s easy for job seekers (or those looking to change careers) to feel like they’ve got an uphill battle to fight. But one area where it’s expected that hiring will continue is in the cybersecurity space. The 2023 Cybersecurity Skills Gap Global Report by Fortinet found that 83% of boards are advocating for hiring more IT security staff as breaches and ransomware attacks continue to climb.
This is a real opportunity for those seeking new employment and/or looking to increase job security. And the good news is that not only are there all sorts of opportunities in cybersecurity, but that obtaining these skills doesn’t have to involve going back for a lengthy, sometimes expensive degree program – although that is one possible path.
Examining the most sought-after skills
When it comes to which types of cybersecurity skills employers are seeking the most, cloud tops the list. It’s the most sought-after skill group and represents some of the hardest positions to fill. According to the previously mentioned report, for 46% of those surveyed, cloud security was one of the top five most sought-after skills. It was ranked one of the most needed and hardest to hire for by 44% of respondents.
Other highly in-demand skills are cyberthreat intelligence, malware intelligence, secure system operations and cybersecurity foundations. Rounding out the top five roles to fill, after cloud security, are security operations, network security, software development security and risk management.
It’s not just hard, technical skills that are sought. Project managers, analysts, marketers and other positions with a focus on soft skills, a desire to learn, business knowledge and a love of technology are all needed in the security sector. Don't rule yourself out of a cybersecurity career because you think it is overly technical. As the need for network defense increases, so will the need for adjacent roles like these.
Professional certifications can increase your employability
Businesses are aware of how training and certifications may help their company close the skills gap while also giving those wishing to develop in their existing security careers and those thinking about switching over a competitive advantage.
Employers favor having certified employees. They see certificates and training, in addition to prior work experience, as trustworthy indicators of a candidate's skill set. In fact, 90% of corporate executives prefer to recruit people with technology-focused qualifications, up from 81% the previous year. And 90% of respondents said they would pay for a worker to receive a cybersecurity certification.
And yet, there aren't enough certified professionals. Although such credentials are highly valued, over 70% of respondents claimed it is challenging to find employees and candidates who have them.
Training and certification opportunities
In an effort to help close the cybersecurity skills gap, we’re seeing more collaboration between private industry, educational institutions and nonprofits. This is good news for individuals, because it means that resources are out there to get training and certification much more easily and at a lower cost – sometimes even free.
Many state and federal agencies like the Cybersecurity Infrastructure Security Agency (CISA) and the National Security Agency are great sources of free information. And don’t overlook professional organizations – there are many out there working to bring these opportunities to people, including Women in Cybersecurity (WiCYS) and many others.
WiCYS partners with companies, organizations and groups, resulting in a community of over 5,000 members in more than 70 countries. WiCYS focuses on supporting current and future women cybersecurity professionals. This group and others like it serve as an important reminder that there are great opportunities in cybersecurity for traditionally underserved groups. Job seekers who are women, veterans or minorities should not overlook the career potential within this field, especially when so many training opportunities are available.
Opportunity awaits
As cyber threats continue to grow in number and complexity, companies need cybersecurity professionals desperately. For job seekers with the right skills, this is an opportunity to enter or advance in a career that pays well and offers job security. These days, individuals can make themselves more viable candidates without breaking the bank or taking on another long-term degree. The public and private sectors are coming together in recognition of the need to close the cyber skills gap, resulting in many opportunities for training and certification at little to no cost.
Remember that the cybersecurity field needs soft skills as well as hard, too. Today's perfect candidate looks different from yesterday's; organizations want people with a mix of these skills and a passion for learning. The opportunity is waiting for job candidates who will take hold of it.
Rob Rashotte is vice president, global training & technical field enablement, at Fortinet.