According to the 2024 ISC2 cybersecurity workforce study that surveyed over 15,800 practitioners globally, an overwhelming majority of them were of the opinion, “there is a need for people with all levels of experience in cybersecurity”. The same respondents acknowledged however that “it was hard getting to their current career level”. While the global cybersecurity workforce gap stands at a whooping 4.76 million people, getting into the cyber industry is no easy task.
Representing a 19% increase from 2023, the workforce gap indicates the need for more people to get in the cyber industry. This article explores a great approach to achieving this. Let’s begin our journey together.
Know Thyself!
Benjamin Franklin famously said, “There are three things extremely hard: steel, a diamond and to know one’s self”. Indeed, to carve a successful path in the cyber industry, you must know who you are. This means you must recognize and appreciate all your skills, talents and abilities. To accomplish this, you must self-reflect on your strengths, passions and personal attributes. Thus, create a comprehensive skill inventory of your technical and soft skills. In addition, complete an interest assessment and values identification test to determine your core values and the principles you stand for.
For example, try to identify transferable skills you can bring into the cyber industry from previous work and personal experiences. This could be anything from communication skills, analytical thinking, leadership, problem solving skills, research, project management skills and creativity.
Set Clear Goals
After gaining an understanding of who you are, what you are good at and the things you do easily – almost without thinking, be clear about what you want in the cyber industry. This calls for extensive reading about cybersecurity. Firstly, it’s beneficial to know about major industry players and their role in the industry. This includes security vendors, technology giants, government agencies and start-ups. Next, you must know about the common cyber roles and what they entail. These are penetration testing, security operations, security analyst, incident response and security engineer roles to name a few.
Thirdly, for long term career success, gain an understanding of the advantages and disadvantages of cybersecurity specializations. These are usually advanced positions that require significant practitioner skill and experience. They include but not limited to forensics, threat intelligence, artificial intelligence, cloud security, and chief information security officer positions.
Maps & Gaps
This is what it all comes down to. Now that you know your strengths and those things that get you going, it’s time to map your skill and interest with desired career roles. This may take a bit of time and input from trusted colleagues, friends and family but it’s essential to get it right. So, for example, if you have great coding skills and research abilities, that aligns perfectly with reverse engineer and security developer roles. Perhaps you have analytical skills and detail oriented, you could potentially become a malware or forensic analyst. Likewise, you are best suited with security architect and penetration tester roles, if endowed with creativity and problem-solving skills.
After this, fill in any skills gaps you may have identified for your desired role. Let’s assume you have great problem-solving skills but lack the technical know-how to become a security analyst or incidence response personnel. You must fill in this skills gap by choosing a learning method that is most suitable to you. This could be in the form of certifications, hands-on labs, obtaining a degree, internship or apprenticeship. It’s equally important to commit to your learning method of choice and set achievable timelines of completion.
If you want to gain an added advantage, bolster your efforts with relevant networking events and communication materials. Try to attend both in person and online conferences. Additionally, you can join professional associations and engage in online forums that discuss topics of interests. This places you in the same environment with like-minded people and serves as motivation and peer support for your professional journey.
Start
Now that you have all the components to successfully navigate your path in the cyber industry, start. That’s all you really must do. Don’t hesitate or procrastinate. Delays often make room for detours and setbacks. Furthermore, cybersecurity is a rapidly changing industry. What is relevant today may not necessarily be relevant in a year or two.
The cyber industry needs people from all backgrounds. Your decision to be a part of the industry reduces the workforce gap and makes a world of difference to individual and public safety.
It is my hope that this article makes your path to becoming a cybersecurity professional easier to navigate. If you would like to deepen your knowledge and understanding of the topic, visit our career, webinars & podcast and useful links pages to learn more.