Cyber Security Is Not Just For Computer Nerds

27/04/2023

Some people have called me a nerd, and I suppose I am, at least a little. I studied Computer Engineering in the 1970s in college when it was nowhere as common as now. In graduate school, I had a class with an adjunct professor named Arlin Cooper. In that class, we learned about cryptography, even though it wasn't really part of the course description. I thought it was fascinating. Later cyber security became part of my computer career.

We Need More Cyber Security Professionals

The US National Initiative for Cybersecurity Careers and Studies reports, "Cybersecurity professionals are in high demand. But, unfortunately, a 2022 (ISC)2 Cybersecurity Workforce Study says that cybersecurity workforce has an estimated 4.7 million professionals, "but there's still a global shortage of 3.4 million workers in this field." That presents a huge opportunity. But the number may be much more significant, as I noted prior, here.

And not all cybersecurity jobs go to nerds! There are cyber security opportunities available in almost all fields. For example, I have colleagues who came to the field from careers in economics and journalism and those from CS and EE. And others who do cyber security as part of careers in law and other fields.

An article in CIO Magazine has some interesting statistics about respondents to a survey of cyber security pros. Among them:

Only 44% said they had a bachelor's degree in electrical engineering or computer science,
85% say they have a certification in the field, and
56% say they do it because of the "interesting, challenging work."

The US Bureau of Labor Statistics reports that an entry-level "Information Security Analyst" can make over $95,000 annually. That is an excellent job for a full-timer in the field.

What Do I Need to Get Started?

The US Bureau of Labor Statistics has some advice for those who want t get started as an Information Security Analyst:

A degree in a related field is good, but as we noted above, not truly essential.
Technology experience is Experience in an IT department, possibly as a system or network administrator, is a good idea.
Certification is a good idea, again, as we saw above.
They also list some essential personal qualities, and I concur with all of them.

But What If I Don't Have a Degree or If I Have a Degree In Something Else?

That's great! You are not alone by any means.

You will probably need to pursue some certification to help convince an employer that you can do the job. I talked a little about the process in an earlier post. However, that will be only one element of a three-part process:

Learn about the field through work, classes, or self-study. Unfortunately, very few people can take a certification exam without prior knowledge, and employers can spot them a mile away.
Study for and pass the exam. This generally means taking a class (or two) and significant study time.
Work as an intern, apprentice, or volunteer in the field for a little while to get the needed practical Experience.

There is even a program - created by industry leader Symantec and others - to help fast-track individuals into the profession. It is mainly for "underrepresented and under-resourced young adults and veterans."

What If I Like My Current Field?

Then there are multiple options: you could work in cyber security in the IT department at a company in the field, learn about cyber security and educate others about how it applies in that field, or you can continue your regular work and act as a cyber security resource at your particular location. Regardless of your choice, you may get a significant pay raise if you work hard and get that certification. Ask your employer or others in the field; there may be myriad hidden opportunities.

Cyber security is a big field: it's not just for analysts. Learning Tree offers cybersecurity fundamentals courses, advanced courses, certification courses, management courses (even one targeted to the government sector), and blended learning options. This is the perfect time to get into this booming field.

This piece was originally posted on Oct 9, 2018, and has been refreshed with updated information, links, and formatting.

Written by John McDermott

John McDermott, CPTD, started his work in computer security in 1981 when he caught an intruder in a system he was managing. In recent years his consulting has included security consulting for small businesses. He is Security+ and CCP certified. In his 30 years with Learning Tree John has written and taught courses in programming, networking and computer security. He is the co-author of Learning Tree’s course System and Network Security: A Comprehensive Introduction. John is currently a learning and development consultant in northern New Mexico. He lives in a house made of earth with his wife, who is an artist.