Every day, hackers and cyber criminals launch new, sophisticated computer viruses, malware, threats, and scams that jeopardize the data security our society relies on. The industry is looking for security analysts and other professionals who can troubleshoot information system threats, run vulnerability tests, reverse engineer malware, review hundreds of lines of firewall configuration, and create scripts in many languages to combat vulnerability.
We partnered with LinkedIn and researched various elements of the cyber security job market including:
- Employee and skill shortages
- Drivers of growth
- Job culture
- Required skills
- Experience needed, from cyber security degrees to security certifications
*Note: Cyber security is a booming industry with large potential. However, when considering the naming convention for the degree, academia uses' cybersecurity' as one word. Thus, our degree utilizes one word 'cybersecurity' but any other references to the field will use two word 'cyber security.'
Have you ever wondered what it would be like to be a security professional? Better yet, do you know how to get there? Do you have to know how to program, take apart malware, be a master at ethical hacking, and have experience with penetration testing? Actually, you probably already have what it takes: curiosity.
While many cybersecurity professionals have technical skills, you might be surprised to hear that many of them got there from other fields like law enforcement, customer service, and project management. They made the switch to cyber security armed with nothing more than their curiosity, a drive to learn, and some combination of university cybersecurity degree programs and security certifications.
As the field expands, these areas of expertise become even more crucial—and more in-demand. In fact, hundreds of thousands of cyber security jobs go unfilled every year because employers can’t find the talent they are looking for.
Western Governors University and LinkedIn also worked in partnership with other organizations to complete this study, including information technology solutions and staffing firm Dash2. Experts from these organizations observe the cyber security industry and give insight into what they have seen happening
Cyber security experts agree that this field is continually growing, and there are huge opportunities for those who are ready to jump in and grab them.
“Cyber security is in dire need of really good people. You can learn security, as long as you have an aptitude for it, and an interest and a passion for it.”—Randall "Fritz" Frietzsche, Chief Information Security Officer for Denver Health
"Securing your business is not a one-and-done investment, and more companies are beginning to realize this. Hackers know that many companies don't do the foundational-level work, so they automate these attacks to target small to mid-sized businesses."— Greg Larsen, Director of IT Services at Dash2
"Now, because of automation that allows hackers to target larger numbers of businesses, it's more enticing to go after 10,000 vulnerable small to medium-sized businesses than one whale."—Brandon Knotts, CEO of Dash2
"The IT programs at WGU are effective in laying solid foundations and providing on-ramps into a place of understanding, where students can become creators in IT rather than merely consumers."—David Ricker, Director of Enterprise Analytics and Business Systems at Dartmouth College
"I can unequivocally say that the caliber of IT programs that WGU offers is among the best. The variety of courses and disciplines within IT alone allow students to explore different areas to determine what they like best, while giving them the real-life practical skills they need to be successful in their future careers.”—Mischel Kwon, Founder and CEO of MKACyber
As a subdomain of IT, cyber security pays some of the highest salaries and has tremendous growth potential. But the industry is facing a massive skills shortage as the demand for qualified information systems professionals continues to grow.
In some U.S. metropolitan areas, this shortage of skilled workers has reached an alarming level. For example, there are over 13,000 cyber security job postings in the Washington D.C. area in January of 2019, yet LinkedIn only identified about 7,200 cyber security professionals located in the region. That means there were roughly 2 potential job offers for each qualified professional. The Greater New York City area saw the same ratio, with nearly 5,000 job openings currently and only about 2,500 cyber security professionals in the region. In fact, many metro areas showed similar shortages, including Baltimore, Chicago, Boston, Atlanta, Philadelphia, and Los Angeles, which all had over 2.1 times more job openings than qualified cyber security professionals living there.
Cyber attacks and scams aren't just for big companies anymore. With advanced technology, hackers go for companies and individuals, big and small. Cyber attackers that are trying to infect machines, hold data for ransom, and siphon money right out of bank accounts are becoming more sophisticated and widespread with the rise of the Internet of Things (IoT), artificial intelligence (AI), and other emerging technologies that make valuable data increasingly accessible to malicious actors.
As the technology landscape continues to evolve, these threats will only multiply and grow increasingly complex. So too will the cyber security skills shortage, which is why the search for qualified talent is more urgent than ever for businesses of all sizes.
There is an extremely high demand for cyber security professionals and a shortage of qualified candidates. Partially due to this high demand, cyber security salaries are higher than many other IT jobs. In fact, according to data from LinkedIn, the median base salary of a cyber security professional in the U.S. is about $92,500 per year.
But are all these jobs reserved for senior-level professionals, or is there room for newcomers? In 2019 on LinkedIn, 33 percent of cyber security-related job listings are for entry-level positions, while 30 percent are for associate-level roles and 8 percent for mid- to senior-level positions.
As companies expand their security teams, there will also be room to grow into mid- and top-level management positions over time. By all accounts, now is a good time to start thinking about a cyber security career.
There are a number of different cyber security roles and job titles. Some people have more business-facing or analytical responsibilities, often reporting and translating cyber issues into business-level concerns, while others build, test, and configure systems. The former tend to have “analyst” in their job description, and the latter tend to be called “engineers.” According to LinkedIn, the most common job titles related to cyber security are; information security analyst, security consultant, security architect, network security engineer, information security engineer, cyber security analyst, information security specialist, penetration tester, cyber security engineer, and senior versions of those roles.
While many of these cyber security positions require specific technical skills, others also rely on soft skills, such as customer service, communication, and project management. This opens the door to the profession to candidates with a variety of backgrounds and skill sets.
What’s the best way to get your first job in a cyber security career, and how valuable are cyber security certifications compared to a traditional four-year degree?
According to LinkedIn, 71 percent of professionals who transitioned from other careers into entry-level cyber security jobs had a bachelor’s degree. That number rose to 73 percent for associate-level roles and 76 percent for mid- to senior-level positions. This data shows that a four-year degree in cybersecurity is valuable for professionals trying to transition into cyber security careers. In their previous careers, according to LinkedIn, some of these people held titles such as network engineer, network administrator, consultant, intern, project manager, and manager or program manager, but LinkedIn’s data suggests, above all, that there is no single pathway to cyber security, and that the majority come to the profession from a wide variety of different backgrounds.
What if you’re already working in cyber security? Would a formal degree in cybersecurity help with a promotion?
According to LinkedIn, of the people who were promoted in the past two years, over 70 percent of entry- and associate-level employees and 77 percent of mid- to senior-level employees had traditional degrees. For middle and senior positions, 77 percent of those who were promoted in the past two years had a four year degree.
What about certifications? Like a cybersecurity degree, a security certification is highly valuable because it shows that you’ve mastered a set of critical technical skills, and that you are committed to furthering your education, investing in yourself, and challenging yourself. The more credible the source is, the more valuable a certification for security will be. And at the end of the day, the best candidates will have some combination of formal security education, security certifications, and innate skills.
But while technical skills are certainly important in the cyber security field, some positions rely just as heavily on soft skills such as customer service, communication, and project management. In fact, according to LinkedIn, 28 percent of entry-level cyber security professionals listed customer service as a skill. “If you’re a help desk person, a desktop person, or even a server/network type of a person, the first step is to really recognize that you’re already doing security,” said Randall “Fritz” Frietzsche, Chief Information Security Officer (CISO) for Denver Health and a graduate of WGU’s Master of Cybersecurity Security and Information Assurance program.
Ultimately, there are many paths that lead to a successful career in cyber security. For those currently in IT, you are closer than you think. With the right degree, you can leverage the security work you already do to gain new knowledge and bolster your cyber security aptitude. For aspiring cyber security professionals transitioning from nontechnical careers, information technology isn’t the only path. Anyone with strong soft skills, people skills, or experience in product management can make the switch and flourish in a cyber security career. As Frietzsche put it, “If you can learn to drive a forklift, you can learn security, as long as you have an aptitude for it, and an interest and a passion for it.”
Put simply, the cyber security industry is in dire need of security professionals who are committed to development, willing to work, and eager to learn. And it’s safe to say that this is only the beginning for the rise in cyber security roles. Luckily, employers in the field are extremely welcoming to information security professionals from a broad range of backgrounds and skill sets. So if you’re looking for a mission-driven profession that provides a collegial environment, the cyber and network security field might be right for you.
Your curiosity is piqued. Now is the time to look at degree programs to prepare you best for the field of cyber security. Our programs are packed with quality and value—certifications included.