Experience and knowledge in cybersecurity have become a necessary resume addition for anyone pursuing a career in the IT field.
They’re coming at us, fast and furiously. Hacks. Malware insertions. Ransomware threats. It almost seems like a full time job, monitoring your systems and data and worrying about protecting everything. Oh, wait. There’s no “almost” involved. Cybersecurity is job security for IT pros these days. Is cyber-security on your resume?
The Wall Street Journal notes that, “In today’s world of ever-multiplying threats and dependence on connected assets, all IT staff must now be cybersecurity staff first.”
As information technology has evolved over the years, several sub-professions have emerged. You can now “switch careers” without leaving the IT realm. If you’re looking for a way to take your IT career to the next level (or, perhaps more realistically, simply hang on to your IT career) may we suggest information security? Information Week does. In a recent article, they predicted you “would be wise to consider cyber-security, where the demand for talent far exceeds the supply.”
There is, indeed, a global shortage of security-savvy talent. In fact, by 2019, there are likely to be somewhere between 1 and 2 million unfilled cybersecurity positions around the world. That’s according to Intel Security, which recently surveyed IT execs whose responsibilities include security. Intel Security released their findings in a report called, “Hacking the Skills Shortage.”
These findings are alarming, especially given the current dangerous and uncertain state of cybersecurity.
- 82% of respondents said their company lacks cybersecurity skills
- 53% say the security skills shortage is even worse than their lack of adequate talent in other IT professions
- One-third admitted this fact makes them more vulnerable to hacking
- One-quarter admitted their cybersecurity skills deficit has already caused the loss of proprietary data and damaged their company’s brand
No wonder tech-focused recruiting firms say there is an increasing number of job openings for data security professionals. The US Bureau of Labor Statistics says IT security jobs have grown by 33% in the past four years. Healthcare and financial services organizations, in particular, are in hiring mode because they are so vulnerable, should a data beach occur.
What can you do to add cybersecurity to your resume?
Gather experience. And get certified. Industry experts and HR professionals say that, while a college degree is desirable for new InfoSec hires, companies are choosing experience and certification(s) over the classroom. Some companies say they’re choosing experience even over certification. Nonetheless, certification validates your knowledge. Gaining hands-on experience will help you earn those precious initials that come with formal recognition.
One tech recruiter recommends pursuing the CISSP certification, if you have at least five years professional IT experience, because this is the one prospective employers look for most often. Others recommend the CompTIA Network+ and Cisco CCNP certifications. And there are multiple others you might pursue. Each has its own value, because certification programs are focused in different areas of IT.
In Europe, EU digital chief Andrus Ansip just announced his desire to create a cybersecurity center that would certify both technical expertise and new technology products.
Here are key cybersecurity skills you’ll need:
- Intrusion detection
- Secure software development
- Risk (and actual attack) mitigation
- Cloud security
- Network monitoring/access management
- Security analysis
- And, of course, data security
As your company’s Cybersecurity Hero, you’ll be expected to take a broad-brush approach to threat assessment and mitigation. IT is no longer a disparate department, as it was in the early days. Technology permeates virtually every aspect of business operations, so you’ll have to understand how each area within your purview uses technology and why, not only how the systems work technically.
That means you’ll need good collaborative skills, and good communication skills, because you’ll have to promote cybersecurity among your co-workers in order to implement it effectively. In many essential ways, IT is morphing into everyone’s job. But it will be up to you to help your non-tech co-workers understand why data security is critical to their role within the company, and to their daily tasks.
When you’ve got it, flaunt it.
When you’re ready to refurbish your resume, “Drop experience that isn’t security related and emphasize whatever you’ve done in the light of security.” That’s the advice from Dean Webb, who specializes in computer and network security.
You could even position yourself as a skilled threat hunter – the Indiana Jones of IT. Why? IDG Research says, “Today, advanced cyberthreats evade existing security solutions and can move across the network for weeks or months before being detected – unless organizations actively look for them.” The problem is, a mere 39% of companies now have an active threat hunting practice, according to a recent IDG Research poll.
Building a threat hunting practice enables companies to continuously, proactively search data, looking for cyberthreats that have no previously-identified pattern. It’s necessary, says IDG, but daunting. So while 39% of companies have a threat hunting team in place, 49% are still thinking about it. This is the land of opportunity, if you have cybersecurity on your resume, because these companies need help. Especially small enterprises.
When it comes to SMBs, the IDG Research poll revealed that:
- 60% said establishing a threat hunting strategy, or roadmap, was very or extremely challenging
- 78% said they don’t have the time or human capital to devote to building a threat hunting practice
Among all respondents, 55% rated the need for advanced analytics skills as very or extremely challenging, and 49% ranked data integration as very or extremely challenging. Not surprisingly, many are hoping outsourcing will enable them to build a threat hunting practice. But where can they turn?
Could you transform your cybersecurity skills into a new opportunity – threat hunting practice for hire?
Whether you’re looking to move up in the IT world, carve out a niche for yourself as an entrepreneur, or make yourself even more valuable in your current position, cybersecurity is a must-have on your resume. Insiders say its interesting work. And there’s no doubt you’ll be in demand. But you need more than razor-sharp InfoSec skills. Companies may be scrambling to find knowledgeable IT pros, but you still have to rise above the competition to land (or keep) that interesting job.
We’ll fill you in on the details in our upcoming blog, “8 Essential Hard and Soft Skills Every IT Pro Needs.”