A common question people ask about cyber security is if working in the field is difficult.  Understandably, many people want to know how difficult a cyber security career really is before they go down the path of pursuing this as a career.  Because so many people have asked this question, I decided to look into exactly how difficult a career in cyber security can be.

How hard is cyber security?  Careers in cyber security can range from moderately challenging to difficult, depending on the specific area of cyber security you pursue and the requirements of the individual job.  The wide variety of careers available in the cyber security field provides individuals with the flexibility to pursue a career that is as easy or difficult as they prefer.

So what specifically about a cyber security career makes it easier or more difficult than another? There are several factors that determine how hard or easy cyber security will be for a position that you choose, so let’s take a look at these factors now.

Factor #1:  Job Responsibility Increases Difficulty

In many fields, employees can expect increases in salary as responsibility increases.  While this is also generally true in cyber security, it is also true in cyber security that job difficulty often increases with the responsibility of a particular job.  For example, a lower level cyber security position that is responsible for a smaller network or for maintaining a low impact system would probably not be as difficult as another position with the same title at a larger employer that has more information security assets to protect.  While both jobs are similar, and the job postings may look alike, you could expect that the position that has the responsibility to protect a larger technology surface would be more difficult and stressful. Consider also that larger systems may receive more attacks than lesser known systems, which also increases the difficulty of the position.

Another way to view this is for positions that are not on the same level, but are higher level than others.  For example, senior level cyber security positions may require additional tasks, such as reporting to management.  Very high level positions, such as Chief Information Security Officers, may have the responsibility of briefing the CEO about cyber security threats on a daily basis.  Again, having more responsibility can increase the difficulty of the cyber security position you are shooting for.

Factor #2:  The Learning Process is Difficult

Few fields change as quickly as cyber security, and therefore few require as much consistent continual learning as cyber security.  The process of continually learning is challenging in itself. Consider that in other fields where change is much slower or non-existent, any learning that is done is optional, can be completed at any time and leads to advancement.  In rapidly changing fields such as cyber security, the learning process can make the job challenging because it becomes a treadmill, meaning that you are required to continually learn just to maintain your job.  

Factor #3:  A Bad Employer Can Make Cyber Security More Difficult

Just like in any field, a difficult boss can make any job that would otherwise be enjoyable a nightmare.  In this case, we’re not referring to a bad employer or boss with an unpleasant work environment, but an employer that doesn’t provide adequate training.  

Talk with nearly any successful cyber security professional, and you hear them appreciate an employer that provides frequent training at the company’s expense, and on work time.  This investment by an employer will make the learning treadmill of cyber security much easier for you. If you are unfortunate to have an employer that doesn’t provide training, than you are forced to improve your knowledge and invest in your training on your own, after hours, and at your own expense.  This can make cyber security much more difficult for you, as you’re now forced to work overtime just to grow, keep up in the field and remain relevant.

Factor #4:  Our Increased Use of Technology Can Make Cyber Security Difficult

Another factor that has increased the difficulty of cyber security, and will continue to do so in the future, is our increased reliance on and deployment of new technologies.  Years ago, technology departments certainly had fewer responsibilities, but with the addition of VoIP, Cloud, BYOD and so on, the sheer number of technologies that a cyber security professional has to be aware and knowledgeable of has increased substantially.  This increase in knowledge requirements has certainly not made cyber security any easier. Consider also that this trend of additional technologies to support and secure will remain, and you can expect that this factor will continue to increase the difficulty of cyber security.

Factor #5:  Non-Technical Skills Have Increased Cyber Difficulty

The increase in technology isn’t the only thing that has increased the difficulty of cyber security.  Many cyber security jobs now also require a great deal of non-technical skills as well. Additional skills, such as the ability to write reports, communicate with co-workers or customers or consult with management all can make the job of a cyber security professional more difficult, especially if you don’t feel strong in these areas.  Some people entering into cyber security underestimate the need for the ability to write well, for example, and how much writing they may need to do in order to document their work. In this example, the ability to write well is an additional skill that a cyber professional would need to learn, in addition to all of the technical skills already on their list.  

Consider also that higher level cyber security positions may require even more soft skills or non-technical skills, such as the ability to create a budget, negotiate with customers or provide presentations, and you can see that the expanded set of non-technical skills can make a cyber security job more difficult for anyone that isn’t strong in these areas and needs to learn these skills.

However, it isn’t all bad out there.  Let’s take a look at what can make cyber security easier.

Factor #6:  Having a Passion for Cyber Security Makes Things Easier

One of the best ways to determine how difficult any job will be for someone, including a job in cyber security, is to evaluate the individual’s interest and passion for the field.  Someone with a strong interest and curiosity about cyber security will see the required learning and challenging tasks of the job as more enjoyable and worthwhile than someone who doesn’t have a passion for the field.  

It’s no secret that those passionate about cyber security are more likely to read books in the field, tinker with technology at home, or share their passion for the cyber security field with others.  For these people, those tasks are not hard; they instead are enjoyable and worthwhile.

For yourself, do an honest evaluation of your interests and passion for technology.  You should be able to determine if your interest in the security, penetration testing, hacking or anything else makes the field enjoyable and therefore easier for you.  Remember, there is a difference between something being challenging and being difficult, and that often comes down to how much enjoyment and passion you have for the subject.  

Consider someone who is a gamer, for example.  A gamer will be more likely to find a game challenging than difficult, because they enjoy the process of gaming and learning how to beat a game.  They have a passion for it, which makes it easier for them.  The same goes for cyber security.  If you have a passion for technology, cyber security will be easier for you than for many other people.

What You Can Do to Make Cyber Security Easier

Fortunately, there are several things we can do to make cyber security easier for us and therefore more enjoyable and rewarding.  Consider these things as you begin to pursue cyber security as a career.

  1. Have a passion for the work.  Any job in which you are not passionate will be difficult.  Having a passion for technology puts you in the flow and makes cyber security much easier.  Make sure you have a passion for whatever it is that you are doing.
  2. Learn a little every day.  Just like the best way to eat an elephant is one bite at a time, they best way to learn cyber security is by learning a little every day.  It’s been said that if someone were to read just one hour a day in their field, within three to five years they would be world class in their level of knowledge.  You can go really far if you just get up an hour earlier than you usually do and read something in cyber.
  3. Find an employer that provides regular training and wants you to succeed.  Over the course of a few years, an employer that is not supporting your learning will set you back.  It just makes things extra difficult for you if your employer is not helping you learn. Try to find an employer that makes your learning easier.
  4. Be willing to change jobs if your position or learning opportunities become stale.  Someone who is in the same position for ten years often will say that they have ten years of experience.  Unfortunately for some, however, what they really have is one year of experience repeated ten times. Be aware of when your job is growing stale and consider if you need to move to a position that provides new learning opportunities.
  5. Keep in mind that the things that make cyber security difficult for you make it difficult for everyone else too.  It is this aspect that keeps many other people out of cyber security or causes them to quit.  This aspect is what makes the opportunities, and the high salaries, available to you.

Related Questions

Is a cyber security degree hard?  A cyber security degree can be hard compared to other programs, but usually doesn’t require higher level math or intensive labs or practicals, which can make the courses much more manageable.

How can I see what cyber security is all about?  One way to learn a great deal about cyber security is to connect with a cyber security professional and talk with them about their jobs.  While they can’t talk about secret aspects of their jobs, most cyber security professionals will be happy to discuss the field with you. You can easily connect with many people on LinkedIn.

About the author 

Matt Day

Matt Day is a cybersecurity professional with over twenty years of experience in the IT, cybersecurity, and technology training fields. He has a degree in Computer Information Science and CompTIA A+, Network+, Security+, Server+, CySA+, and Cisco CCNA certifications.