Is Cyber Security in Demand?

We hear so much about cyber security and about cyber security attacks that seem to happen almost weekly.  At no time in recent memory has any career field seemed to get so much attention and seemed to grow at such a fast pace.  Many people looking to choose a career field are now starting to consider cyber security as a career option. But is that a safe bet?  Is cyber security really in demand, and if so, will it continue to be in the future? Let’s take a look.

So, is cyber security in demand?  Cyber security has been in high demand in most parts of the United States, with research showing that the demand for skilled cyber security professionals will continue to increase in the foreseeable future.  Employers are expecting a shortage in the pool of qualified cyber security professionals.

Read on as we take a look into why this career field is the place to be and why it will continue to stay that way.

Why is cyber security in high demand?

There are several factors in our modern society that are causing the demand for skilled cyber security professionals to rise.  The first is the incredible number of hack-able devices now online.

Factor #1:  The number of people and devices online that can be hacked is increasing exponentially.  Not much more than a decade ago, Steve Jobs of Apple stood on a stage in California and showed the world the first iPhone.  At that point, the word smartphone was not a part of our regular vocabulary. Since then, several billion people have started to carry around tens of billions of cell phones, tablets, e-readers, laptops and smart watches.  All of these devices are online and have some level of personal data inside.  Because they are online, they can be connected to, and hacked from anywhere. And we now keep our devices with us always.  For a hacker or scam artist, they now have several billion more options for targeting.

Consider also that IoT, or the internet of things, is now a reality and growing.  This means that many security cameras, televisions, air conditioning systems and so on are now online.  They can be attacked too, and therefore need to be protected. These items are adding to the number of devices that are online as well.

It’s not just about the number of devices online, but also about the people.  Populations in developing countries are now getting access to connected technology for the first time.  In some developing countries, it is possible that an individual would have a cell phone before they have access to actual necessities, such as opportunities for employment.

Factor #2:  Our reliance on technology cannot be rolled back.  Would you be able to, or even willing to, give up your device access for a week?  Most young people cannot remember a time when we didn’t have computers in nearly every home or a device carried by every person.  Many people will not leave the house without their phone. We have become so reliant on our connected devices that they are now a part of who we are and how we live.  This factor means that not only are there more devices and more people using devices, but they are using the devices more often.

Consider this for a moment:  If your grocery store lost electrical power, or access to the credit card network, how many people in the store at that time would be able to checkout with cash?  How many transactions would the store be able to complete if they lost power for a week? If the local pharmacy lost access to their computer systems for a week, how many prescriptions could they fill?  Would they be able to even look up what medicine you need? Our economy is completely reliant on technology, which makes the need for security paramount.

Factor #3:  Nearly all financial transactions are now online.  Bank robbers used to rob banks because that’s where the money was, however the money in the bank is now mostly 1’s and 0’s.  The bulk of the money is now in the data system, so that has become the new target. It is more lucrative, and less risky, for someone to hack the financial network of a bank or retailer then to go to the physical location and attempt a theft where security cameras are everywhere and the amount of actual cash is limited.  These financial networks need cyber security protection, and they need that protection 24/7/365.

Factor #4:  The government is now requiring companies to protect data.  Companies and industries have always been regulated to some extent, but the government is increasingly imposing security regulations that require organizations such as healthcare providers and insurance companies to protect data and meet cyber security standards.  The government and it’s regulations are usually slow to adapt to the current state of cyber security, but they are progressing. Cyber security professionals are needed to help these companies remain compliant.

Factor #5:  Governments are getting in on the act.  The battlefield of the future will be online.  Nation states know that more damage can often be done to adversaries if their systems and infrastructure are damaged then if there if there is confrontation on the ground.  Countries are increasingly participating in cyber attacks, advanced persistent threats and social engineering to harm their enemies. This means that all developed countries need both offensive and defensive cyber security professionals.

Factor #6:  Populations not experienced with technology are online too.  Many people between the ages of 25 and 65 use computers at work, and many of them receive training from their employers regarding maintaining security of company systems.  Is is not uncommon for companies to train their employees annually on cyber security threats that could negatively impact the company. But tens of millions of other people are online too.  Senior citizens who did not grow up with technology and are not trained on it’s threats are online. And millions of children that have not developed the life skills to identify a threat are online too.  This makes for potentially hundreds of millions of people that are online but may not be security-aware. Would this be of interest to a hacker or scam artist? Of course.

What does this mean for cyber security jobs?

The most important question for you and me is if all of these reasons for the increase in cyber security is actually translating into job opportunities.  The answer is yes. Here are some statistics that should make you willing to give a cyber security career serious consideration.

  • The Bureau of Labor Statistics cites the job outlook for Information Security Analysts to be an expected increase of 26% through 2026, which the describe as “much faster than average.”  This rate of growth is nearly four times faster than the overall average of only 7%.
  • Cisco cited in their one of their annual security reports that they expect a shortage of more than one million cyber security workers, and several other studies have estimated the shortage to be several times that amount.  This means that even if every cyber security professional available had a job, there are still more than a million jobs that would remain unfilled.
  • The cyber security unemployment rate has hit zero.  This is another statistic that confirms the same thing – that anyone qualified to be in cyber security that wants a job can have one.

Related Questions

How long does it take to get into cyber security?  Depending on the technology and educational background of an individual, most people could acquire the training needed and get into the cyber security field at an entry level within three to five years, and possibly as short as two years in some cases.

If the cyber security field is so strong, why are there still some people in the field that are unemployed?  While employers do have a great need for qualified professionals, they do need them to be qualified.  Just like any other field, there are some in cyber security as well that have not kept their skills up to date.  

Matt Day

Matt Day

Matt Day is a cybersecurity professional with over twenty years of experience in the IT, cybersecurity and technology training fields. He holds CompTIA A+, Network+, Security+ and Cisco CCNA certifications, and is the author of the book CCENT Troubleshooting Guide.