Why you should enter this sector

Although there are millions of cybersecurity job openings around the world, employers are finding it extremely difficult to fill these positions. With a global deficit of nearly 4 million cybersecurity workers, according to the World Economic Forum, there is a growing gap between organizations that are cyber resilient and those that are not.

The majority (90%) of executives who responded to the WEF's Global Cybersecurity Outlook 2024 survey said immediate action is needed to address growing inequality in cyberspace, especially as new technologies such as generative artificial intelligence will only exacerbate existing cybersecurity problems.

The report shows that the cyber resources, skills and talent gap is growing rapidly and continues to be the biggest challenge for organizations in developing cyber resilience, with 71% of organizations having cybersecurity vacancies.

“We know that cyber threats will remain one of the biggest risks in the coming decade, fueling the global need for more cybersecurity professionals,” said Erin Baudo Felter, vice president of social impact and sustainability at Okta, a San Francisco-based identity and access management company, in an emailed statement. “But demand is outstripping supply,” she added.

Factors such as unclear career paths, outdated training programs, and expensive certifications prevent people from pursuing a career in cybersecurity.

“More than ever, people want a job with meaning, and I can't think of anything that would have more impact on the world than a career where your job is to protect people and organizations from digital harm,” Felter said.

The job market for cybersecurity

Cybersecurity consistently ranks among the fastest-growing and most in-demand areas in the entire technology sector.

Demand for cybersecurity jobs is expected to increase significantly in the near future, making this career path attractive. The United States Bureau of Labor Statistics projects a 32% increase in cybersecurity jobs from 2022 to 2032, well above the 3% average growth rate for all U.S. jobs. Specifically, the BLS expects information security analyst jobs to experience the fifth fastest growth of all U.S. occupations during this period.

According to Cybersecurity Ventures, a provider of market data and insights into the global cyber economy, there are approximately 750,000 cybersecurity job openings in the United States.

The large number of cybersecurity job openings is due to increasing cyber threats and attacks across a wide range of industries, growing awareness of the importance of cybersecurity in businesses, evolving legal requirements for data protection and privacy, and the rapid digital transformation of companies, which brings with it new security challenges.

The recent CrowdStrike incident underscores the critical importance of robust security measures. The widespread outage, caused by a faulty software update, affected millions of devices worldwide and led to disruptions across multiple sectors, including airlines, banking, and healthcare.

Companies are now expected to place more emphasis on developing risk mitigation plans and improving cyber resilience strategies, potentially creating more opportunities for cybersecurity professionals who specialize in these areas. The incident has also raised questions about vendor accountability and third-party risk management, which could lead to increased demand for professionals who can assess and manage these risks.

The complexity of the incident and its far-reaching impact underscore the need for highly skilled cybersecurity professionals who can prevent, contain and respond to such incidents. There is also an increasing focus on improving software testing and deployment practices, which could create new roles or specializations in the cybersecurity field.

Closing the cybersecurity skills gap

To close the growing skills gap in the cyber and technology industries, Okta has announced it will commit $50 million over the next five years.

The aim of the initiative is to identify and develop the best talent in cybersecurity while ensuring fair access to successful careers in the technology sector.

Okta is focusing its investments on two main areas. The first includes $1.6 million in philanthropic grants to support global organizations that provide career opportunities in technology for women, people of color, veterans, and other job seekers from underrepresented populations.

The second area consists of 5,000 educational scholarships for unemployed professionals who want to enter cybersecurity by improving their Okta skills. This program is particularly aimed at veterans, military spouses, and tech workers affected by recent layoffs.

“The cost of cybersecurity training and certification programs can be a deterrent for aspiring professionals, especially in a challenging economic environment. Some of the nonprofits we work with, including Women in Cybersecurity and NPower, have recognized this barrier and are offering free technology training to make this profession more accessible and create new pathways into cybersecurity,” Felter said.

First steps in cybersecurity

The social impact and sustainability expert stressed that companies need to better “demystify” cybersecurity to attract new talent.

“There is a misconception that these are highly technical, individual roles, but in reality, the work of a cybersecurity professional also includes things like culture, communication and change management,” Felter explained.

If you're just starting your career or want to get into cybersecurity without a technical background, you can earn certifications, take online courses to learn, and look into relevant professional networks. Cybersecurity roles include a variety of responsibilities that increase the security of the company, its employees, and its customers.

Entry-level cybersecurity firms typically engage in tasks such as monitoring security systems for breaches, analyzing security alerts, conducting vulnerability assessments, and implementing security measures to protect a company's data and systems.

They may also help develop security policies, conduct security audits, and assist with incident response. These roles are critical to maintaining the integrity and security of an organization's information systems.

Salary data for cybersecurity professionals

Workers in the cybersecurity sector can earn substantial salaries, reflecting the high demand and critical nature of their roles. According to the BLS, the median salary for information security analysts was $120,360 in May 2023.

Cybersecurity managers or administrators, who are responsible for identifying vulnerabilities and leading information systems teams, can earn between $150,000 and $225,000 per year. Application security engineers, who ensure the security of software and business applications, can earn between $130,000 and $200,000.

Information security analysts, often referred to as the gatekeepers of information systems, have a median salary of around $102,600, although they can earn as much as $208,000 depending on their experience and the complexity of their tasks. Penetration testers, also known as ethical hackers, earn an average of $124,424, although some positions require an advanced degree.

While some chief information security officers, senior executives responsible for the physical and digital security of organizations, earn a total salary of nearly $500,000, many start with a base salary of around $275,000, according to Hunt Scanlon Media. CISOs manage risks related to personnel, data and physical assets, ensuring the organization's security against various threats, including cyberattacks and physical intrusions.