The Cyber Security industry is one that is constantly buzzing with discussions and myths ranging from “What qualifies me to land a role in cybersecurity?” to “Every Role in Cyber security requires a technical background”.
Cyber security is a broad field that captures activities, processes and procedures leading up to achieving the security of people, processes and technology on the cyberspace.
It hence becomes limiting when people assume cybersecurity equates ethical hacking or solely involves threat hunting, vulnerability testing, and system hardening.
Cyber security is broad in spectrum like physical security, hence it is wise cybersecurity is treated with the same attitude accorded physical security.
Cyber security specializations abound, and with advancements in research and evolution of technologies, new areas of specialization are emerging in the field of cybersecurity.
Cyber security includes elements such as Application security, Network security, Information security, operational security, disaster recovery, Digital forensics, human factor security and end user education.
This shows that an array of roles and sub-roles erupt from these elements of cybersecurity. Building a dynamic team is one veritable way of achieving enterprise cybersecurity, and this promotes the viability of the cybersecurity career.
Traditionally, cyber security professionals comprise of graduates from computing and information technology related degrees, but with the rise in demand for professionals, there is a surge in influx of non-computing graduates into the field. These new entrants usually take the certification and skills acquisition routes to obtain necessary industry certifications that qualify them to attempt landing job roles in cybersecurity.
Offensive and defensive cyber security roles require technical skills sets, these roles include but are not limited to Security engineering, Penetration testing, Vulnerability testing, ethical hacking, threat intelligence, forensic analysis, network security, Data loss prevention, cryptography, and incidence response. These job roles require deep knowledge of networks and connectivity, protocols, coding skills as well as knowledge of tool kits, frameworks and principles.
Recall that cybersecurity encompasses security of people, processes and technology, hence there such roles in area of human factor security, end user education, cyber security advocacies, policy making, monitoring and evaluation, auditing, cyber security report analysis leading up to business intelligence and decisions, cybersecurity technical report writing, capacity building and student training, research and cybersecurity product marketing.
New frontiers in the monitoring of Psychosocial and behavioural patterns of cyber threat actors opens new frontiers in cyber-psychology, cyber-sociology, and cyber-philosophy. Understanding legal frameworks and laws governing the cyber landscape creates roles in cyber-law.
The following steps provide a guide to preparatory steps taken leading up to switching to a role in cyber security;
- Identify an area that interest you in the broad field of cybersecurity. Passion, drive and interest are important when making a career switch to ensure sustainability.
- Assess your skills and competency in the chosen area. A skill map helps you identify what is needed, how much of the skills needed that you possess and hence clearly showcases the skills gap that needs to be filled to position you for the role.
- This is the point when you launch actions towards building the required skills through enrolment in courses, volunteering and shadowing. In this dynamic field of cybersecurity learning never stops.
- Identify the certifications that are needed in the area of interest and work towards acquiring them. The cybersecurity industry is a strictly regulated industry hence attention is paid to certifications especially in handling technical and critical roles. Certifications abound ranging from Certified Information systems security professional (CISSP), Certified Ethical Hacker (CEH), and Certified Information Security Auditor (CISA) among others.
- Network with industry high players, leverage of professional social media sites to identify the professionals making wave in your area of interest. The essence of networking is to grow connections, gain more knowledge from experts and widen the horizon of the new entrant.
Actively apply to roles; remember that job search might be a walk in the park for some people and a herculean task for others, so focus on your experience as a job seeker in the area of interest with renewed vigour to make the best out of the opportunities that would come.
The cybersecurity career field can be likened to a goody bag, with different offerings based on skill sets of different individuals but affording something good for everyone.
The industry holds a lot of employment potentials with growing attack landscapes and increased online dependency.
Chioma Chigozie-Okwum indigenous to Imo State, Nigeria is a cyber-security researcher, content creator, educator, speaker, strategic planner and “tech-futurist”.
Chioma is currently a lecturer at the department computer science as well as the Director of Information and Communication Technology at the Spiritan University, Nneochi, Abia State, with interests in human factor security, indigenous solution development and persuasive cyber safety adoption.
She can be reached via: [email protected]