Individuals with strong communication skills, a penchant for teamwork and a natural curiosity are prime candidates to join the ranks of the nation's cybersecurity workforce, according to cybersecurity experts from the IT Security Community of CompTIA, the world's leading technology association.
In conjunction with the 15th Annual National Cybersecurity Awareness Month, CompTIA asked some of its members who are leaders in the cybersecurity field for advice on what it takes to become a cybersecurity professional.
Across the United States, there were more than 300,000 job openings for cybersecurity workers from April 2017 through March 2018. That's according to CyberSeek, a free cybersecurity career and workforce resource supported by the National Initiative for Cybersecurity Education, a program of the National Institute of Standards and Technology.
So far this year U.S. employers have posted more than 103,000 job openings for cybersecurity engineers and analysts, a 30-percent increase over the same period in 2017.
"Arguably the most important trait is a love of learning and a sense of curiosity," said Lysa Myers, security researcher with ESET, a developer of industry-leading IT security software and services for businesses and consumers worldwide.
"The pace of information is really fast," Myers explained. "There's always some new puzzle to solve. Being able to communicate what you learn, and to speak persuasively, whether it's to a boss, the board, or a conference, is also incredibly helpful."
"Cybersec is constantly changing and evolving, so you need the ability to source information and be a self-learner," Victor Johnston, CEO of Inspired Business Innovations, concurred. "This is not the career path for someone who wants to get an undergrad degree and never touch continuing education."
Johnston noted that there are high-quality, well-paying jobs in the cybersecurity workforce that do not require a college degree.
"Degrees are becoming more and more a 'nice-to-have' thing, while industry certifications are becoming the mandatory standard," he said. "Certifications will absolutely get a professional hired over a degree."
"There's also a misconception that security people are all dudes in hoodies in a dark room or a dreary cubicle, staring at a computer all day," said Myers. "There are a wide variety of careers in cybersecurity. There's a huge need for security people who are good at interacting with people, or who are good at explaining things in a clear way. In short, there's a huge need for educators."
There are many resources available to anyone interested in a cybersecurity career, but unsure how to get started, according to Myers.
"Get out there and go to events, whether they're local meetups, BSides events or full-fledged conferences," she said. "It's good to get a handle on what's being discussed; and more importantly, how it's being discussed. Plus you can get to know people who're already working in the industry."
CompTIA is committed to raising awareness about the critical importance of cybersecurity; to build competencies and skills among cybersecurity professionals around the world; and to attract new candidates into the cybersecurity workforce.