Hackers and cybercriminals keep getting smarter and more sophisticated, making government and private IT professionals scramble to keep up. Perversely, it's also creating job opportunities.
Increasingly, vulnerable organizations don't have the people they need to defend themselves. That's the takeaway from a study by Foote Partners, which tracks IT jobs across all skill levels.
Its report estimates the demand for cybersecurity professionals will climb to six million by 2019, with an anticipated shortfall of about 1.5 million.
The reason, the report argues, is a skills gap. There aren't enough people trained to defend databases and networks from attack, or who have the latest skills required to do so. Some of the people who are in place aren't the right people, the study argues, since the whole field has rapidly changed with the mushrooming threat.
“They may have good technical people who can fix firewalls and implement basic perimeter solutions,” the authors write. “But what’s missing are enough of the sort of people who can make the case for cybersecurity being linked to business challenges and business developments.”
While this is perceived as a weakness for organizations, it could present opportunities for people considering a career, or career change. A check of job site Monster.com showed more than 1,000 cybersecurity job openings.
“Government and the private sector haven’t brought enough urgency to solving the cybersecurity talent shortage” said Chris Young, senior vice president and general manager of Intel Security Group.
However, some clearly have. Microsoft has taken a leading role in pushing development of cybersecurity in the Internet of Things (IoT) and globally-relevant IoT standards. Microsoft recently advocated government action to help protect IoT, including a private-public partnership to pursue guidelines for cybersecurity.
New challenges and vulnerabilities
IoT presents new challenges and vulnerabilities. As more things become connected to networks, there is greater opportunity to break into them. Once inside, a hacker might be able to access other connected devices or even networks.
Analysts at Gartner think that within just four years, more than a quarter of hacking attacks on organizations will involve IoT. That will require more spending than is currently allocated, and it will require more people, they say.
According to the Foote study, Cisco System is ramping up its cybersecurity training efforts. It recently said it would invest $10 million in a two-year scholarship program to help close the skills gap.
For people interested in pursing these career opportunities, the National Initiative for Cybersecurity Careers and Studies might be a good resource.