Views and misconceptions of cybersecurity as a career path
Attitudes toward cybersecurity roles are now overwhelmingly positive, although most people still don’t view the field as a career fit for themselves, even as 29% of respondents say they are considering a career change, an (ISC)² study reveals.
The findings indicate a shift in popular opinion about cybersecurity professionals, who have traditionally been viewed through a negative lens as roadblocks to business efficiency.
In fact, 71% of the survey’s respondents, all of whom do not work in the industry, say they consider cybersecurity professionals to be smart and technically skilled, while 51% also described them as “the good guys fighting cybercrime.” 69% of respondents replied that cybersecurity seems like a good career path, just not one they see themselves pursuing.
Obstacles to attracting additional information security workers
The cybersecurity industry is made up of 2.8 million skilled professionals, but research indicates that there is a global shortage of 4.07 million, which requires a massive recruitment effort of new entrants to the field who may not have considered the career before. The study reveals that the obstacles to attracting these additional workers may be two-fold.
First, 77% of respondents said cybersecurity was never offered as part of their formal educational curriculum at any point, making it difficult for most people to gain a solid understanding of what roles in the industry actually entail and how to pursue the career.
The second factor that may be limiting interest is a pervasive belief that such roles would require very advanced skills development that would require time and resources to achieve.
“What these results show us is that while it’s becoming even more highly-respected, the cybersecurity profession is still misunderstood by many, and that’s counterproductive to encouraging more people to pursue this rewarding career,” said Wesley Simpson, COO of (ISC)².
“The reality of the situation, and what we need to do a better job of publicizing, is that a truly effective cybersecurity workforce requires a broad range of professionals who bring different skillsets to their teams.
“While technical skills are vital for many roles, we also need individuals with varied backgrounds in areas including communications, risk management, legal, regulatory compliance, process development and more, to bring a well-rounded perspective to cyber defense.”
Cybersecurity as a career path: Key findings
- Conducted during a time of record unemployment amidst the COVID-19 pandemic, the study found that job stability is now the most valued characteristic in a career (61% of respondents), followed by ones that offer a “flexible work environment” (57%) and only then, “earning potential” (56%).
- In the absence of formal cybersecurity education, perceptions about the industry and the professionals in it are formed primarily through portrayals in TV shows and movies (37% of respondents) or by news coverage of security incidents (31%).
- 61% of respondents said they believe they would either need to go back to school (26%), earn a certification (22%) or teach themselves new skills (13%) in order to pursue a career in cybersecurity. 32% of respondents said they believe too much technical knowledge or training would be required.
- Generation Z (Zoomers) were the least likely demographic group to cast cybersecurity professionals in a positive light. Just 58% view cybersecurity professionals as smart and technically skilled, as opposed to 78% of Baby Boomers. And only 34% of Zoomers consider them the “good guys, fighting cybercrime,” as opposed to 60% of Boomers.