The digital world is a dangerous place. Cybercriminals seek to steal our financial information (and money from our bank accounts); damage or destroy our data, or hold it for ransom; destroy our reputations; and create other types of havoc. They are also great threats to businesses, nonprofit organizations, government agencies, and entire countries (including weakening a nation’s defense systems, military, infrastructure, and reputation). The increasing use of artificial intelligence to commit cybercrimes has created a new set of challenges for cybersecurity professionals.
Cybersecurity is the practice of implementing tools, processes, and technology to protect computer systems, networks, other technology, and data from cyberattacks. Major types of cybersecurity threats include ransomware attacks, distributed denial of service attacks, malware, and social engineering. Cybersecurity also refers to the protection of physical security components that are connected to the Internet, such as smartphones, RFID keycard door locks, and video surveillance cameras, as well as the security of facilities that house computers that store sensitive data. Examples of cybersecurity specialties include application, cloud, infrastructure, Internet of Things, mobile, and network security.
Cyberattacks have become more frequent, sophisticated, and damaging in recent years. Cybersecurity Ventures predicts that the global cost of cybercrime will grow from $3 trillion in 2015 to $10.5 trillion in 2025. “Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm,” according to the 2022 Official Cybercrime Report, from Cybersecurity Ventures and eSentire. As a result, many more cybersecurity workers will be needed as the industry expands and to replace those who retire or leave for other reasons.
More than 5.4 million workers were employed in cybersecurity worldwide in 2023, according to ISC2, an industry association. Nearly 1.5 million cybersecurity professionals worked in the United States.
Cybersecurity jobs are found throughout the world. In-person, remote, and hybrid positions are available. Typical employers of cybersecurity professionals include cybersecurity product and service developers, consulting firms, cybersecurity start-ups, government agencies (including branches of the armed forces), and high-net-worth individuals. All companies and organizations have either a dedicated cybersecurity or information security department or employ contractors to address their security needs.
Job opportunities in cybersecurity are excellent. The U.S. Department of Labor (DOL) projects annual employment growth of 32 percent from 2022 to 2032 for information security analysts, a popular career in cybersecurity. Demand is growing because cyberattacks have become more frequent and damaging, and the shift to remote work, the rise of e-commerce, and the public’s increasing use of the Internet have fueled the need for enhanced security measures. Demand for cybersecurity professionals greatly outpaces supply. ISC2 reports that there was a shortage of more than 1.3 million workers in the U.S. in 2023.
Worker shortages and other factors have created stressful working conditions at some employers. In 2023, the Information Systems Security Association (ISSA) surveyed IT and cybersecurity professionals from private- and public-sector organizations around the world regarding workplace trends and issues. Sixty-three percent of respondents said that working in the field had become more difficult in the past two years. “The cybersecurity skills shortage continues unabated, leaving a majority of organizations with an ever-growing gap in the cybersecurity skills needed to reduce their cyber-risk from the latest threats,” according to The Life and Times of Cybersecurity Professionals from ISSA. The report goes on to say that “as the void widens, cybersecurity professionals bear the brunt.”
One excellent aspect of a career in this field is that while a degree in cybersecurity has been the preferred method of preparation, many people now enter the field after pursuing other occupations. The ranks of cybersecurity professionals include former military service members, those who worked in other technology occupations, and career changers of all ages who were employed in finance, marketing, engineering, and other fields. To prepare for cybersecurity professions, they received on-the-job training and/or completed short-term training programs at colleges and universities; completed apprenticeships; earned basic cybersecurity certification credentials; or completed classes or certificates that were offered by for-profit, online education providers.
Cybersecurity professionals earn high salaries and enjoy generous benefits (especially at large companies). Information security analysts earned mean annual salaries of $119,860 in 2022, according to the DOL. This was nearly double the mean annual salary ($61,900) for all workers. The top 10 percent of analysts earned $174,540 or more. Chief information security officers and other high-level cybersecurity professionals earn $200,000 to $300,000 a year. Many cybersecurity professionals receive performance bonuses and access to profit-sharing programs. Some receive stock options, which can be very lucrative.
Cybersecurity and other computer careers typically rank high in “best job” lists due to their combination of good pay, relatively low stress levels (for some positions), intellectually challenging work, advancement possibilities, and strong employment demand. In 2023, U.S. News & World Report ranked the career of information security analyst as the 5th-best occupation in the United States. Other technology-related careers that were featured in the list include software developer (#1), information technology manager (#8), Web developer (#9), computer systems analyst (#20), data scientist (#22), database administrator (#29), computer network architect (#56), and computer systems administrator (#61). There are opportunities for all these workers in cybersecurity. Glassdoor.com ranked the career of information security engineer as the 15th-best career in its “50 Best Jobs in America for 2022” list. The list features careers that offer strong earning potential, high levels of job satisfaction, and many job openings.
- Big Data Developers
- Blockchain Developers
- Business Continuity Planners
- Chief Information Security Officers
- Computer Programmers
- Computer Systems Programmer/Analysts
- Cryptographic Technicians
- Cybersecurity Architects
- Data Scientists
- Database Specialists
- Deepfake Professionals
- Directors of Security
- Information Security Analysts
- Information Technology Security Consultants
- Internet of Things Developers
- Internet Quality Assurance Specialists
- Internet Security Specialists
- Internet Transaction Specialists
- JavaScript Developers
- Network Operations Center Engineers
- Network Operations Center Technicians
- Online Gambling Specialists
- Security Consultants
- Software Application Developers
- Software Designers
- Software Engineers
- Solutions Architects
- Technical Support Specialists
- Technology Ethicists