Cybersecurity

Worldwide revenue in the cybersecurity industry reached nearly $202.7 billion in 2022, according to Grand View Research. Revenue is expected to increase at a compound annual growth rate of 12.3 percent from 2023 to 2030. Cybersecurity businesses in North America held the highest market share (34.9 percent) in 2022. In North America, “the growing number of cyberattacks owing to the proliferation of e-commerce platforms, the emergence of smart devices, and the deployment of the cloud are some of the key factors propelling the market growth,” according to Grand View Research. “Increasing usage of devices equipped with the Internet of Things and intelligent technologies is expected to increase the cases of cyber threats. As such, end-user organizations are anticipated to integrate advanced cyber security solutions to mitigate the cyber-attacks risk, supporting the market growth.”

Here are the percentile breakdowns of cybersecurity industry revenue by industry share in September 2023, according to Statista Market Insights:

• banking, financial services, and insurance: 32.6 percent
• government 24.1 percent
• healthcare: 11.9 percent
• information technology and telecommunications: 9.8 percent
• retail and wholesale: 8.2 percent
• energy and utilities: 7.8 percent
• other industries: 5.5 percent

The Forbes Global 2000 is an annual ranking of the world’s largest public companies (based on revenue, profits, assets, and stock market value). In 2023, the 20 largest technology companies (many of which offer cybersecurity-related products and services) were:

1. Alphabet Inc. (United States)
2. Microsoft Corporation (United States)
3. Apple Inc. (United States)
4. Samsung Group (South Korea)
5. Meta Platforms (United States)
6. Tencent Holdings Ltd. (China)
7. Taiwan Semiconductor Manufacturing Co. (Taiwan)
8. Sony Corporation (Japan)
9. Oracle Corporation (United States)
10. Cisco Systems Inc. (United States)
11. Hon Hai Precision Industry Co. (Taiwan)
12. Broadcom Limited (United States)
13. Accenture Plc (Ireland)
14. IBM (United States)
15. QUALCOMM Inc. (United States)
16. SAP AG (Germany)
17. Dell Technologies Inc. (United States)
18. ASML Holding (Netherlands)
19. NVIDIA Corporation (United States)
20. SK Hynix, Inc. (South Korea)

Nearly 1.5 million cybersecurity workers were employed in the United States in 2023, according to ISC2, an industry association. More than 5.4 million workers were employed in cybersecurity worldwide. Demand for cybersecurity professionals outpaces supply. ISC2 reports that there was a shortage of more than 1.3 million workers in the U.S. in 2023.

The career of information security analyst (ISA) is a popular cybersecurity occupational path. In 2022, there were 168,900 analysts employed in the United States, according to the U.S. Department of Labor (DOL). The following sectors were the largest employers of ISAs:

• computer systems design and related services: 25 percent
• finance and insurance: 16 percent
• information: 10 percent
• management of companies and enterprises: 9 percent
• management, scientific, and technical consulting services: 6 percent

Cybersecurity consulting is another popular career path. There were 215,160 consultants employed by management, scientific, and technical consulting services firms in 2022. “Information technology consultants are expected to see high demand,” according to the DOL. “Businesses will seek out consulting firms to help them attain a high level of cybersecurity and make sure their IT systems are efficient and up to date.”

Other popular cybersecurity careers include cybersecurity engineers, threat hunters, digital forensic analysts, chief information security officers, security architects and engineers, cyber defense incident responders, security awareness officers, artificial intelligence security specialists, cryptanalysts, cryptographers, cyber operations specialists, data recovery specialists, white hat hackers, penetration testers, deepfake professionals, security consultants, and security auditors.

As with any industry, a wide range of non-tech career paths are available. There are opportunities in sales, marketing, legal services, accounting, human resources, business operations, administrative support services, and other areas.

Noteworthy cybersecurity and general information technology trade and professional associations include:

• The Association for Computing Machinery (https://www.acm.org) has more than 100,000 members from industry, academia, and government institutions around the world. It has more than 35 special interest groups (including Artificial Intelligence; Computer Architecture; and Security, Audit, and Control groups), publishes more than 50 journals, and sponsors more than 170 conferences. At its Web site, the association offers information on education, internships, careers, student membership, and XRDS, its student magazine.
• The Association for the Advancement of Artificial Intelligence (https://www.aaai.org) was founded in 1979 to advance the scientific understanding and use of artificial intelligence (AI). It hosts conferences and other networking opportunities, publishes AI Magazine, and offers a job bank at its Web site.
• CompTIA (http://www.comptia.org) is a membership organization for IT professionals and vendors. It provides continuing education classes and webinars, certification, professional development conferences, and membership for college students and IT professionals. It offers a wealth of information about careers in cybersecurity and emerging technologies on its Web site.
• The IEEE Computer Society (http://www.computer.org) is one of the world’s leading membership organizations dedicated to computer science and technology. It has more than 50,000 members (including college students). The society has more than 300 local and regional chapters, sponsors over 185 conferences and 3,113 technical and networking events each year, publishes dozens of scholarly journals and magazines (including IEEE Security & Privacy and IEEE Transactions on Information Forensics and Security), and has more than 40 technical communities. It also provides educational and career information, a certification program, and continuing education opportunities.
• The Information Systems Security Association (https://www.issa.org) is a nonprofit, international organization of information security professionals and practitioners. It publishes the ISSA Journal, provides job listings at its Web site, and offers the Cyber Executive Membership program (which seeks to “connect professionals to a large network of peers, valuable information, and top industry experts”).
• ISACA (https://www.isaca.org) is a membership organization for audit, cybersecurity, emerging tech, and other professionals. It offers membership for college students, publishes the annual State of Cybersecurity Report, and offers the Certified Information Security Manager certification program.
• ISC2 (https://www.isc2.org) is a nonprofit organization for cybersecurity professionals that offers approximately 10 certification programs, including the highly respected Certified Information Systems Security Professional credential. It also offers continuing education opportunities and publishes an annual Cybersecurity Workforce Study.
• The National Cybersecurity Student Association (https://www.cyberstudents.org) describes itself as a “national community that supports students in their cybersecurity endeavors through extracurricular activities, career opportunities, mentoring, and keeping them at the forefront of cybersecurity trends.”
• Women in Cybersecurity (https://www.wicys.org) is a “global community of women, allies, and advocates dedicated to the recruitment, retention and advancement of women in cybersecurity.” Founded in 2013, the organization offers membership (including for college students); operates a certification program; provides a mentorship program, training opportunities, and scholarships; and publishes podcasts, newsletters, and blogs.

Worldwide, women comprise only 26 percent of cybersecurity professionals under the age of 30, according to the ISC2 Cybersecurity Workforce Study, 2023. This is much lower than their percentage in the workforce. Women in Cybersecurity, the Association for Women in Computing, other industry organizations, and some large cybersecurity companies are working to increase the number of women entering the field by offering career mentorship programs, scholarships, internships, and other programs and resources.