Cybersecurity is a professional field pursued by experts who protect online assets from unauthorized or illegal access. This access can be achieved by a team of active hackers, a malignant line of code or negligence in closing the digital front door. Governments and companies of all sizes need cybersecurity experts so they can stay ahead of these threats.
According to The Council of Economic Advisers, the American economy suffered losses between $57 billion and $109 billion in 2016 due to cyber attacks (source). Gordon Flesch Company highlighted growing cybersecurity issues by estimating a 300% increase in cyber attacks from 2018 to 2019 (source). There are not enough experts on hand to keep up with the ever-changing threats to hardware, software and connectivity.
Business, IT and security professionals looking for a growth industry should consider cybersecurity careers. A solid online cybersecurity MS degree program should leverage experienced faculty and industry partnerships to help students develop into experts in the field.
A comprehensive review of the cybersecurity industry shows that practitioners are not just thriving but providing important services to the global economy.
What Do Cybersecurity Professionals Do?
Cybersecurity professionals may be tasked with protecting everything from company smartphones to globally accessed databases from attacks. Information security analysts, engineers and executives need to understand the scope of online attacks before developing defenses and remedies. Cisco identified the following cybersecurity threats as the most common (source):
- Malware: Malicious software is introduced into a target’s system to block access or obtain information.
- Phishing: Phishers use emails or messages masked as known sources to extract routing numbers, credit card information and log-in credentials.
- Man-in-the-middle: A party can use unsecured wireless access or malware to stand between user and network, thereby gaining access to sensitive information.
- Denial-of-service: A party sends an overwhelming amount of requests to a target’s server or network, tying up assets and creating system vulnerability.
Examples of Large-Scale Cybersecurity Issues
Cybersecurity attacks are expensive to solve and potentially ruinous to a target’s reputation. IBM’s 2019 Cost of a Data Breach Report determined that the average breach led to a $3.92 million loss (source). The typical breach led to the loss of 25,575 records. IBM determined the U.S. had the highest average loss due to breaches with a typical cost of $8.9 million.
Gordon Flesch Company published a summary of the biggest breaches in 2019 showing the extremes of cybersecurity threats. The largest attack that year was the First American Bank breach in May 2019 that impacted 885 million mortgage documents.
A real estate professional discovered that a small change to the company’s URL provided access to sensitive information like social security numbers. This discovery was ignored by the company until a reporter passed along the URL issue in his investigative work.
The runners-up for 2019’s largest breaches showed the variations in cyber attacks confronted by security experts.
Facebook had two separate breaches in 2019 with the second breach exposing 540 million phone numbers to hackers because the company failed to use password protection.
Capital One’s July 2019 breach was a more traditional cyber attack by a hacker who accessed 109 million records including bank transactions and credit scores.
These companies and more needed the services of cybersecurity teams to protect data and save face.
Remedies for Cybersecurity Vulnerabilities
Small businesses, multinational corporations and everyone in between should be wary of online attacks. The University of California, Berkeley’s Information Security Office provides the following advice to deal with the most frequent threats to digital assets (source):
- Regularly update software to incorporate security patches
- Use passwords with 20 characters or more with mixed letters, numbers and symbols
- Avoid suspicious or unknown attachments, especially from unfamiliar sources
- Activate desktop firewalls to halt basic attacks
- Reserve transmission of sensitive data to secured private networks
Cybersecurity leaders and personnel are responsible in part for ensuring the adoption of these suggestions. A major element of this field, however, is getting ahead of the next attack.
IBM estimated that the average security breach takes 206 days to identify and 314 days to resolve after the initial hack.
The best practitioners collaborate with each other and develop resources to anticipate future generations of cyber attacks while speeding up remediation. The volume and scope of cyber attacks around the world create many paths to career success in this field.
What Kind of Cybersecurity Careers Are Available?
The U.S. Bureau of Labor Statistics (BLS) asked cybersecurity consultant Candy Alexander to describe her work. Alexander said that her job was to help businesses balance legal, risk and threat considerations when recommending security measures. As she said, “Businesses don’t understand what they don’t know” (source). Alexander’s career took her from software training to cybersecurity through business needs and a growing interest in digital security.
Alexander’s story suggests there isn’t a singular job title or path to a career in cybersecurity. The Cybersecurity and Infrastructure Security Agency (CISA) noted as such in its February 2019 report on the profession (source). This report includes the following passage that confirms the abundant opportunities for professional growth by security professionals:
“The dynamic nature of cybersecurity is challenging, compounded by work roles differing between organizations, and even departments within. With the rapidly changing nature of the domain, career pathways and required training must be reviewed and updated regularly. Referring back to the medical and legal field examples, the necessary skills for those professions have remained relatively consistent while cybersecurity continuously demands learning new concepts.” (source).
Aspiring professionals in the field may not know their exact progression but should know the demand for their services will only grow in the future. Cybersecurity job reports from the International Information System Security Certification Consortium ([ISC]²) and Indeed reveal where today’s experts work (source, source).
How Are Professionals Distributed?
(ISC)² conducts an annual Cybersecurity Workforce Study that reviews leadership views on the cybersecurity profession around the world. The 2019 edition surveyed 3,237 mid-level and senior security experts in 11 countries.
An important component of this survey was how respondents were distributed within their companies. Participating professionals reported working in the following departments:
- Security operations (22%)
- Security administration (15%)
- Risk management (13%)
- Compliance (12%)
- Operation technology security (11%)
- Secure software development (10%)
The study also evaluated understaffed areas of responding companies. Among companies with 500 or more employees, there was an average understaffing of security operations, security administration, risk management and penetration testing. Firms with 100 to 499 employees needed more personnel in security operations and operational technology security.
What Are Job Titles Held by Current Leaders in the Field?
The (ISC)² report also offers a sampling of job titles held by respondents (source). Fourteen titles ranged from chief executive officer and chief information security officer to IT manager, security analyst and application developer. The average respondent had four years of experience in their current job and five years working in cybersecurity positions.
A plethora of career options means there are multiple branches for early-career cybersecurity professionals to pursue.
Indeed’s Global Cybersecurity Outlook 2019 displayed the top jobs in the field based on their average salaries (source). Professionals in the top 10 jobs received salaries averaging $115,493, far exceeding salaries in most career paths.
The five job titles and salaries listed below exemplify the high ceiling awaiting top performers in the field:
- Application security engineer ($128,128)
- Director of information security ($127,855)
- Senior security consultant ($126,628)
- Cloud engineer ($126,365)
- Software architect ($117,633)
What Types of Employers Look for Cybersecurity Professionals?
Twenty-two percent of respondents to the (ISC)² survey worked in the IT services industry (source). The remaining respondents were spread among the financial services, government, manufacturing, healthcare, education, engineering and retail sectors.
Managers, consultants, engineers and other professionals find available positions in the public and private sectors. For example, Google Trends showed a jump in relative interest in the term “cybersecurity” starting in 2016 (source). The locations that were most interested in this search term were the District of Columbia, Maryland and Virginia.
Indeed found a 7.8% increase in job listings within the cybersecurity field from 2017 to 2018 after a 0.28% growth from 2016 to 2017 (source). These jobs included startups, nonprofits, government agencies and international organizations trying to protect against data incursions.
The growth in listings was met with a 1.3% decline in user clicks on listings due to vague job titles and poor promotion. In recent years, however, employers have gotten better at recruiting qualified cybersecurity professionals due to urgent needs.
What Are the Benefits of Working in Cybersecurity?
The aforementioned average salaries show careers in cybersecurity make education and professional development worthwhile.
The BLS estimated a 32% growth in available jobs for information security analysts from 2018 to 2028 (source). Analysts earned average salaries of $98,350 in 2018, but there is a high earnings ceiling for information security careers. Making a good living is not the only benefit of working in this field.
Low Supply Means High Demand
The 2019 (ISC)² report assessed 11 countries for cybersecurity workforces (source). The largest shares of employees were in the United States (804,700), Brazil (486,000) and Mexico (341,000). (ISC)² estimated, however, a global deficit of 4.07 million professionals well-versed in digital security.
The certifying organization found the largest deficit in the Asia and Pacific Islands region, which needs 2.6 million more professionals to meet demand. The North American market needs 561,000 additional experts, while South America has to add 600,000 to fulfill public and private sector demand.
(ISC)² concluded there needs to be a 145% overall growth in qualified professionals to achieve adequate global staffing in the field.
Cybersecurity Professionals' Global Appeal
Indeed dug deeper into the specific countries where demand is high for experts in testing, design and security procedures (source).
From 2017 to 2018, India experienced a 39% growth in available cybersecurity jobs due to the country’s economic growth. Ireland’s role as an intermediary for global corporations contributed to an 18% growth in posted jobs over the same period.
The constantly shifting global economy means there are plenty of Indias and Irelands on the horizon. (ISC)² recognized the limitations of its survey by noting that we only have clear data on cybersecurity for nations with fully developed infrastructures (source).
Enterprising security consultants and experts can sell their services to clients ranging from a state government in the United States to a growing telecommunications company in Africa.
Clear and Consistent Mission
Security consultant Candy Alexander told the BLS that a major attraction of her career to others is “the morality of the work” (source). Alexander referenced saving companies and governments money, manpower and social capital from damage done by cyber attacks.
Cybersecurity professionals know each day they are working to protect sensitive or confidential information from people with bad intentions. This mission crosses over career paths, employers and countries, providing consistency throughout a professional’s growth.
How Do You Prepare for a Cybersecurity Career?
(ISC)² pointed to the varied backgrounds of cybersecurity professionals in its 2019 report (source). Fifty-six percent of respondents planned to pursue cybersecurity careers as they started their education. This share leaves 44% of respondents who came across the field late in their schooling or during their previous careers.
(ISC)² also reported that 65% of surveyed professionals want to work in the field for the rest of their careers. To compete with the satisfied crowd of cybersecurity professionals, it is important to build skills through education and certifications.
Anticipating Career Growth With a Graduate Degree in Cybersecurity
The current trends in coding, software development and cybersecurity are online courses and boot camps that promise quick competency. These learning options often come with mixed results because employers are looking for earned expertise in complex skills.
A master’s degree from a highly ranked university demonstrates expertise in topics ranging from artificial intelligence to secure software design.
The educational and age demographics reported by (ISC)² show why this graduate degree is so important for future success. Survey participants were spread among those with doctorates (10%), master’s degrees (28%) and bachelor’s degrees (38%). It is important to note that 65% of respondents were 25 to 44 years old, showing relative youth in the workforce.
A master’s degree and experience in the field allows a candidate to stand apart from competitors.
Cybersecurity Certifications Boost Job Prospects
A graduate degree alone is a strong start to a career, but certifications also make a candidate more valuable to employers. Certifications allow professionals to specialize in areas that are particularly vital to their employers’ needs.
(ISC)² found professionals with industry certifications earned 22% more in North America, 31% more in South America and 70% more in Asia than their counterparts. The crowded market of certifications can bewilder newcomers to the field.
The EC-Council offers the Certified Ethical Hacker (CEH) certification for future “white hats” who find and repair system repair vulnerabilities before hackers invade. The Cisco Certified Network Associates (CCNA) certification demonstrates competencies in automation, network security and IP tools.
Students can look for an MS in cybersecurity program that partners with these certification agencies. Certification will be part of their training, saving them time and money on their overall education.
Who Should Become a Cybersecurity Professional?
IT, security and software development professionals shift easily into cybersecurity thanks to accumulated technical knowledge. But students without this background shouldn’t be put off. Plenty of graduate programs are designed for students looking for a career change. These cybersecurity programs provide all the training a student needs for a successful career in the field.
(ISC)² found 42% of cybersecurity leaders started their careers immediately after graduation. The remaining 58% started in other positions or career paths before jumping into the online security field.
Employers look beyond cybersecurity degrees and certifications when selecting staff members. Experts in the field are creative, persistent and strategic thinkers. These attributes can be developed outside of the field in positions from education to marketing.
Gender and Racial Diversity
Based on research published by the Society of Human Resources Management (SHRM), the cybersecurity field is overwhelmingly white and male. In 2017, only 11% of cybersecurity employees were women and 12% were racial minorities (source).
The SHRM publication argued for employers to look beyond job boards to find more diverse candidates in colleges and overlooked industries.
Security analysts and consultants just entering the field will one day become leaders. The dearth of diversity in entry-level and mid-level positions translates to senior roles.
A 2018 (ISC)² report found that 23% of minorities in cybersecurity held senior positions compared to 30% of white counterparts (source). This report also found that 62% of minorities in leadership jobs held master’s degrees, while 50% of white counterparts held the same degrees.
These facts should motivate women and minorities interested in digital security to pursue degrees that change the profession.
Why Choose St. Bonaventure for Your Cybersecurity Degree?
Prospective cybersecurity professionals have plenty of choices as they consider whether to enter this field. St. Bonaventure University stands apart from the field due to its history, national reputation and cutting-edge approach to technical education.
Students in St. Bonaventure’s Online MS in Cybersecurity can take advantage of the school’s partnerships with EC-Council and Cisco Academy to prepare for certification.
This cybersecurity master’s program also offers a 100% online format. There is no GRE or GMAT requirement for applicants, eliminating the need for a costly entrance exam. The degree also blends real-world learning with theoretical lessons in threat analysis, cryptography and other skills to help career changers transition into cybersecurity. A graduate certificate in cybersecurity offers an introductory track to give career changers from outside of IT a bridge to the master’s program.
A Long History of Educating Leaders
St. Bonaventure University was founded in 1858 as a Franciscan institution in western New York. The university maintains a close-knit community of students, alumni and faculty with fewer than 3,000 current students. Online programs like the MS in Cybersecurity translate this small-school environment around the globe with personalized attention for each student.
Graduates can tout their commitment to the school’s six core values. The values of contemplation, love, respect, joy, peace and compassionate service are inextricable from coursework, internships and other experiences.
In the cybersecurity world, university graduates who embrace these values along with creativity and good judgment can advance ethically in their careers.
The university receives high rankings in the annual U.S. News & World Report review of colleges (source):
- No. 19 in Regional Universities North
- No. 9 in Best Colleges for Veterans
- No. 3 in Best Value Schools for 2020
Niche’s 2020 college grades also show St. Bonaventure University to be a great starting point for in-demand careers (source). The overall grades included:
- A for Value
- A- for Diversity
- B for Academics
Niche also gave the following rankings to St. Bonaventure:
- No. 38 in Best Catholic Colleges in America
- No. 73 in Best Colleges with No Application Fee in America
- No. 134 in Best Small Colleges in America
Taking the Next Steps
Aspiring cybersecurity professionals looking to take the next step in their careers can learn more about St. Bonaventure University's online MS in cybersecurity program by clicking the link below.