October is National Cybersecurity Awareness Month, and this year's theme is "Our Shared Responsibility".
Although it's true everyone has a role in keeping the online realm as safe as possible, the results of a recent study from the University of Phoenix show the majority of adults in the United States wouldn't think of doing that within the scope of a profession.
More specifically, the recently released study, which polled 2,000 American adults, found 80 percent of them had never considered cybersecurity careers. Forty-three percent said they had no interest in the field, and 24 percent of people did not think they had the skills required to enter the cybersecurity field.
Why do these numbers matter? Well, as the world continued to rely on the cloud, AI, digital communication and other kinds of digital technologies, the need for an increased workforce and further developed skills for cybersecurity professionals is only going to become more pronounced.
We don’t necessarily have time to wait for young people getting cybersecurity training and degrees to step up to the plate. Rather, current, experienced professionals need to begin to understand the value of a cybersecurity career, as well as the fact that – in many cases – they already have some of the skills necessary to advance in the profession.
To learn more about the cybersecurity career gap and what can be done about it, just keep reading.
What the Findings Reveal
The University of Phoenix survey asked people about the information they considered essential about cybersecurity to aid in the decision-making process of choosing a career. This part of the survey applied to individuals regardless of whether they had ever thought of cybersecurity as a potential line of work.
The results indicated 50 percent would need information about the types of skills necessary for such careers. Then, 43 percent required information about how to get started, followed closely by the 41 percent of people who mentioned needing information about what cybersecurity professionals do in their work. Additionally, 37 percent said they'd want to know about the variety in careers.
The last kind of information could potentially inspire people to pursue cybersecurity in innovative ways, such as by being involved in making voice-based security for wearable devices. Without details to tell them otherwise, individuals might assume cybersecurity professionals only do a few specific things, whereas the reality is that the possibilities are diverse, especially due to emerging technologies and gadgets.
Women are particularly underrepresented in computing, only fulfilling 26 percent of all computer-related jobs in the United States. And the lack of women in the sector is particularly noticeable in cybersecurity. The University of Phoenix statistics showed 9 out of 10 women surveyed hadn't thought about entering the cybersecurity workforce, but 44 percent had experienced breaches.
Among women, the most important thing they needed to know before considering a career in cybersecurity was the necessary education, with 54 percent citing that as valuable information.
A Lack of Awareness
Part of the study involved asking the participants if they had ever heard of 11 roles within the cybersecurity sector. The results of that segment showed 20 percent had no familiarity with the jobs. And only one in 10 considered themselves very familiar with the jobs on the list, which included penetration tester, security auditor and security software developer.
So, perhaps some people don't feel compelled to enter the cybersecurity workforce or believe they are unqualified for it because they are unaware of the job possibilities that exist. Those perceived obstacles may become so pervasive that individuals never take it upon themselves to explore the possibilities further and find out if their beliefs are well-founded.
Professionals Have Unknown Skills That Could Get Them A New Career
It's worth remembering here that 24 percent of people in the University of Phoenix study who said they hadn't considered cybersecurity careers believed they didn't have the necessary skills for the jobs. However, the findings indicate otherwise.
Overall, more than a quarter of the people in the study already possessed skills useful for such roles. Specifically, 35 percent had expertise in software development, while 33 had programming abilities.
These finding reveal that there are qualified professionals available to fill the cybersecurity skills gaps facing most businesses; they just aren’t aware of this option.
Organizations Are Not Sufficiently Equipped Against Threats
Why does all this matter?
As cybersecurity attacks seem to be getting worse (illustrated by the countless headlines we see on numerous data breaches and cyber threats) and as there is currently a cybersecurity skills gap across most industries and organizations (as indicated by the University of Phoenix study), businesses and consumers alike are left vulnerable to potential threats.
An unrelated poll of IT professionals even found a growing percentage of them believed organizations couldn't defend against significant breaches. Three years ago, 9 percent agreed with that statement, but according to statistics published in May 2018, that number had risen to 18 percent.
Adding to this is a recent White House report that found cyber-attacks cost the United States as much as $109 billion in 2016, and predicted the expenses could grow due to coordinated attacks on public and private entities. It clarified that countries including China and Russia specifically attack nations for purposes of "industrial espionage," and noted that when attackers seek to disable infrastructures, the resultant issues impact the broader economy.
How Can Companies and Educators Respond?
These statistics show a perceived lack of accessibility is a pressing factor that makes people think cybersecurity careers won't suit them. Firstly, many incorrectly believe they lack the required skills. Then, the survey respondents point out they'd need precise information before further evaluating cybersecurity career options.
The companies hiring cybersecurity professionals and the representatives from training programs that equip those individuals for future work must strive to convey that people may be more adept at cybersecurity work than they think.
Even if they don't have any of the necessary skills yet, it's worth learning them since data from 2018 indicates many cybersecurity professionals earn more than $100,000. Then, beyond the income opportunities, the online landscape shows a present and increasing need for well-trained individuals, so these roles will be in demand for years to come.
Cybersecurity recruiters associated with companies or training schools could consider concentrated efforts to reach out to people by showing them reasons to at least feel curious about the line of work. It's also crucial that people become aware of how to find out more information. If cybersecurity professionals have a continual presence at job and educational fairs, that's a good start.
Other means of educating company leaders and board members about the need for better cybersecurity could also help encourage more cybersecurity hiring positions and opportunities. Some steps have already been taken by professional watchdog entities to encourage this: In June, the Center for Audit Quality (CAQ) released a new resource for boards to use in their management of data and cybersecurity risks.
By encouraging the development and use of such materials for corporate decision-makers, organizations can ensure that they encourage a top-down approach to cybersecurity. This, in turn, can lead to a better understanding of what security-related positions the company needs to fill and the skills gaps that need to be closed.
Moreover, companies could offer continuing education opportunities to people who already have IT knowledge and want to focus on cybersecurity.
A Multidimensional Effort
There is no single solution for tackling the cybersecurity skills shortage and making people more aware of the field for career opportunities. However, dedicated efforts to address the problem could provide substantial payoffs.
Editor’s note: If this blog has you considering a career in cybersecurity, check out GlobalSign’s careers page. We’re hiring for a variety of positions!
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.