According to the ISACA (Information Systems Audit and Control Association, the nonprofit that administers CISM and CISA certifications), there will be a global shortage of 2 million cybersecurity professionals by 2019.
Here are a few other interesting facts about cybersecurity jobs from ISACA's report: More than half of all organizations looking for qualified cybersecurity candidates find it takes more than six months to locate the right professional. Additionally, the growth rate in cybersecurity positions is expected to be triple that of traditional IT jobs.
Not a week goes by that we don't hear about new, devastating breaches. These are originating from many sources, including organized crime and nation-states. Given the enormous damage these attacks cause, the need for professionals to provide an ongoing defense is critical for both commercial organizations and government agencies like the NSA.
If you're interested in career growth in IT, you might want to consider a focus on your cybersecurity skill set and credentials. Because cybersecurity is becoming so important, there are a great many job categories in the field, ranging from managerial to analytical, from development to network operations, and from hardware and software design to deep mathematics and signal analysis. There's even a need for helpdesk and customer support skills.
All that goes to the idea that even now, you may have the qualifications to move into some aspect of cybersecurity, even if you're not on the front lines. That said, here are some of the steps you can take to make yourself more attractive to potential employers looking for cybersecurity professionals.
Read voraciously: Here at ZDNet and TechRepublic, we report on new cyberattacks nearly every day. It's important for you to keep up with the news of these attacks, what impact they have on victims, the weaknesses and vulnerabilities they exploit, and more. Be sure to study up on the various vulnerability reports; there is an enormous amount of free information available about cyberthreats. Be sure to allocate time and read as much as you can.
Gain practical experience: Nearly every organization is going to experience a breach or a cyberattack. Even if you're not on the "official" security team in your organization, do your best to be involved and learn from your peers. The more experience you have dealing with threats, the more you'll understand, and the better case you'll be able to make for moving into this growing field.
Grow your analytics and data science skill set: Even if you're not working in cybersecurity directly, the more familiarity you have with analytics and data science, the more you'll be able to understand how to process huge amounts of information. Look for projects within your organization where you'll be able to get some experience in these key areas.
Look for related jobs: If you don't qualify immediately for a classic cybersecurity job, consider moving into a tangential field. A helpdesk position, for example, will help you understand what users are going through and how to mitigate the damage that may have resulted from an attack.
Education and certifications: Building up your resume with respected cybersecurity certifications will help you stand out. But be careful. There are a lot of colleges, universities, boot camps, and private companies promising substantial career gains if only you spend tens of thousands of dollars on their educational programs. Look for certifications that are affordable and practical for your goals.
Here's the bottom line about transitioning from traditional IT to cybersecurity: If you have solid experience, you may be ready to apply for some cybersecurity jobs right away. Developing a practice of constant and voracious learning through formal training and informal sources will help you prepare for an exciting future in cybersecurity, too. And while you might not appreciate it while you're under an actual attack, there's no substitute for hands-on, in-the-trenches, real-world experience. Use that experience as a stepping stone and a learning opportunity.
With the constantly changing threat landscape, everyone depends on secure computer networks. If you move into this field, you'll not only be improving your own life circumstances, you'll be protecting your family, friends, organization, and country. That's something to be very proud of.