Is a Cyber Security Career In Your Future?

The world’s increasingly virtual presence is as exciting as it is worrisome. Companies and governments alike fear cyberattacks, and they are in need of skilled professionals who can protect and appropriately react to these attacks. Cybersecurity is a growing industry—college students around the world are gearing up to hit the ground running.

These developments come as no surprise as the cybersecurity market has been estimated to increase in value from $106B in 2015 to an expected value of $170B by 2020. That’s a Compound Annual Growth Rate (CAGR) of 9.8% according to a report by Markets and Markets.

As the cyber security market grows, the demand for jobs overwhelmingly outnumbers the supply of skilled workers for these positions. The demand for jobs is predicted to be at six million globally by 2019 says Michael Brown, CEO at Symantec.

A growing job market allows for a certain security career that many are flocking toward. Universities all over the world are offering Computer Science courses specializing in cyber security all the way from undergraduate to PhD. This does not even include the various commercial certifications that can be earned in this field.

In my personal experience on the advisory board of California State University, Fullerton (CSUF) and CyberWatch West (CWW), I’ve been lucky enough to work with faculty who help build the number of experienced professionals needed to take on this new frontier of cyber security. While academically challenged, both CSUF and CWW are working with industry specialists to see how students could benefit from the lessons learned outside the classroom.

CWW, a National Science Foundation supported program, focuses on giving state college students a fantastic cyber security education. I highly recommend that students take charge of their education and go after the experiences needed to give themselves the easiest entry into the cyber security industry. CWW wants their students to have more hands-on experience, which exceeds any course curriculum. Offering courses, competitions and access to industry leaders, CWW provides many great resources to those looking to enter the cyber security world.

According to the U.S. Department of Homeland Security website on cyber careers and studies, “Cyber competitions are interactive, scenario-based events or exercises that help students develop and increase cyber security skills outside the traditional academic environment.” I recommend getting involved in competitions, such as the Capture the Flag (CTF) events, either at a conference or through your college.

When hosting CTF events, CWW works with universities to compete in the National Collegiate Cyber Defense Competition (NCCDC). This year's western regional winners were Cal Poly Pomona, which went on to compete in the national competition. These competitions are great ways to expand and apply what you know—in a fun way.

NCCDC is just one of the competitions open to students. Other competitions allow a range of ages to compete, meaning you don't have to wait until college to get involved. Here are a few other CTF events with URLs for more information:

National Collegiate Cyber Defense Competition (National CCDC)

Air Force Association’s CyberPatriot Program (AFA CyberPatriot)

US Cyber Challenge (USCC)

National Cyber League (NCL)

Internships are vital in securing a job by the end of graduation. I have personally seen a Masters grad get a fantastic job straight out of college that they wouldn’t have been shortlisted for if it weren’t for their three great internships.

If you are interested in going into the Penetration Testing world, another great way to generate experience for your resume is bug bounty awards. Many companies run bug bounty programs and reward those who find and properly report bugs. This is something that an experienced person wouldn’t add to a resume. However, for a recent graduate, this can demonstrate a level of skill and expertise that surpasses their limited experience on a resume.

While being good at what you do is a significant part of the job, so too is your ability to work well with other people. As a member of the cyber security industry, I find that attending and volunteering at local meet-ups and association meetings is an invaluable use of my time.

This is where we learn from others within the industry as well as where Tiro Security often recruits professionals for prominent jobs within the industry. These meet-ups are great not only for networking, but also for learning through the various talks given and the study groups that are formed as a result of the meet-ups.

Below are links to all of the most well-known groups that should help you find local chapters:

Open Web Application Security Project (OWASP)

Cloud Security Alliance (CSA)

Information Systems Security Alliance (ISSA)

Information Systems Audit and Control Association (ISACA)

International Information System Security Certification Consortium, Inc. (ISC2)

While I find this advice to be useful to students looking to get into the cyber security industry, I also feel this advice is applicable to those looking to make the switch to the security industry from another industry. “Get involved” is the best advice I can give for someone wanting to enter the world of cyber security.   

I hope this blog has been helpful, and I hope to meet those local to Los Angeles at a cyber security meet-up in the near future. I am sure there is plenty to add to this blog, so feel free to put more advice in the comments section.


Kris Rides

Kris Rides is CEO and Co-Founder of Tiro Security, a Cyber Security Professional Services and Recruitment company based in Los Angeles and London.  He is a trained social engineering penetration tester,  founding Board Member of the Los Angeles Cloud Security Alliance Chapter and serves as an Advisory Board Member for California State University, Fullerton’s Cyber Security Program as well as for CyberWatch West (CWW). 

More about Kris