The massive SolarWinds breach drove home the point that the cybersecurity threat only gets worse with time, the stakes higher – and the tools more sophisticated. With the cost of cybercrime estimated to reach $6 trillion globally in 2021, there is a staggering demand for skilled cybersecurity professionals to combat these threats and manage cyber defenses. The New York Times reports there will be 3.5 million open cybersecurity jobs across the globe in 2021.
There is already a 0% unemployment rate in the security field. That rate has stayed consistent since 2011 and shows no sign of changing. So anyone with experience or education in cybersecurity should have no problem finding a job.
In this outlook on cybersecurity employment in 2021, we’ll cover the current state of employment, what positions and skills are in the highest demand, concerns over how prepared employees are to face the newest generation of malicious actors, and how cybersecurity professionals can increase their value. For a look at how our predictions compare from last year, check out our previous employment outlook article.
The cybersecurity skills gap
While this huge opportunity for cybersecurity pros may look like a positive at first glance, it also indicates a big problem. There simply are not enough trained professionals with the required skills to fill all the necessary positions, especially considering that virtually all IT jobs require some level of security knowledge. This issue is only exacerbated as new risks emerge, such as Advanced Persistent Threats (APT) and quantum computing.
That skills gap means real stress on current cybersecurity employees; 78% in a recent Devo-Ponemon report said working in a security operations center (SOC) is “very painful.”
74% of companies already report the skills gap is impacting their ability to secure sensitive information, leading to data breaches and issues with regulatory compliance. 58% of CISOs report they’re concerned that the cybersecurity skills gap will only continue to worsen in 2021.
But the need to fill these roles is so vital that many companies are willing to hire employees with liberal arts degrees or no degree at all, as long as they have some experience or hold certain certifications.
Certifications to reduce the skills gap
Certifications now play a large role in determining what positions people are capable of filling. According to Burning Glass, around 59% of all cybersecurity positions request at least one certification. These are not only a good way to boost compensation but also offer a great entry point for entering the security field for those looking for entry-level positions. Two of the most important to be aware of are CISSP (Certified Information Systems Security Professional) and CompTIA Security+.
CISSP is one of the most valuable certifications for those who already have at least 5 years of experience in the security field. Earning this certification consists of passing a rigorous exam that validates one’s ability to develop, implement and manage advanced cybersecurity programs. For those looking to make forward movement quickly, CISSP should be on their list of certifications to secure.
The CompTIA Security+ certification is a valuable step to take for those seeking entry-level positions to shine amongst the competition. This certification was made to validate that the holder possesses the baseline skills necessary to carry out core security functions. The exam for CompTIA Security+ tests the individual’s ability to identify and respond to potential threats. It should be the first certification that cybersecurity professionals pursue.
Check out our article on the best cybersecurity certifications for 2021 to see what others can help security professionals prove their skills.
Cybersecurity job opportunities
The variety of different security positions is vast but the following positions are likely to be the highest in demand and most vital to success. As a result, compensation will be high.
C-level cybersecurity positions
It’s virtually guaranteed that all companies either have been or will be hacked. Understandably, this has terrified many organizations. They’ve come to realize that to thwart cybersecurity threats, they need to bring on highly-skilled and experienced professionals. And the most skilled and experienced will be those seeking high ranking, C-level positions.
CISOs (Chief Information Security Officers) in particular are in incredibly high demand. Whether they’re looking to expand their security leadership or replace existing executives with new talent, 100% of Fortune 500 and Global 2000 companies will have open C-level security positions in 2021.
Information security analysts
Modern organizations base the vast majority of their business decisions on data, and cybersecurity is certainly no exception. Information security analysts use data to determine what are the most serious threats facing an organization and guide where they should be implementing their security resources.
Demand for information security analysts is expected to grow at a rate of 32 percent through 2028. This rate is higher than all other occupations, even outside of the security field.
Cybersecurity project managers
After security analysts determine the approach an organization should take to combat threats, cybersecurity project managers need to ensure the implementation of these measures is carried out properly. Given how complicated security measures may be, especially at the enterprise level, they could be managing large teams of employees with a substantial budget.
To ensure everything runs efficiently, companies need skilled project managers. Reader’s Digest listed this role in their 21 most in-demand positions for this year.
As with the different types of positions available in this field, the varying desired skills are seemingly endless. But for the coming years, cloud security and DevOps (development and operations) skills will reign supreme.
An increasing number of organizations are embracing a cloud infrastructure and that rate won’t slow down anytime soon. But cloud technologies raise an entirely new set of potential risks. This makes cloud security the most lucrative skill to have right now.
Currently, jobs that require cloud security skills stay open for an average of 79 days. That is longer than virtually all IT job openings. Existing professionals with cloud security skills can expect an increase in compensation of up to $15,025 in 2021.
Second only to cloud security is DevOps and security application development skills. As new threats evolve, the software and tools used to combat them must follow suit.
Skilled developers are necessary to create solutions that can detect new threats, automate tasks and offer valuable information for remediation. Professionals with DevOps and application security skills could see an increase in compensation of $12,266 in 2021.
Other in-demand skills
Cloud security and DevOps skills will be in the highest demand but there is no shortage of other valuable skills that will see huge opportunities for employment. According to Burning Glass Technologies, these are other skills that will be in-demand:
- Risk management
- Threat intelligence
- Incident response
- Compliance and controls
- Data privacy and security
- Access management
- Security strategy and governance
- Health information security
No industry is safe from security threats. But some industries, namely the financial and health industries, are at much higher risk for a few key reasons, which means they will be looking to fill many cybersecurity positions. Two of the most important being the storage of personally identifiable information (PII) and regulatory compliance:
- PII: both industries are at huge risk as they store their customer’s PII, which can be used to compromise bank accounts and other finances. A data breach on a mass scale could compromise tens of thousands of individuals’ information, leading to identity theft and financial implications.
- Regulatory compliance: these industries must abide by strict regulations that deal with security. Some of the main regulations include HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation) and PCI-DSS (The Payment Card Industry Data Security Standard).
Positions by geographical location
Cybersecurity professionals from all around the world will have employment opportunities available to them, especially with the boom in remote work this year. But there are certain geographical locations that will see the highest demand for these positions.
The Asia-Pacific region is experiencing a huge surge in demand with over 2 million open security positions. Across Europe, there are currently around 400,000 positions available. In total, the U.S. has 314,000 open positions, with the majority of them centered in five states: Virginia, Texas, Colorado, New York and North Carolina.