Table of Contents
Introduction
If you were like me as a kid, then you dreamt of becoming a soldier: being the hero who protects a whole city from foreign attacks, identifies weaknesses in the city’s army and prevents foreign attacks.
As I grew older though, I realized being a soldier wasn’t so practical, it didn’t pay as beautifully as I liked, it exposed you to so much risk, and oh, there are not so many people out there trying to attack your city so it’s often not even challenging. What’s worse? It was hard to become one.
That was before I learnt of cybersecurity. With cybersecurity, I realized I could do everything a soldier does, earn well, get beautiful challenges, be protected form risks, and what’s most beautiful? It wasn’t all that hard to become one!
So what’s this soldier-like skill that ranks as one of the most in-demand and highest paying skills in 2020.
What Is Cybersecurity?
Destroying things has always been an easier way to assert power than building things, so it should be no surprise that these days Cyber attacks are more common and easier than ever; much easier than protecting your cyberspace.
A cyber attack aims at hacking into systems, sites, databases and networks with the aim of disabling the system and asking to be paid to make it work, or stealing sensitive data from the system and using the data for criminal purposes.
The job of cybersecurity experts therefore is to prevent cyber attacks and identify weaknesses and vulnerabilities that could be exploited by attackers; this sounds fun, but does the pay for cybersecurity experts sound just as fun?
Cybersecurity Experts Salary
A cyber attack launched with less than $50 could return over $10,000 according to Deloitte, a cyber risk service company, and donβt think too far, your company would be the party paying $10,000 as you would not want your site crashed and secrets leaked.
The pay for cyber-security professionals is humongous, but the pay when cyberattacks occur is even more humongous.
According to Glassdoor, a leading website for reviewing different organizations and employers, Payscale, a company that helps manage employee compensation, and the US Bureau of Labor Statistics (BLS) for accurate salary reports, cybersecurity experts earn an average of $100,000 per year and about $50 per hour.
Okay, the pay is good, but are jobs readily available?
Job Roles For Cybersecurity Experts
Preventing cyber attacks by hiring experts may be costly, as cyber security experts earn a lot, but it is nevertheless a win-win deal for both IT professionals and companies as the companies would have to pay far more if they were to be attacked, so almost every company with complex IT systems would need a cyber security specialist to manage their security.
Demand for Cyber Security engineers is projected to grow 12-percent between 2016 and 2026, which is a faster rate than that of the average for all other occupations, according to this job outlook report. The demand for Cyber Security engineers will continue to grow as businesses, governments, and other organizations rely more on digital platforms.
A couple of years back, there was a Forbes article title Cyber Security, βthe fast-growing job with a huge skill gap.β The article cites an ISACA report that predicted a world shortage of two million Cyber Security professionals by 2019. And by 2019, the situation hsd only gotten direr. In the US alone, 40,000 Cyber Security analyst positions went unfilled.
How To Get Into Cybersecurity
Cybersecurity experts deal with the protection of, and have access to the most sensitive data in an organization. Because of this, companies find it hard to trust just anyone with cybersecurity roles.
Oftentimes, most companies love that the cybersecurity expert they hire have: Degree in Computer Science, IT, Systems Engineering, or a similar field.
Two years of work experience in Cyber Security related duties such as incident detection and response, and forensics.
Experience with the functionality, operation, and maintenance of firewalls and various forms of endpoint security
Proficiency in languages/tools such as C++, Java, Node, Python, Ruby, Go, or Power Shell.
Of all these, the hardest is to get a related degree, but there is a faster, cheaper and easier method: the certification method.
Cybersecurity Certification
Even with a degree in computer science, most companies require that you get a certification specifically in the cybersecurity field.
But without a degree in a related field at all, you could go straight for some of the globally recognized certification in the IT world.
CompTIA Certifications
CompTIA certifications have been around since 1993 and are arguably the oldest IT certification vendors; but don’t let the word ‘old’ deceive you! CompTIA upgrades each of their tests periodically to fit the current demands of the IT world and meet the industry standard.
CompTIA certifications hold ISO/ANSI accreditation status, which means they meet or exceed the global benchmarks set forth by ISO β the worldwide organization that sets the standard for certifications, processes and products β and ANSI β the U.S. representative to ISO.
Some of the advantages of going the certification route is that if you go for a globally recognized certification like CompTIA’s, there is no employer that would look down on you.
Second is that without much prior experience, having a certification like CompTIA’s cybersecurity certifications that tests hands-on skills could be used to appeal to an employer.
Also, cybersecurity Certifications like CompTIA’s are cheaper to attain, with most being offered for less than $400, and they offer a high level of flexibility which makes it easy for one to combine with other things and have control over his time.
They also offer you clear examination objectives tailored to the demands and trends in the IT world, and this gives you a good sense of direction when preparing for the certification so you do not study haphazardly, but end up with industry-standard knowledge by the time you’re done.
CompTIA also has a community for CompTIA certification holders have formed a strong community you can learn from, interact with, ask for support from and give back to.
You have a community of like-minded people; people who have gotten the certifications you are working towards and can guide you towards making the best use of it when you get it and also the best way to get it.
Certification Roadmap
The starting point for cybersecutiy enthusiasts is the CompTIA Security+ certification. It establishes the foundational knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. With performance-based questions, it emphasizes the hands-on practical skills used by junior IT auditors, systems administrators, network administrators and security administrators.
If you have no prior experience in the It world, it is advisable to start with CompTIA A+ before Security+.
After earning CompTIA Security+, cybersecurity professionals can take the next step by pursuing an intermediate skills-level cybersecurity certification, such as CompTIA Cybersecurity Analyst (CySA+) or CompTIA PenTest+.
The CompTIA Cybersecurity Analyst certification assesses the skills needed to apply behavioral analytics to networks to improve the overall state of IT security. The certification covers tools such as packet sniffers, intrusion detection systems (IDS) and security information and event management (SIEM) systems.
As new methods in threat intelligence emerge, the security analyst job role has gained more importance, making these skills essential for most organizations.
CompTIA CySA+ covers the skills needed by cybersecurity analysts, application security analysts, intelligence analysts and more.
If you want to go into a proffesional level, you can then pursue CompTIA Advanced Security Practitioner (CASP+) to prove their mastery of cybersecurity skills required at the 5- to 10-year experience level. CASP+ is the pinnacle of cybersecurity certifications and includes performance-based questions.
It is intended for those who wish to remain immersed in hands-on enterprise security, incident response and architecture, for example, as opposed to strictly managing cybersecurity policy and frameworks.
