With the UK facing an ever-increasing number of sophisticated cyber threats, cyber security training plays a key role in equipping newcomers with the skills and understanding required to tackle these risks
Salaries across the sector are rising and by 2022 there will be around 100,000 unfilled cyber security jobs in the UK alone. There's never been a better time to choose cyber security as a career path - whether you're technical or not.
IT support provider Probrand have offered some key advice and information on how to get into cyber security. Discover what skills, experience and qualifications you'll need to work in cyber security, a cutting-edge industry that's crying out for skilled professionals.
Graduate entry into cyber security
Because of the relatively young age of cyber security as a profession, career paths are not always clear. However, Probrand's marketing director Matt Royle reveals that 'creative, technical and business brains are desperately needed across the digital industry'.
Graduates typically have two primary routes into cyber security. 'You can either start in a junior role to build hands-on experience, or develop your technical skills through education', explains Matt. 'At Probrand, we look for individuals who use their initiative as well as an entrepreneurial spirit, leaving them hungry for success - whether you're a student, recent graduate or a working professional.'
By embarking on a junior role after graduation, you'll get the opportunity to build your cyber expertise. This will be great for your professional development - you'll get to see how a real business works and where you can fit into it.
That's not to say undertaking a cyber security Masters degree would have a negative impact on your career journey, as Matt describes how employers expect a balance between practical skills and qualifications.
A Masters would give you greater awareness of the cyber security landscape. This would be ideal if you're unsure what you'd like to specialise in, or if you're interested in developing a broader depth of knowledge. Search for Masters degrees in cyber security.
It's worth noting that a computer science degree isn't essential for a job in cyber security. Non-technical professionals often have a range of transferable skills that are also required for cyber security, especially in the realms of management and training.
Take a look at the list of certified undergraduate and Masters degree programmes at the National Cyber Security Centre (NCSC), part of the Government Communications Headquarters (GCHQ).
Read more about your postgraduate study options at IT courses.
Cyber security apprenticeships
Another great option for graduates aiming to break into the industry is to consider a cyber security apprenticeship - an ideal mix of on and off-the-job learning, resulting in a qualification and masses of industry experience.
'Since modern apprenticeships were launched, we've seen a steady increase in businesses adopting the model to bridge the skills gap and nurture and train young people,' says Matt. 'This system has worked well across the board, but especially in the technology sector where it's well documented that a lack of skills is hampering innovation.'
While on a cyber security apprenticeship you'll receive training and certification from industry leading vendors, like Microsoft and (ISC)2. Training is provided through government-approved training providers.
You're eligible to apply for a cyber security apprenticeship if you don't already hold a qualification in a technical field at a higher level, such as a computer science degree.
For details on the types of cyber security apprenticeship roles currently available, visit the Institute for Apprenticeships and Technical Education. There's also CyberFirst, a government education programme for 11 to 19-year-olds run by the NCSC.
Cyber security career paths
Graduates can enter into junior-level security roles after university, while existing IT professionals can enter from IT support, networking or telecoms positions.
Cyber security is broad and provides opportunities for professionals with varying backgrounds, but there are some common career paths, which Probrand have outlined:
- Network security - for IT to work, data must flow smoothly and securely. Networking and security are tightly bound together in modern IT ecosystems. Discover more about the role of a network engineer.
- Security management - security managers oversee the security strategies across an entire business, including risk management, data privacy and firewalls. By understanding the client and identifying where their vulnerabilities are, whether that's human or technology, you'll help build, update and deploy the client's IT security strategy to ensure business-critical data is protected.
- Penetration tester - their aim is to find vulnerabilities in a client's security system before an attacker can exploit them.
Certifications for a career in cyber security
A degree can get your foot-in-the-door, but to progress your career and remain up-to-date with the latest technologies, certifications are key - especially within the IT and cyber security industries.
Certifications are great tools for cyber security career progression and don't just build technical skills. These qualifications also teach you the value of your own expertise and build communication skills - crucial if you consider moving from a technical to a managerial role.
There are a number of well-regarded certifications that you should be aiming for as a cyber-security professional:
- Certified Ethical Hacker (CEH) - the CEH is a popular entry-level cyber security certification that introduces you to the hacking tools and techniques used by real cyber criminals. By familiarising yourself with how hackers think, you'll be better at fixing vulnerabilities and flaws you might otherwise miss.
- Certified Information Security Manager (CISM) - there's growing recognition for the CISM, offered by ISACA. As the name suggests, the qualification is designed for security managers. It's an expert-level certification that proves skills in risk management and enterprise security systems.
- Certified Information Systems Security Professional (CISSP) - the CISSP is among the most sought-after certifications in security. Achieving the CISSP certification is a career highlight and is aimed at the top-tier of cyber security professionals.
To even sit the exam, you'll need five years of cyber security work experience. Graduates that begin their career directly after university will be able to achieve this certification sooner.
When progressing your cyber security career, consider additional background qualifications you could earn to broaden your skillset:
- Security+ - to build security basics.
- Certified Network Defender - to learn about network security.
- CCSP - to build expert cloud security knowledge.
- CRISC - for risk management professionals.
The value of people skills
People skills and the ability to communicate are key within cyber security. Even if you're the smartest person in the room, you're at a disadvantage if you can't explain the importance of the flaw you've just uncovered.
Knowledge of the commercial aspects of the job and of the wider picture outside of IT is also advantageous. These skills can be taught through certifications, like the CISM, which also teaches the language of business.