There is a severe shortage of skilled cyber security professionals at a time when demand is booming.
In this digital era, when the use of Internet has become indispensable, the threat of losing important data or personal facts to the hackers keeps hovering over the leading organisations. Recently, Sony Entertainment was a victim of a similar incident that cost the company millions of dollars. The hackers had leaked personal information such as salary details, emails, residential addresses and personal contacts of top Sony executives and actors. It was claimed that the hackers had illegally taken 100 terabytes of data from Sony. The company incurred a loss of $200 million because of the cyber-attack.
Such threats or risks have escalated the demand of cyber security professionals, to protect critical infrastructure in an organisation. Mostly, organisations, small or big, lack awareness about data security risks and fall victims to malware and other electronic threats like viruses, bugs, etc. Recent cyber-attacks have indicated that the annual cost of global crimes is around $100 billion, and by 2017, it will escalate up to $120.1 billion. As per a survey conducted by KPMG, out of total cyber-crimes, 58 per cent take place in financial sectors, followed by 11 per cent in infrastructure and communication and entertainment sector. Cyber-attacks in pharmaceuticals (3 per cent), government (8 per cent), Industrial market (3 per cent) and companies in other fields (5 per cent), make up 19 per cent of the figure. Notably, almost 50 per cent of all companies experience cyber-crime at least once a year, if not more. The need to strengthen security measures is even more important as there is an acute shortage of skilled professionals in the field of cyber security.
Growing demand
Without skilled professionals, it is arduous to protect and manage data security. Today, cyber security professionals are the need of the hour. Moreover, there is a skill gap among many professionals who are in this field. According to a survey conducted by Information Systems Audit and Control Association’s (ISACA) global cyber-security status report and RSA Conference, it takes more than three months to recruit a skilled cyber-security professional in more than 50 per cent of organisations, and 10 per cent organisations are unable to fill this position at all. Therefore, this reflects a major concern — at a time when there is a tremendous increase in cyber-attacks globally, organisations are struggling to find skilled labour.
Shortage of skilled personnel is primarily due to the lack of appropriate academic programmes in the field of cyber-security. Courses are available, but the curriculum does not respond to the emerging trends and challenges. Besides, aspirants of the field must have general awareness about cyber threats and should be actively involved in cyber-communications to know the emerging challenges in the field.
Various courses
The courses in cyber-security are diverse in nature as they cover all aspects of cyber-security including network security, computer security and information security. The most prominent subject areas include risk management, intrusion detection, penetration testing, access control, digital forensics, encryption, security governance and network security/computer security. A programme that a student opts for must focus on the business context with industry interface and learning so that he or she is hands-on with the work environment. For admission to a cyber security programme, reputed institutions prefer students with an information technology course-related background.
The cyber-world, which covers various dynamics of technology, ranges from fields such as telecommunications to computer forensics and provides opportunities for students with varied interests. Options are available to choose from the best and most suitable courses. There is no denying that courses in this field are of great use to the students as the graduates learn not only about protection of vital information but also ethics of the field.
Professional certifications are needed for entry or promotion in the field. Many reputed academic institutions across the globe are offering competitive graduate courses in cyber security, certified or supported by renowned IT companies, with a curriculum heavily focused on experiential learning. Hence, an aspirant must be astute enough to look for the right course in the right institution.
Role and prospects
A cyber-security professional is responsible for safeguarding a corporation’s most priceless information assets. The foremost attribute that a cyber security professional must possess is ‘integrity,’ for any organisation of repute seeks professionals whom they can completely rely upon, for securing their database.
An aspirant can have a technical managerial role in IT firms because data breaches at large corporations have become very common. As a cyber-security analyst, he can help prevent attacks with his expertise and sound knowledge of networks, firewalls and encryption. Such professionals are typically accountable for identifying security weaknesses and devising solutions for security of hardware and software. Government and military organisations such as intelligence agency communications are always in need of skilled cyber-security professionals. There is a big demand for such professionals in E-Commerce technology firms too, which are frequently plagued by cyber-attacks, apart from demand in retail/wholesale and healthcare industries. Also, cyber-security professionals are known to be the most sought-after professionals in the technology sector, today.
The writer is Assistant Vice President, International Programmes, Missouri State University, U.S.
