What technical and soft skills do cybersecurity professionals need right now? How can you develop and learn the relevant skills to boost your employability? How can you future-proof your career?
I recently spoke to some of our cybersecurity recruitment experts from around the world to find out the answers to these questions, and many more.
What has driven the huge increase in demand for cybersecurity professionals?
James Walsh, cybersecurity business director of Hays UK and Ireland said there are a multitude of factors as to why the demand has increased.
“For example, the rise in digitalisation among organisations, and the ever-increasing security threat. This threat was already growing pre-pandemic but is now an even greater risk due to widespread remote working,” he said.
“I think the key driver of this increase in demand is the rise in cyber criminality. Other avenues of criminal activity have dropped, with Covid-19 restrictions forcing people to stay at home. And as a result, the adoption of cyber criminality and its usage has increased exponentially. Therefore, security professionals are hugely in demand right now.”
Robert Beckley, Hays Technology regional director for Australia and New Zealand agreed, saying it has been the perfect storm.
“Cyberattacks are increasing in number and sophistication every year. The potential damage to businesses has grown, along with the size of fines for non-compliance in many sectors. And then you add the impact of Covid-19 to the mix! As businesses were forced to work remotely and shift business models online, cybercriminals sought to make the most of the crisis.”
Meanwhile in mainland China, regional director for Hays Shanghai and Suzhou, Edmond Pang, said the increase in demand has also been driven by the government stepping up on personal data protection over the last two years.
“Companies have been increasing their cyber security capabilities to meet these regulations – hence driving more demand for those professionals,” he said.
What are the most in-demand jobs and skills in cybersecurity right now?
According to Pang, cybersecurity roles in the areas of governance, risk and compliance as well as security operations roles are in high demand in Asia.
“However, with the constant emerging technologies, there has been an increase in security engineers to cover cloud security, application security, security architecture, and threat intelligence,” he said.
“We have seen a big increase in staff and customer identity specialist jobs to meet this demand. As organisations also look to diversify their cloud portfolios, we have seen an ongoing demand for cloud security engineers with Azure and GCP experience.”
On the other hand, what technical skills are needed to work in cybersecurity?
Duran said a foundational level of IT experience and knowledge is always going to required in cybersecurity.
“If you’re working on the technical side (such as in engineering, security operations, identity and access management, or security architecture), you need to know about network and servers. With the digitalisation push, you need a good understanding of web and business applications too – as these are the types of things you’re protecting,” he said.
“If you work on the functional side of the business (such as compliance, risk and governance), you need a foundational knowledge of various levels of compliance, frameworks, and controls.”
How can cybersecurity professionals future-proof their careers?
Pang said professionals should continue to learn about upcoming technologies, trends, products and tools. “You need to know what is available out there you can utilise and implement to protect against threats, as well as what is available out there for hackers to attack, so you can do as much preparation to prevent attacks.”
Walsh agreed that continuous upskilling is essential. “Look out for which tool or technique is most popular right now – or being tweeted about the most,” he said. “Learn all about them/how to use them. There are all kinds of sources for finding this information, whether that’s Twitter, events and meet-ups, news from associations like OWASP, and advisory boards.”