Our industry has experienced many waves of change which brought opportunity to those who observed them and prepared. Examples of these surges of demand date from the early days of COBOL, to the growth and death of the mainframe, to local area networks and client-server systems, to the Internet, to the Cloud, and now, in my opinion, CYBERSECURITY.
Not all of these waves have been due to advancing technology. The Y2K wave occurred when the advancement of the calendar ran into a system design that wasn’t thinking far enough ahead however, it did resurrect the careers of thousands of legacy system coders.
The technical professionals who most benefited from these surges of demand were those who were prepared early in the process and ready to undertake the task and reap the rewards of the shortage of skill sets.
All indications are that the risks of hacking and malware, at all levels of industry, are going to continue to increase dramatically in the near future. In 2015 an estimate of close to $70 billion was spent on IT security. This number is expected to at least double in the next four years. Part of the reason for this explosion is the increased awareness of high-profile hacking and data leak incidents hitting the news almost daily.
The bulk of that increased expenditure is going to the skilled people needed to prevent, respond to, and investigate cybersecurity intrusions and those people are going to require unique skill sets and certifications.
There are many certifications within the cybersecurity industry. By far the most popular industry certification is the CISSP: Certified Information Systems Security Professional. This credential is specifically focused on security policy and management.
The CISA: Certified Information Systems Auditor is aimed at those involved in assessment, auditing, and monitoring business systems.
The CEH: Certified Ethical Hacker is a certification of those involved in penetration testers and “white hat” hackers.
A similar certification is the OSCP: Offensive Security Certified Professional for penetration testers.
The CISM; Certified Information Security Manager certification is aimed at those involved in management of the IT process.
Those involved in detecting and investigating and resolving penetration incidents should seek the GCIH; Certified Incident Handler certification.
In my opinion, the next cybersecurity wave, a big one, is fast approaching and those who can prepare will gain the most as it crests.
For those interested in more specific information on cybersecurity professional demand and the economics therein, Burning Glass has provided a wealth of information at: http://burning-glass.com/wp-content/uploads/Cybersecurity_Jobs_Report_2015.pdf