Facial recognition. Two factor authentication. Encrypted passwords. Everywhere you look, cybersecurity is at work protecting our information, money and work. But as our digital capabilities grow, so do the opportunities for exploitation and criminal monetization.
According to Security Magazine, there are over 2,200 cyber attacks every day—approximately one attack every 39 seconds.1 The average global cost of a data breach has increased to $4.35 million in 2022, up from $4.24 million in 2021. In the United States, a popular target for cyber criminals, that cost is now up to $9.4 million.2
To combat this, cybersecurity investment and employment is increasing exponentially as well. The fabrics of our lives rely on the systems, software and policies that cybersecurity professionals put into place, and companies are keenly interested in hiring individuals with their skill set—and hiring them fast. Cybersecurity spending is projected to reach over $188 billion in 2023, with almost 3.5 million open cybersecurity jobs along with it in 2025.3,4 Employment of information security analysts alone is projected to grow 35 percent from 2021 to 2031, which is four times faster than the average for all occupations.5
From the first cybersecurity program to the top ten cybersecurity careers today, let’s take a closer look at this dynamic field.
Evolution of Cybersecurity Jobs
After the invention of the first programmable computer in 1938 and the Internet in 1983, it didn’t take long for their vulnerabilities and potential dangers to be exposed.6,7 While working on the earliest computer network, ARPANET, developer Bob Thomas wrote a program called Creeper that entered PCs and displayed the message “I’m the creeper; catch me if you can.” Although the exercise was purely experimental, it led Ray Timlinson (a fellow ARPANET researcher) to create the program Reaper in response, with the sole purpose to find and delete the Creeper worm.7
Reaper is widely considered the first cybersecurity program and set the precedent for responses to unauthorized computer access. In the 80s and 90s, the first malware and distributed denial-of-service (DDoS) attacks began in earnest, and network carriers scrambled to train existing staff and recruit as many professionals as possible.8 The small number of network security professionals struggled to keep up with the unexpected surge in criminal cyber activity, as well as the ever-growing reliance on network technology.
Since then, the roles of the professionals who create, maintain and protect our technology and data have grown and changed exponentially. What began as positions in information technology (IT) and network security have now become an integral part of any company’s organizational chart, with dedicated cybersecurity titles, teams, training and education. Now, some cybersecurity roles are being supplemented or even filled by artificial intelligence (AI) to detect and respond to threats faster than a human can.
Challenges to Meeting Cybersecurity Demand
The need for cybersecurity is greater than ever and cannot be understated in today’s endlessly digital environment. Many factors contribute to this demand: the evolving technology landscape, the ubiquity and value of technology and data, increasingly sophisticated cyber attacks and a lack of general public awareness and training. Unfortunately, the potential workforce isn’t keeping pace with that demand.
In 2022, there was a global cybersecurity workforce gap of 3.4 million people, and employers in the U.S. listed 769,736 openings for cybersecurity positions or jobs requiring cybersecurity skills.9,10 The supply-demand ratio held steady at 65 from 2021, meaning that for every 100 cybersecurity job postings, there are approximately 65 cybersecurity workers in the labor market.9
"Demand for cybersecurity talent has been accelerating for years, and employers are showing no signs of taking their foot off the gas," said Will Markow, vice president of applied research at Lightcast. "That's why it is more important than ever to build robust talent pipelines to ensure a safer digital world. We can't accept leaving holes in our cybersecurity defenses simply because we don't have enough trained workers to plug them."9
What’s Causing The Cybersecurity Gap?
There are a few different factors for why this talent gap exists. Some point to a lack of general awareness about the field. Others cite a lack of resources and appropriate staffing to support existing teams. Some, like Taylor Ellis, think it’s a lack of appropriate education.
“[The] industry can blame the lack of interest among today’s college students and recent graduates on insufficient curriculum in STEM studies,” said Taylor Ellis, customer threat analyst at Horizon3ai. From his perspective, students lack the adequate skills in math and science to qualify for advanced programs in technology that could prepare them for cybersecurity careers.11
Preparing for a Cybersecurity Career
There are thousands of cybersecurity bootcamps or one-off workshops on the market, but not all can give you the specific certifications and training that you need to truly succeed. A bachelor’s degree in cybersecurity, information technology or a related field is a great first step to entering the industry. From there, you can choose to distinguish yourself further and qualify for more senior positions with a master’s degree in cybersecurity or information technology.
For example, the online MS in Cybersecurity at Yeshiva University Katz School of Health will qualify you for the Certified Information Systems Security Professional (CISSP), CompTIA Network+, Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), and ISACA-CRISC exams. You’ll also be trained in real-world simulations, systems architecture, digital forensic methods, red team blue team, incident response and much more.
Beyond the technical requirements, being highly adaptable and communicative is crucial in the cyber industry. You may be extremely talented in one subject, but you will likely be asked to take on new duties as technologies emerge. You also must be able to communicate your findings, concerns, and strategies to stakeholders whenever necessary to ensure their ongoing investment in cybersecurity. Because of this, as well as the impressive salary a graduate degree brings, a master’s degree in cybersecurity is a surefire way to succeed in this line of work.
Top 10 Cybersecurity Careers
With such an explosive job market and seemingly limitless applications, cybersecurity has a plethora of careers from which you can choose. Here are ten of the most in-demand cybersecurity positions today.12,13
1. Cybersecurity engineer
A cybersecurity engineer builds information security (infosec) systems and IT architectures and protects them from unauthorized access and cyber attacks. Working with other engineers, they develop and enforce security plans, standards, protocols and best practices, and build emergency plans in case of a disaster. In their downtime, they use penetration testing and other methods to find system vulnerabilities and devise strategies to patch them.12
2. Infosec analyst/Cybersecurity analyst
An information security or cybersecurity analyst's role is fairly broad and may include numerous responsibilities. For example, they might help maintain and secure an organization’s firewalls and network one week, and then analyze threats to infrastructure the next. Depending on the size of the company, you can either work in a larger security operations center or have your hand in all security analysis, detection, maintenance and updates.12
3. Lead software engineer
Governmental agencies, businesses and organizations of all kinds use a myriad of software every day (e.g., Microsoft Office, Google Workspace and Adobe Suite). Software engineers oversee the selection, maintenance, testing and repair of software so that things continue to run smoothly.14 Working on a team with other software engineers, you can move on to become a principal software engineer, security software developer or senior principal software engineer.
4. Chief information security officer (CISO)
This C-suite cybersecurity position oversees all technology policies, programs, and infrastructure for an organization. The CISO is involved in every aspect of IT operations, including leading teams of IT managers, creating technology budgets and directing major department decisions and initiatives. They will also be in charge of selecting IT providers, negotiating contracts and guiding the design and implementation of critical systems and programs.15
5. Network security architect
A security architect helps to build, implement, oversee and maintain network security systems. Similar to a cybersecurity engineer, network security architects plan and test strategies for IT security (such as firewalls and password authentication) along with preparing for data breaches and network interruptions. This position usually works on a team with other security experts and managers, which often requires a background check or security clearance.12,16
6. Penetration tester/ethical hacker
Some organizations may differentiate between these two cybersecurity professionals, but their titles are also often used interchangeably. A pen tester or ethical hacker (also known as “white hats”) proactively tests security measures and networks to find weaknesses. Once they’ve discovered a vulnerability, they identify and recommend a solution.12 With this title, you can choose to work for a specific company or as a consultant for several different organizations and industries.
7. Security administrator
Also known as an information security (InfoSec) administrator, this is the point person for a cybersecurity team. Rather than being in charge of specific parts of a security system, like a software engineer or network security architect, security administrators are responsible for the overall view and operations of security within an organization. Their team is in charge of troubleshooting network access issues (LAN/WAN, telecommunications and voice); scanning and assessing vulnerabilities; running intrusion detection systems; and implementing security policies and procedures.17,18
At smaller organizations, a security administrator and security/cybersecurity analyst may be combined into one role.
8. Malware analyst
As malware attacks continue to rise, so does the need for malware analysts in all industries. True to the name, a malware analyst identifies, examines and resolves malware-related threats. This requires a deep knowledge of code and different types of threats, essentially combining the roles of security engineers and programmers. To prepare for this niche role, many malware analysts first gain several years of experience in programming and security software development.12,19
9. Computer forensics analyst/Digital forensics examiner
A computer forensics analyst can also be known as a digital forensics examiner, forensic technician or cyberforensic analyst. Much like a crime scene investigator, they work to uncover how a cyber attack was committed, who did it and why. Using digital evidence and legal expertise, they help to compile a case for legal prosecution and can provide expert testimony in court if necessary.12
10. Information assurance technician
Unlike information security, information assurance handles all the risk management of the storage, processing and transfer of information. In short, they make sure the right people have access to the right information at the right times. They must protect the integrity, privacy, authenticity, accessibility and rejection of data with regular security risk assessments and inventory checks of all information assets. If you work for a profitable entity, assurance technicians will need to have fraud, accounting, business and criminology expertise.20
Get Ahead of the Cybersecurity Competition
Ranked the #2 Best Online Master’s in Cybersecurity, and at less than half the cost of competing programs, the online master’s degree in cybersecurity from Yeshiva University’s Katz School of Science and Health is built for your success.21 In less than two years, you’ll be ready to enter into one of the most essential and lucrative fields today—no technical background required.
1. Retrieved on January 16, 2023, from https://www.cobalt.io/blog/cybersecurity-statistics-2023#:~:text=How%20many%20cyberattacks%20per%20day,1%20cyberattack%20every%2039%20seconds.
2. Retrieved on January 16, 2023, from https://www.ibm.com/reports/data-breach
3. Retrieved on January 16, 2023, from https://www.wsj.com/articles/cybersecurity-tops-the-cio-agenda-as-threats-continue-to-escalate-11666034102
4. Retrieved on January 16, 2023, from https://cybersecurityventures.com/jobs/
5. Retrieved on January 16, 2023, from https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#:~:text=Employment%20of%20information%20security%20analysts,on%20average%2C%20over%20the%20decade.
6. Retrieved on January 16, 2023, from https://www.cs.auckland.ac.nz/courses/compsci111s2c/lectures/andre/computerhope_com_issues_ch000984.pdf
7. Retrieved on January 16, 2023, from
8. Retrieved on January 16, 2023, from https://www.isaca.org/resources/news-and-trends/industry-news/2022/a-brief-history-of-the-cybersecurity-profession
9. Retrieved on January 16, 2023, from https://www.cyberseek.org/heatmap.html
10. Retrieved on January 16, 2023, from
11. Retrieved on January 16, 2023, from https://www.cybersecuritydive.com/news/cybersecurity-talent-gap-worker-shortage/639724/
12. Retrieved on January 16, 2023, from
13. Retrieved on January 16, 2023, from https://www.dice.com/career-advice/hot-cybersecurity-jobs-to-watch-in-2023
14. Retrieved on January 16, 2023, from https://www.glassdoor.com/Career/lead-software-engineer-career_KO0,22.htm
15. Retrieved on January 16, 2023 from https://www.glassdoor.com/Career/chief-information-security-officer-career_KO0,34.htm
16. Retrieved on January 16, 2023, from https://www.ziprecruiter.com/Career/Security-Architect/What-Is-How-to-Become
17. Retrieved on January 16, 2023, from https://www.salary.com/research/job-description/benchmark/security-administrator-job-description
18. Retrieved on January 16, 2023, from https://www.comptia.org/blog/your-next-move-security-administrator#:~:text=A%20security%20administrator%20is%20the,about%20security%20procedures%20for%20colleagues.
19. Retrieved on January 16, 2023, from https://cybersecurityguide.org/careers/malware-analyst/
20. Retrieved on January 16, 2023, from https://hiring.monster.com/resources/job-descriptions/computer/information-security-technician/
21. Retrieved on January 16, 2023, from https://fortune.com/education/information-technology/best-online-masters-in-cybersecurity/