How to Transition From Information Technology to Cyber Security
We take the ease of electronic payments, online ordering, and mobile banking for granted – that is until you get hacked or there is a security breach. It can be daunting to know that your credit card information is sitting in the hands of an anonymous hacker,and for companies that get hacked, the stakes are also high. It can quickly become a PR nightmare and, most importantly, a company can quickly lose trust with its customers. But the urgent need for cyber-security is creating a high-level tech field that seasoned IT pros can find their way into if they gain the right experience. Companies are looking to hire people, rather than employ software, to ensure that their data and customer information remains as private as possible.
Cisco conducted a report on security, and found that there is a shortage of cyber-security pros for companies to hire. The report also states that in order to combat security threats, companies need people, not software or computers, to help protect their businesses and customers. The only problem is that while companies have the budgets, they aren’t finding the right talent to fit the jobs and Cisco estimates that, globally, the industry is lacking more than one million security professionals.
But how can you break into the field of cyber-security? There aren’t any entry-level cyber security jobs, so you will have to work your way up by starting in IT and keeping a close eye on your career.
Get a college degree
There are definitely people in cyber-security and the tech industry who do not have a college degree and who have worked their way up the ladder without a formal undergraduate education. However, as more people enter the information technology field, it is becoming more competitive. You will want to ensure you have an undergraduate degree in computer science or related field, but Ira Winkler of Computer World recommends that students do not specialize in cyber security. In fact, he feels that the degree you choose is ultimately irrelevant to your career; employers just want to know you have the educational background.
Gain entry-level experience
While a college degree will certainly help your chances, you will need more than an education to break into cyber security. One of the first steps to making yourself a qualified cyber security candidate is to gain hands on experience. Joe Rodichok, IT Manager of eZanga "If you're starting out in IT, you need to be a self-starter. Be motivated, because looks are only going to get you so far in this business. Books and education are a great starting point, but they aren't going to take you very far. You have to constantly be trying things out on your own, and be looking to improve your skills. The real world doesn't work out the way it says in technology books, so to be successful in cyber security, you have to take your own experiences and adapt to how the world actually works."
You can’t expect a company to think you can protect their computers and networks if you don’t have experience working with computers and networks. This is why it’s best to start in an entry-level position in information technology to gain the necessary skills and knowledge for your resume. Use every opportunity in IT to gain security skills in your specialties and add them to your resume. Security touches every part of technology, whether it's mobile, web, or even the hardware that people use day to day. Ensuring that you understand the security measures for all aspects of information technology will give you the skills and confidence to land a cyber security job.
As Wolfgang Goerlich, VP of Consulting with VioPoint states, “As simple as it sounds, getting security experience within IT itself is often overlooked. The Exchange administrator can gain security skills around email. The Cisco engineer can gain specific skills in network security. The web developer? You guessed it. They can gain secure development skills. Wherever the candidate is today, security overlaps their area of responsibility, and mastering that area is the crucial skill to transitioning to a cyber security role.”
Know how to code
Coding is another incredibly important skill to have if you are looking to work in cyber-security. Protecting software will mean searching through lines of code and understanding multiple programming languages in order to properly identify security threats. There are a number of programming languages, but learning the most popular ones and becoming an expert in those will serve you best.
“I typically recommend that folks become functional in Python and Ruby as well as developing strong Regular Expression (regex) skills. I also like to see that job candidates are fully function at a Linux/Mac BASH shell command line. Many of the tools and techniques that we use require the use of a non-Windows platform. Python, Ruby and BASH shell scripting are all useful for security testing, log file analysis and numerous other task,” states Brian Dykstra, CEO, Atlantic Data Forensics, Inc, “I would also recommend that job candidates be familiar with using a database like MySQL or SQLlite. Knowing how to function in a SQL environment is important for a number of tasks.”
Understand the cloud
The cloud is quikcly becoming the next big thing in storage and companies are starting to adopt this form of storage. It can create a lot of security questions, since oftentimes data might be stored on a third party server, and not a server owned by the company itself. Not to mention, employees might be using their own cloud storage to manage files, documents, and data that might contain sensitive company material. Therefore, understanding the cloud and cloud security is an important skill to add onto your resume if you want to pursue a future in cyber security.
Brian Dykstra, CEO of Atlantic Data Forensics suggests building a base knowledge of cloud technology, “Since ‘cloud’ is just a buzz word for data center it is always one of my number one recommendations for college students looking to get a start. Working at routine jobs in data centers builds a good knowledge base in physical security, networking, server equipment, backup, enterprise storage and so much more that while these jobs aren’t glamorous they build the solid IT foundation that I look for in job candidates.”
These are just a few of the ways you can transition from information technology to cyber security. The key is to gain expertise in as many areas as possible, and always have your eye on security. All technology needs to remain secure, so specializing in one area certainly won’t limit your job opportunities. And don’t forget to check out openings on Monster to find cyber security jobs and information technology jobs in your area.