According to one projection, there are expected to be 3.5 million open cybersecurity jobs by 2025. However, it’s no secret that breaking into cybersecurity or selecting it as a degree is no guarantee. For many, there is often the question: How do I—or even can I—enter the cybersecurity industry? There is no such thing as one-size-fits-all when it comes to entering the industry. The career journey for every person and student will be different. Everything from choosing which university or curriculum—or even if you choose a university path at all—will vary.

Because cybersecurity degrees are relatively new, not many people have or obtain them straight away. Common pathways into cybersecurity roles often involve individuals who have served as system administrators with strong technical expertise, those with backgrounds in programming, such as software engineering or computer engineering, or through the military. Above all, and an important trait for success in this industry, are those individuals who possess a deep sense of curiosity.

That all being said, the talent gap in cybersecurity persists because of an ever-evolving technology landscape. The pace, advantages and dependence on technology are consistently surpassing our ability to attract, train and retain cybersecurity professionals. In order to close this tremendous talent gap, it is crucial to accept the fact that new entrants into the cybersecurity space are not going to know everything, nor should they be expected to—investment in professional development is key and hiring managers should keep this front-of-mind. This piece will explore closing the talent gap and dig into why many aspiring professionals are finding it challenging to break into the industry without traditional credentials. An entry-level job that requires five to 10 years of experience isn’t realistic.

For Entrants, Research is Key

From a candidate’s perspective, breaking into the cybersecurity industry requires a lot of curiosity in problem-solving and a love of learning. Doing research and digging deep into what it is that interests you within the field is key. What really triggers your curiosity? You won’t be interested in every area of cybersecurity. In order to figure out which area you’re passionate about, it’s important to have a broad understanding of the various domains within cybersecurity. By honing in on each, you will have more information that will help inform educational and future career choices. Several security domains, including data governance, security operations, ethical hacking, application security, network security and more, cater to diverse personalities and demand a wide range of both soft and hard skills. Regardless of the role, proficiency in interpersonal skills is invaluable, as it directly correlates with career advancement and professional growth. Research is vital as it will significantly help solidify which specialty within cybersecurity resonates the most.

What About Experience?

So, how can you gain experience in cybersecurity without having a job in the industry? To start, consider learning how to administer operating system technologies like Windows and Linux and how networks work, as these systems are a solid foundation within cybersecurity and could help you get the attention of a hiring manager.

There are hundreds of self-paced learning tools, be it online courses, books, or videos, so one can break into cybersecurity. at their own pace. Another place to gain experience is through internships. An internship will equip professionals with the necessary experience and practical skills that employers are seeking. They also give that competitive edge that will put you ahead of other applicants trying to get their foot in the door. While many entry-level security hires will have a bachelor’s degree in computer science or related subjects, professionals are encouraged to partake in some combination of self-directed learning as well; i.e., professional certifications or online courses. Building your knowledge by using these tools can equip you with the educational tools and hands-on experience to help you get your foot in the door and land that first job. Other ways to gain experience include contributing to open source projects or working on solo cybersecurity projects. Remember, regardless of what you do, it’s vital to keep a log of your progress and experience.

Encouraging Current Talent and Supporting new Entrants

According to The International Information System Security Certification Consortium’s (ISC²) annual cybersecurity workforce study, there’s a worldwide talent gap of 3.4 million cybersecurity workers. From an employer’s perspective, it has become increasingly difficult to attract, hire and retain cybersecurity professionals while malicious actors are getting increasingly sophisticated. But why? Cybersecurity job descriptions have been known to be excessive but generic and put an impossible workload on one person. What’s more, cybersecurity job adverts often ask for unrealistic levels of experience and credentials, making it nearly impossible for someone to make the cut at entry level. To attract and retain new talent, employers should consider lowering the high barriers to entry, which may include reducing the minimum years of experience required, the requirement for a degree in cybersecurity (is there even one?) and the certification requirements—these can take a lot of time to obtain and be incredibly expensive for those starting their careers.

Overall, the tremendous gap in cybersecurity will persist as the threat landscape rapidly evolves. High demand for experienced professionals and unrealistic expectations will continue to widen the gap. Employers must promote cybersecurity education, offer mentorship and internships, increase diversity and provide ongoing professional development opportunities. As an individual looking to embark on a career in cybersecurity, it is vital to explore your options and find the degree or program that truly resonates with your passion and skill set. Do your research and be ready to learn, and know that every day you will be learning something new.