Is there any more called-for tech specialist these days than one schooled in cybersecurity? It seems like every business is, crying out for skilled individuals with a super-charged cybersecurity salary to boot. As networks, systems, and software become more complex, this makes the field of cybersecurity more diversified. In turn, this means the that the in demand cybersecurity jobs are becoming more niche. It’s no longer always a requirement to be the sys admin of cybersecurity.
So let’s have a look at the most in-demand skills in cyber now, and for the future. These careers in cybersecurity are sure bets for those with the skills and knowledge to further the field.
1. Ring the alarm! Intrusions detection system engineering
Air-tight business firewall? Ha! Think again.
While firewalls are standard protection against incoming and outgoing internet traffic, and the inbuilt Windows firewall is probably adequate enough for your next door neighbour who uses his laptop to read the news and listen to podcasts, that doesn’t cut it at the business level. While there are purpose-built enterprise firewalls (check out Gartner’s peer-reviewed enterprise firewall comparisons if you’re interested), businesses now need far more than that to monitor system-level and client-level security.
Intrusion detection systems (IDS) are designed to protect networks and devices from unauthorised, malicious, or accidental security incidents from both external and internal agents. They are software solutions for monitoring that come in two different flavours: network-level, and host-level. Two different systems, equally as important.
Network Intrusion Detection Systems (NIDS) monitor network traffic between your firewall and subnets (and there may be several different systems or configurations across an enterprise network), while Host Intrusion Detection Systems (HIDS) work at the end-user device level.
Depending on the design of the IDS system, it can shut down network ports, send alerts to administrators, or take other actions, depending on how it has been configured.
As cybersecurity evolves, so too will the complexity of both NIDS and HIDS systems.
Check out the SANS Institute SEC503: Intrusion Detection In-Depth course for a high-value deep dive into Intrusion Detection Systems.
2. Secure software development for zero backdoor action
Secure software development is a set of principles and processes that work across the entire software lifecycle development.
This means security across:
- The application itself, in its finished form
- In coding
- Third party components
- Security risk assessment and mitigations
- Vulnerability response and disclosure
- Implementation and deployment
- And more
In the waterfall model, this seems like a lot, but following the Agile model increases complexity. This means that security practices need to have Agile processes built in too.
There are various security tasks in each of these sets of activities. That means there must be someone in charge of security tasks in each, who is knowledgeable in that area, and able to instill a security-first mantra in the people involved at each level (e.g. coders, testers, investors, DevOps, etc.). There must also be a security manager for management over the entire lifecycle for coordination and stakeholder management.
For the best resources on Secure Software Development, including publications, events, and training, visit SAFECode.
3. Risk mitigation because things do go wrong
The focus of risk has long been something purely the realm of the financial sector and big business, and OH&S. Well, that’s no longer the case. It’s not financial risk analysts that are now in demand — there are now plenty of them about. Instead it’s all about risk in cybersecurity. Those clever enough in the Risk field already have studied up and made the leap, for an increased cybersecurity salary.
Risk is a great area to get into if you’re a process-oriented person who loves thorough investigation and problem solving.
Risk in cybersecurity is similar to risk in business, however the components that you throw into the whole process are different. Working with risk involves working within an agreed upon framework (or developing one) to help identify risks before they become problems. There are plenty of frameworks floating about, but the National Institute of Standards and Technology from the US Department of Commerce have a Cybersecurity Framework you can take a look over as a starting point.
The mitigation part of the process involves putting in measures to help diminish the chance of an incident occurring and then having backup measures in place should they fail.
As Venkat Balakrishnan, PhD, Senior Manager, Cybersecurity, Risk Advisory at EY puts it, the focus should be on “understanding what the organisation wants to achieve and how cyber could securely enable them to achieve instead of becoming an hindrance — coming up with alternatives to mitigate the risk instead of being rigid”.
You can compare it to workplace OH&S on a construction site. Worried your servers might fail if the power goes out? Have a generator on site. Worse case scenario? Automatically switch to some high-plan Amazon solution until your generator and/or servers are back up.
4. Cloud security: On premise is dead
As you’re probably aware, for a business, developing and using internal infrastructure, platforms, and software is going out the window. It’s all SaaS, PaaS, IaaS, compute as a service… and so on and so on.
As cloud adoption continues to grow, cloud service products and the security implications (both holistically and product by product) will follow suit.
There are plenty of areas to consider in cloud security; the most obvious of which is data security. One accidental access control switch not flicked could lead to a serious data security breach. There are others like CDN concerns, third party additions to cloud products, and user management.
If you are interested in being on the cutting edge of developing cloud security solutions, the most obvious choice of employer would be among the world’s biggest cloud/data companies, such as Amazon, Tencent, Google, and Microsoft.
The other avenue is through consultation with companies that provide managed cloud services to businesses, such as Versent.
5. Future-proof encryption
Know the difference between symmetric and asymmetric encryption? Why key size matters? How much compute power would be required to break X encryption type? Why Moore’s law is important as it relates to encryption? Or how China managed to become the world’s foremost Bitcoin mining region?
Each encryption type’s breakability is only as strong as its algorithm and key size. While, at present, breakable encryption types have been decommissioned or their key sizes updated to ensure they are currently still safe, there is something more interesting around the corner.
Quantum computing is an entirely different style of compute power that could render much of today’s encryption unuseable. While quantum computing is in its infancy, developing new encryption styles to manage this hyper-compute power will be necessary.
At present, being an encryption expert is a clever field as you’ll be able to advise companies of the right encryption for their needs, the safety it provides, and how to use it.
6. Data security is law!
We’re sure you will have heard plenty in the news (or from your manager, or lecturer) about various mandatory data retention/reporting/storage laws coming into force in various jurisdictions around the world. TheNotifiable Data Breaches scheme is the biggie in cybersecurity Australia. It’s the GDPR for the EU (and information security ramifications around the world).
All these laws are giving companies a serious headache. Do we pull out of that region because the laws are too difficult to follow? How much cash do we have to invest to be compliant? How can we keep on top of which countries are implementing what laws and what the terms are? What if the laws are written in another language?
Positioning yourself as a subject matter expert in information security and privacy around the world puts yourself in a position to help almost every company on the planet. International cyberlaw equals consultancy or analyst jobs in demand. If you already have a background in data security and privacy, this may also require studying a course on cyberlaw. Check out the SANS Law of Data Security and Investigations.
7. SecOps is the new DevOps
Love the practice, ideology, and efficiency of DevOps? Then you might just love SecOps. Much as DevOps has managed to effectively coordinate development and operations through a set of processes, automations, and tools, SecOps aims to do the same with the cybersecurity team and operations (and even the dev team as well).
Building in processes, automations, and tools into the software development lifecycle will ease friction between security, devs, and ops. While some DevOps tools and practices already have security built-in (like containerisation), we are more likely to see intelligent security-as-a-service products for software development emerging.
As Balakrishnan says, “Cybersecurity experts will have to expand to speak and understand the language of data scientists, and accelerate the protection and defence strategies through ways of automating operations.”
Cybersecurity: Yes, the hype is real
Cybersecurity is going to remain to be one of the most important fields for business, government, and research globally for as long as we can imagine. Even if a particular element of cybersecurity bores you, perhaps network monitoring, there’s plenty of other niche fields to explore, like data privacy law. As a cyber expert, you can “Be across the technology evolution, emerging cybersecurity threat landscape and attacker tactics and techniques”, says Balakrishnan.