Imagine a career that offers you high earnings, global opportunities, and constant challenges. A career that is in high demand and will never go out of style. A career that can make a difference by protecting people and businesses from cyber threats.
Doros Hadjizenonos, regional director for Southern Africa at Fortinet, believes that young South Africans can benefit from the current cyber security skills gap and turn it into a lucrative and satisfying profession.
“Employers around the world are actively seeking cyber security professionals with a range of skills”, says Hadjizenonos.
A recent (ISC)² Cybersecurity Workforce Study revealed a cyber security skills gap of as many as 3,4-million professionals worldwide, while the 2022 JCSE-IITPSA ICT Skills Survey also highlighted significant skills shortages faced by employers in the information security/cyber security field.
Without enough cyber security resources to protect them, it’s perhaps no surprise that organisations are getting attacked more often, costing them millions of dollars. Amid this sharp increase in breaches, a recent 2023 Global Cybersecurity Skills Gap Report showed that most organisations are looking to hire more security staff, but are struggling to fill vacant positions.
Hunt for talent both at home and abroad
Hadjizenonos explains that cyber security encompasses a broad variety of roles – from sales and consulting to development and architecture, through to data analysts. Those with the right skills can choose to work here in South Africa or take advantage of international opportunities.
“Cyber security techniques and technologies are the same around the globe, so there is worldwide demand for skilled professionals and talent. This is one of the challenges that South African companies face – many people with cyber security skills are leaving the country for compelling offers abroad. It’s hard to retain them,” Hadjizenonos says.
He notes that South African organisations in particular have a high demand for security software developers, Security Operations Centre (SOC) teams, cyber threat and malware analysts, and intelligence specialists. “There is also growing demand for cloud-focused cyber security engineers, and people specialising in AI and automation for cyber security,” he says.
SOC teams are increasingly in demand as more local companies see the need for their own SOCs, which serve as command centres for monitoring their IT systems. These teams investigate and respond to cyber security threats and work to secure systems and data from attackers.
“This role carries a lot of responsibility, and often a great deal of pressure. Because hackers don’t work normal office hours, neither will cyber security teams,” says Hadjizenonos. “And because cyber security skills are highly sought-after, companies will pay higher salaries for good people who have the right qualifications and experience.”
Tackling the diversity issue
As is the case across many other science, technology, and ICT fields, there remains a big diversity gap in cyber security. As of last year, women held just 24% of cybersecurity jobs globally, although that number is steadily increasing year-on-year. There are a number of reasons behind the current low figures, one of which is the misconception among women and girls that cyber security is a male domain.
“The good news is that most organisations are now working to close the gender gap and encourage young women to enter the cyber security field. Those who take advantage of the opportunity generally excel. There are global organisations such as Women in Cybersecurity (WiCyS) that work to retain and advance women in cyber security. Resources such as these may be useful for girls considering careers in the industry,” says Hadjizenonos.
“It’s also positive to see that many local organisations are now seeking cybersecurity candidates from a broader talent set, including not just women but also individuals from historically disadvantaged groups.”
According to the Fortinet 2023 Global Cybersecurity Skills Gap Report, 73% of businesses globally are now implementing recruiting initiatives aimed at women, while 59% have initiated programs to attract candidates from disadvantaged groups.
How to get into cyber security
If you are a young person who wants to pursue a career in cyber security, you should be passionate about computing and have a strong background in maths and science, says Hadjizenonos.
“Technical subjects and computer-related courses like Computer Applications Technology (CAT) will help you to understand the scientific principles of cyber security. You should also take advantage of the many learning opportunities that are available online or in person, such as free courses, workshops, and boot camps,” he says.
“Not all cyber security roles require deep technical skills, but ideally anyone working in cyber security is technically-minded, curious, and logical.” Successful cyber security professionals are also generally collaborative, committed to ongoing learning, and enjoy “staying ahead of the game” when it comes to understanding attack methods and protecting their organisations against them. They may also need to be strategic and good at communicating with colleagues at all levels, explains Hadjizenonos.
For those already studying IT or working in the IT sector, cyber security training and certifications add a valuable dimension to their existing qualifications and experience, he says. “Every IT professional should have at least a basic understanding of cyber security.”
Hadjizenonos adds that an excellent introduction to cyber security is available through free online courses at the Fortinet Training Institute. “Fortinet’s Network Security Expert (NSE) 1 and 2 are certification courses that improve cyber security awareness training and explain the basics of cyber security, the risks, and how hackers think. “It’s a great foundation to start discovering the world of cyber security and gauging your interest in the field,” he concludes.