With technology playing an increasingly integral role in day-to-day life, security is now more important than ever. Yet, the talent required to ensure that businesses, governments and individuals are adequately protected is glaringly absent. As cyber criminals continue to attack organizations, critical infrastructure and governments across the world, in nearly every sector and every industry, are feeling the effects of the cybersecurity talent shortage.
There are a few industries, however, that are feeling the pain particularly acutely, with an urgent need for experienced and educated cybersecurity professionals. If you are considering a career in cybersecurity, salaries are soaring and the job market is flush with opportunity, especially in these top industries for cybersecurity.
It comes as no surprise that cyber criminals are targeting financial institutions. The Securities and Exchange Commission, Equifax, HSBC, Lloyds Banking Group, JPMorgan and countless other lesser-known financial institutions have all come under attack. Overall, financial firms are 300 times more likely to be targeted than other companies, according to Business Insider, in a report that concludes the industry is grossly underprepared.
The opportunity for hackers is huge in financial services. Customers pay bills online, shop online, check account balances online and send money to friends online. The RSA Conference reported on a poll conducted by TD Bank that surveyed 400 financial professionals and found that 9 out of 10 believe payment fraud will be a bigger threat over the next two to three years. “What’s more, nearly two-thirds said that either their organizations or one of their clients was on the wrong end of a cybersecurity event in the past year, with the most-cited incidents being business email compromises (20 percent), account takeovers (19 percent) and data breaches (15 percent),” wrote RSA.
While financial institutions know security is an issue, many of them aren’t prepared and don’t know how to combat the increasingly sophisticated tactics of cyber criminals. As RSA explained, “Recent surveys paint a picture of an industry that sees the writing on the wall but often finds itself working with the technological equivalent of whiteout.”
To begin to combat the threat, financial institutions must attract and retain experienced cybersecurity professionals to help guide them on mitigating business risk and putting comprehensive security systems and policies in place for the future.
The government isn’t known for speed and when it comes to cybersecurity it’s lagging dangerously behind. In a report by Security Scorecard analyzing 552 local, state and federal organizations, researchers discovered that government security is inadequate in several significant areas, including replacing outdated software, patching current software, individual endpoint defense and IP address reputation.
The vulnerabilities in government systems are alarming considering the vast amount of data stored there, arguably the largest repository of data in the world. Compared to the private sector, the government is a treasure trove of information for hackers that when exposed puts national security at risk. Unfortunately, the government’s inability to adequately secure its data is due in large part to its inability to secure enough cybersecurity talent.
The list of federal agencies that have been hit by data breaches is long and troublesome: It includes the Departments of State, Energy, Homeland Security, Veterans Affairs and Defense, as well as CIA, NSA, SEC, IRS, FDIC and the U.S. Postal Service.
This has resulted in a strong push to recruit the “best talent” to combat “rogue hackers, criminal organizations and nation-states,” according to a DHS cybersecurity recruitment video.
For cybersecurity professionals who want to make a significant impact on national security, government roles (state and local as well as federal) can be an attractive option — especially once administrators streamline many of the obstacles deterring would-be government cybersecurity employees from applying in the first place. “Cyber security is a great way to continue serving our country, just on a different battlefield,” says Donald Greene, a 23-year Air Force veteran now working as a cybersecurity analyst.
[FREE GUIDE] How to Secure an Entry-Level Cybersecurity Job >>
Like the government, health care organizations are privy to a plethora of sensitive information. And like the government, many organizations are not adequately protecting that data. Millions of patients have had access to private records compromised in an ongoing series of costly and high-profile data breaches, according to healthitsecurity.com. HIPAA Journal reports that 89% of healthcare organizations have experienced a data breach. The health care industry also is hit by more than its share of ransomware attacks.
Health care organizations have been a frequent target of cyber attacks for two primary reasons, the high value of data which these organizations possess and the ease with which hackers are able to access this data. Data gleaned from insecure systems is then sold on the black market, where cyber criminals purchase and sell personal data for a multitude of purposes including espionage and identity fraud.
The digitalization of health care over the past decade and the increasing interconnectedness of devices has created many efficiencies for health care organizations while simultaneously causing a massive security challenge — one that, if not remedied, will have serious implications for providers and patients alike.
One thing is certain, thanks to all of the threats facing this critically important industry, health care is hiring cybersecurity professionals.
The manufacturing industry is also extremely vulnerable, with one recent survey reporting that 40 percent of manufacturing firms experienced a cyber attack in the past year and 38 percent of those suffered over $1 million in damages.
Attacks on critical infrastructure, industrial espionage, phishing emails and drive-by downloads are just a few of the tactics employed by cyber criminals that can lead to defective products, production downtime, physical damage, injuries and death, the loss of sensitive information and more.
The manufacturing industry is an especially attractive target for cyber criminals for several reasons, including:
- Legacy equipment or industrial IoT devices that were not necessarily put in place with security in mind
- Gaps between IT and operations technology
- Lack of documented training, processes and procedures a
- Failure to conduct adequate risk assessments
The Internet of Things (IoT) is one of the greatest potential weak spots for manufacturers when it comes to cybersecurity. While they gain efficiencies and improve production processes with connected devices and intelligent machinery, the IoT exposes manufacturers to a network easily infiltrated by those looking to do harm.
“Not too long ago, there was a gap in connected devices — a security measure ensuring that an industrial network was physically isolated from the rest of the world,” explained Alexander Polyakov, a member of the Forbes Technology Council. “Now, due to the rapid pace of technological change, all pieces of critical infrastructure are connected to each other and, most importantly, to the internet. As a result, there is a lack of adoption of basic information security practices.”
[FREE GUIDE] How to Secure an Entry-Level Cybersecurity Job >>
Hackers can be opportunistic shoppers — and in the retail industry they see a potentially vulnerable target. Countless big-name retailers have been hit by data breaches, including Macy’s, Home Depot, CVS, Kay Jewelers, Best Buy, Target and more. In fact, the retail sector is a top target for cyber criminals, especially as growing pressure from eCommerce giants forces more and more retail transactions online.
“The retail and consumer products industry faces an increasing number of sophisticated cyber-attacks from nation-state cyber-attackers, criminal cyber-attack-groups, and politically and socially motivated hackers, often planning, coordinating, and implementing cyber-attacks in an integrated manner on a national, multi-national, or global level,” according to Homeland Security Today. “Financial information — especially credit card numbers — are considered a highly lucrative reward of a successful cyberattack because they can be quickly monetized.”
Naturally, large-scale retailer have ramped up their hiring of cybersecurity professionals to meet the challenge. For example, mega-retailer Amazon lists dozens on information security jobs on its Careers page — including threat intelligence analyst, security engineer, information security engineer – incident response, privacy solution architect and dozens more.
Cybersecurity professionals are needed across every sector and industry, but it is clear that there is particularly urgent need in financial services, health care, government, manufacturing and retail. If you are considering a career in cybersecurity, seeking out opportunities in these industries can offer a rewarding career path, likely with high pay and excellent job security.
The University of San Diego offers two cybersecurity master’s degree programs — one for those interested in a leadership career path (Master of Science in Cyber Security Operations and Leadership) and one focusing on an engineering career path (Master of Science in Cyber Security Engineering).
Both programs are academically rigorous and focused entirely on modern cybersecurity mitigation with an emphasis on teaching students how to become effective lifelong learners — a skill of immense importance in the ever-evolving world of online crime and cybersecurity. For information, visit the program pages or speak with an admissions advisor today.