Some 82% of IT professionals report a shortage of cybersecurity skills in their business, according to a July survey from Intel—and 71% cited this shortage as responsible for direct and measurable damage to organizations whose lack of talent makes them easier hacking targets.
Job postings in the cybersecurity field have gone up 74% over the past five years. And US News and World Report ranked a career in information security analysis fifth on its list of best technology jobs. Average salaries nationally are $88,890, and significantly higher in cities such as San Francisco and New York.
Interested in a career in cybersecurity? Here are 10 bachelors, masters, and certifications that can help you get started at any education level.
BS in Computing and Security Technology
Drexel University's BS in Computing and Security Technology consistently tops lists of cybersecurity preparation programs, and is recognized as a National Center of Academic Excellence in Information Assurance Education by the NSA. It offers hands-on experience managing and operating computer servers, networks, web and mobile systems, and databases, with a focus on security. Students can enroll in either the full-time, on-campus degree program, or in the online, part-time degree completion program, targeted to people who have already earned an associate's degree.
University of Maryland University College
BS in Computer Networks and Cybersecurity, BS in Cybersecurity Management and Policy, BS in Software Development and Security
University of Maryland University College offers three bachelor's, four master's, and four certificate programs focused on different aspects of cybersecurity. The school is designated as a National Center of Academic Excellence in Cyber Defense Education by the NSA, and is headquartered between the DoD's Cyber Command in Maryland and the Cyber Corridor in Virginia. Plus, the UMUC Cyber Padawans cybersecurity competition team took home the first place prize in last year's Cyber DiploHack event.
SEE: Security awareness and training policy (Tech Pro Research)
Pennsylvania State University
BS in Security and Risk Analysis-Information and Cyber Security
Penn State's BS in Security and Risk Analysis degree, named one of the top online bachelor's programs by US News & World Report, focuses on the technologies, education, and policies needed to protect people and information. Students learn to design secure systems, evaluate and measure risk, and ensure privacy maintenance for individual users, businesses, and governments. Penn State is also recognized as an NSA Center of Academic Excellence in Cyber Defense. The program is available online.
University of Denver
MS in Cybersecurity
The University of Denver's MS in Cybersecurity program immerses students into the field, allowing them to work with local industry partners on real-world problems. The one-year, fast-track master's degree comes with a discounted scholarship of nearly 50%, and does not require students to have an undergraduate degree in computer science. University of Denver's program is also designated as an NSA Center of Academic Excellence in Cyber Defense.
BS in Cybersecurity, MS in Digital Forensic Science, Cybersecurity Certificate
Champlain College offers online bachelor's, master's, and certificate programs in cybersecurity designed for working adults. It is the two-time winner of SC Magazine's Best Cybersecurity Higher Education award, and is designated as an NSA National Centers of Academic Excellence in Cyber Defense. The curriculum is career-focused, and provides strategic thinking skills and solution sets applicable to the workforce.
Illinois Institute of Technology
MS in Cyber Forensics and Security
Illinois Institute of Technology offers several security-oriented programs at the undergraduate, graduate, and certificate levels. The Masters of Cyber Forensics and Security program is unique, in that while students take cybersecurity courses, they also take legal courses alongside law students of the Illinois Institute of Technology Chicago-Kent College of Law. The program is designed to help students and experienced IT professionals become cybersecurity managers. The school is also designated as an NSA National Center of Academic Excellence in Cyber Defense.
The International Council of E-Commerce Consultants (EC-Council) is the world's largest cybersecurity technical certification organization. Its Certified Ethical Hacker certification involves a training course that teaches students to look for weaknesses and vulnerabilities in a system using the same tools as a malicious hacker, but in a lawful way to assess the security systems. It is a vendor-neutral certification. Those who want to take the certification exam without training must demonstrate two years of information security experience.
CompTIA Security+ certification
With more than 250,000 credential holders, CompTIA Security+ is a popular, vendor-neutral security certification with an available online learning tool for preparation. Exam content stems from a combination of industry-wide survey feedback, and contributions from a team of security experts. The certification is approved by the US Department of Defense to fulfill cybersecurity position requirements, and is compliant with government regulations under the Federal Information Security Management Act. Companies that recognize the certification include Apple, Dell, HP, IBM, and Intel.
GIAC Security Essentials Certification (GSEC)
The GIAC Security Essentials Certification (GSEC) is intended for security professionals who want to demonstrate that they are qualified for IT systems hands-on roles in terms of security tasks. Credential holders will demonstrate knowledge and technical skills in areas including network mapping, access controls, password management, and cryptography fundamentals. No specific training is required, but CIAC recommends a "boot camp" style preparation course from SANS.
International Information Systems Security Certification Consortium Certified Information Systems Security Professional certification
The Certified Information Systems Security Professional (CISSP) is an advanced-level, vendor-neutral certification for IT professionals looking to expand their career into information security. The certification is meant to prove credibility in designing, implementing, and managing overall information security programs to protect organizations from sophisticated attacks. In-person and online training programs are available though (ISC)2 and third-party companies. Interested individuals must have a minimum of five years of full-time work experience in two or more of the eight domains listed here.
- Report: Despite growing security threats, CXOs struggle to find cybersecurity professionals (TechRepublic)
- IoT devices can be hacked in minutes, warn researchers (ZDNet)
- Interview with a hacker: S1ege from Ghost Squad Hackers (TechRepublic)
- The Dyn report: What we know so far about the world's biggest DDoS attack (ZDNet)
- Electronic health records: The new gold standard for cybercriminals (TechRepublic)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.