Projected Growth in Cyber Security over the Next 10 Years

The boom in the cybersecurity industry shows no signs of slowing down. Worldwide spending on InfoSec and cybersecurity by businesses and individuals is set to top $1trillion by 2021, according to the CyberSecurity Report, published last year by Cybersecurity Ventures.

The dramatic rise in online crime – which over the last few decades has gone from malware and phishing to massive, global attacks that can bring entire government organisations to a complete standstill – means that there’s never been a greater need for cybersecurity professionals. The issue for businesses and governments alike is that there’s a major skills shortage out there, with high-calibre positions taking up to a year to fill.

Changing tactics

The focus for malware has also shifted, from static networks to attacks on mobile systems and other devices, forcing changes in tactic for those charged with combatting cybercrime. With the onset of the Internet of Things, even more back doors are available for hackers to access networks, both in business environments and at home. And that, again, means cybersecurity experts have to adapt continuously to meet those threats.

In 2015, Inga Beal, the CEO of Lloyds insurance, claimed cybercrime was costing global businesses up to $400milion a year. Just a few months later, Juniper Research revised those figures up – a long, long way up. They put the number at closer to £2trillion by 2019, while Microsoft’s CEO Satya Nadella claimed that £3trillion of market value was wiped out in 2015, thanks to the hackers.

Put simply, these numbers tell you that you rather than lose your car to a theif you’re potentially more likely to lose your identity to a hacker. Your bank is more likely to get hit with a DDOS rather than an armed robbery, and businesses across the world could find themselves being held hostage by online pirates, who deal in the 21st century version of doubloons – Bitcoin.

Start spending

So, what’s being done to combat all this? Firstly there’s been a major uptick in spending on cybersecurity. Estimates point to an increase globally of between 12-21%, depending on sector. Obviously, those with the most to lose financially will be spending more on repelling unwanted guests from their respective virtual borders, but a concerted effort across the spectrum is to be expected, as attacks become more frequent, more complex, and more intense.

Estimates are that the security market will grow at around 7.8% CAGR (Compound Annual Growth Rate) through to 2019. So despite figures in the trillions of dollars being thrown around, that still means that security will only make up 5% of worldwide IT expenditure.

Cybersecurity is certainly profitable for those providing it. IBM’s own security offshoot posted growth rates of 18% in the first quarter of 2016, with Cisco, IBM’s biggest competitor, hitting a home run with 17% year-on-year growth figures. So there’s plenty of money in cybersecurity.

What there isn’t, though, is enough people.

This is where the industry falls short. There’s plenty of technological innovation to combat hackers, create stronger, more robust firewalls, and protect the Cloud. But there are simply not enough professionals in the industry to keep it moving forward at the rate it needs to in order to keep up with the hackers.

A shortage of skilled, experienced cybersecurity experts

There is a particular shortage in the upper echelons of the profession, with experienced cybersecurity experts in exceptionally high demand. One of the problems has been that up until recently, IT courses at universities and colleges simply didn’t put enough emphasis on security, preferring instead to focus on subjects such as software and coding, hardware, and even soft skills.

As hacks have become more headline-grabbing, the obvious need for security has become more of an issue, but established IT courses are still a little slow to respond. The only option is to ‘upgrade’ your qualifications with targeted courses, both online and in the real world. These short, intensive courses are excellent for industry professionals who want to expand their skills set, as well as those who want entry-level training. Employers, though, are going to be looking for experience above all else, with relevant qualifications such as ISO 27001 Lead Auditor or SSCP certification as well.

A job for life?

There are very few jobs for life out there anymore. However, if you want job security for at least the next ten years, then cybersecurity and InfoSec are pretty safe bets. The more experience you have, the greater your chances of continuous (and well paid) gainful employment for the foreseeable future. From big-brand tech companies looking to provide a comprehensive Cybersecurity service to customers, to individual consulting gigs that take you out and about into the business community, the continued need for experts makes this challenging and ever-changing field a great career opportunity.