What you need to know to enter, advance in the cybersecurity field

What you need to know to enter, advance in the cybersecurity field


The demand for cybersecurity jobs continues to rise. Information security analyst is one of the top 20 fastest growing professions, according to The Bureau of Labor Statistics, expected to grow 35 percent by 2031 with a 2021 median pay of $102,600.

Whether you want to launch yourself into this cutting-edge field or advance further into a senior management-level position in the cybersecurity industry, schools like Marymount University offer innovative programs to make your dream possible. Dr. Diane Murphy, Director of Marymount’s School of Technology and Innovation, shares her expertise about what students of all stages need to know about this surging career field.

Why is the demand for cybersecurity jobs growing so fast?

The Cyberseek Heat Map shows over 750,000 online job listings for cybersecurity-related positions from January-December 2022, with around 70,000 of those in the DMV area. The number of these positions continue to grow because of a number of factors:

  1. The number of attack surfaces has increased. No longer are people just employed inside of a secured building – they are now working remotely, many in their homes. This trend to remote or hybrid working results in more vulnerabilities. An example of this is the increase in telehealth and private information being transmitted over insecure communications.
  2. Many businesses and government services are now available over the internet, whether it is the grocery store, the DMV or the IRS – also increasing the number of places that cybercriminals can find personally identifiable information (PII), including credit card numbers.
  3. The linkage between information technology and operational technology, which links physical plant – such as the electrical grid, water supply and oil and gas pipelines, to name a few – to the internet, making it possible for an attacker to disrupt the electrical supply, contaminate the water supply or close a pipeline, as recently happened with the Colonial Pipeline.
  4. The number of cybercriminals is getting larger and they are getting more sophisticated as attack tools, and even hackers themselves, can be bought over the dark web. The latter is also the place where the results of data breaches can be sold for cash.
  5. Malware, particularly ransomware, is now widespread and attacks are being made on a wide variety of vulnerable institutions, from local authorities to school systems to many small businesses. Often, they are not the ultimate target but they may have readily available credentials to allow the attackers to link to larger businesses or government agencies.
  6. There are not enough individuals obtaining the necessary credentials to be hired into the cybersecurity field. Employers are looking for individuals who have “experience,” so it is difficult for recent graduates or certification holders to enter the field. Community colleges and four-year universities in the region are working hard to create experiential learning opportunities for their students outside traditional internships, as there are not enough good internships to meet student demand – in part because of the requirement for security clearances for many positions in this area.
  7. This is a classic supply and demand issue, which means cybersecurity professionals are demanding high salaries, often making hiring an experienced cybersecurity professional out of reach for many small businesses or not-for-profits.

What do organizations need from their cybersecurity staff and leaders? 

Most of the need is to ensure the security of the enterprise and its compliance with regulatory requirements, which depend largely on the nature of the business and the type of organization. Typical activities include cybersecurity risk reviews, cyber awareness training, vulnerability assessments, penetration testing and the design and implementation of security controls. Cybersecurity professionals may work in the Security Operations Center (SOC) and monitor traffic in and out of the network. If they notice something unusual, it is analyzed to determine if it is a cyberattack from inside or outside their network. Cybersecurity professionals may also work in the Incident Response Center, where they respond to the cyberattack to minimize its impact on the enterprise. Another part of the cybersecurity team may work on cyber threat intelligence, keeping track of the cybersecurity threats and vulnerabilities that constantly appear as bugs are found in various software packages. Based on this intelligence, they may require the IT team to install patches developed by the software vendor to fix the vulnerability.

The Chief Information Security Officer (CISO) is generally the leader of the cybersecurity team and works with other parts of the enterprise to balance their business and security needs. He or she must be situationally aware of threats and incidents that have happened in the industry and advise accordingly. They are also responsible for obtaining the budget for the security operations.

Is this growth across all sectors, or just in tech, finance, medical and manufacturing?

The growth is across all sectors, wherever technology is used and linked to the internet, allowing for access by anyone.

The technology sector is a major target mainly because of its reach – attacks on the software supply chain surge as attackers may attack one company and use it to reach a variety of companies. A recent example was the Solarwinds attacks.

The financial sector is another target for cyberattacks as much of the cyber activity is by financially motivated organized crime. Credit cards and other financial data is sold on the dark web. In addition, there have been many cyberattacks on the fast-growing cryptocurrency ecosystem, which was originally thought to be secure.

The health care sector is of real concern because of the increased number of cybersecurity incidents focused on hospitals and other medical facilities, and the increased number of Medicare/Medicaid fraud incidents resulting from these data breaches. Ransomware has been increasingly used against health care facilities.

Another big growth area is local utilities, which are now linked to the internet for remote monitoring and other business transactions. The operational technology in many utilities (electricity, water, etc.) is often old and incapable of being secured. A recent example of this was the Colonial Pipeline attack, which closed the main gas pipeline on the East Coast, causing panic buying of gasoline.

What skills do people need for these cybersecurity jobs?

Cybersecurity professionals use a combination of technical and soft skills to assess vulnerabilities and respond to security incidents.

Technical skills include classical cybersecurity knowledge such as security controls, firewalls and intrusion detection devices, networking, operating systems, etc. Today, however, cybersecurity professionals must also be familiar with cloud infrastructure and be able to automate cybersecurity processes. So, they should be able to code in languages such as Python and be able to use today’s data analysis techniques.

Soft skills include problem solving, oral and written communication and the ability to work in teams.

What skills do people need to work in management of cybersecurity?

Management skills are necessary for the CISO, in addition to technical skills. He or she must be able to communicate well with the rest of the organization, as cybersecurity is now a board-level consideration in many enterprises. Budgeting is a key function as cybersecurity departments are often under-resourced for the increasing threats that they face.

What programs/classes does Marymount offer to prepare students?

Marymount’s Master of Science in Cybersecurity is designed for career changers who have a good knowledge of cybersecurity. Students take a series of technical classes which cover the field of cybersecurity, cryptography and computer network defense. Students are also required to take computer scripting, law and policy and a course on information technology management, as well as a research project. In addition to these foundational technical and management courses, students can take another four courses in specific interest areas, e.g., risk management or digital forensics, or they can take a specialty in one of the application areas, including data science, digital health, privacy, data security or business management. The program is designed to allow students to follow a technical or a management track.

Marymount also offers a Doctor of Science in Cybersecurity, which is designed to develop cybersecurity professionals to become leaders in the field.   

Are the programs online, in person or hybrid?

The programs can be taken online or face to face, catering to both type of learners. Students can also mix and match to suit their schedules and other commitments. International students are required to take face-to-face courses if they are on a F1 or equivalent visa.

What kinds of hands-on experience do students get?

Marymount has a variety of hands-on learning options. The network defense class allows students to learn and practice with all of the tools and skills required for the field. For students without experience, an optional course is the practicum, which provides an internship experience. Marymount also conducts research projects for clients and students are engaged in these projects, often using the same tools they would use in the industry.

What types of jobs do graduates get?

Graduate students get a variety of government jobs as cyber professionals with the NSA, Department of Defense and civilian agencies. They also obtain positions at companies such as Ernst & Young, Deloitte and Booz Allen Hamilton in the professional services sector, with Visa and Capitol One in the private sector and with Amazon Web Services and Recorded Future among leading vendors in the area.

How long does the program take?

Two years usually, but 18 months is possible.

Is there anything else interested individuals should know?

Marymount holds two important credentials for the cybersecurity industry:

  1. Approved curriculum to meet the standards for NSA/DHS Center of Academic Excellence in Cyber Defense (CAE-CD)
  2. Part of NSFS/OPM’s CyberCorps Scholarship for Service (SFS) program