The university of tulsa Online Blog

Cybercrime rates are rising, and the growing number of attacks puts lives at risk, costs companies millions and threatens national security. Viewed as a business, cybercrime is booming. It constitutes the  largest transfer of economic wealth in history  and is more profitable than any legal business or the illegal drug trade. An IBM survey found that data breaches in 2021 cost companies, on average, $ 4.24 million per incident  – a record high, up 10% from the year prior.

Organizations unaware of these facts likely still understand the importance of IT security and risk management. However, they may not be able to onboard the staff necessary to implement a robust cybersecurity strategy.  Cybersecurity  remains a field defined by high demand coupled with massive skill shortages. To satisfy that demand, the International Information System Security Certification Consortium² predicts the worldwide cybersecurity workforce  would need to grow by 89% .

The market for professionals with advanced cybersecurity skills has expanded at a remarkable rate – from  $3.5 billion  in 2004 to  $150 billion  in 2021. Rapid job growth in the cybersecurity field has created a thriving market for cybersecurity analysts, security managers and other professionals in technology and other industries. According to The Washington Post, there are  more than 36,000 open public-sector cybersecurity positions . Cyberseek reports there are 597,000 available  jobs for cybersecurity professionals  in the private sector.

There’s probably never been a better time to  earn a cybersecurity degree  or launch a cybersecurity career. If you’re thinking about building on your computer science, IT or information systems skills to launch a career in cybersecurity, consider enrolling in  The University of Tulsa ’s 100%  online M.S. in Cyber Security  program. The ROI of this degree is exceptionally high because demand in the industry is poised to continue growing for years to come.

The cybersecurity job outlook remains strong

Cybersecurity was one of the few industries that didn’t experience a significant employment downturn during the height of the COVID-19 pandemic. In fact, the cybersecurity job outlook may have gotten a boost. The rapid transition to remote work and expanded cloud migration led to increased cybercrime rates, prompting organizations to beef up digital security measures. The chief technology officer at Untangle even said it would be  “dangerous” to downsize cybersecurity jobs . About 26% of organizations surveyed by PriceWaterhouseCoopers  expect to grow their cybersecurity budgets  by 11% or more in 2022, and more than half plan to increase their budgets by at least 6% to defend against increasingly complex cyber attacks.

However, the skills gap in cybersecurity may frustrate those efforts. A Global Information Security Workforce Study predicts the talent shortage  will hit 1.8 million in 2022  because many professionals in the field don’t have the skill sets necessary to satisfy employer demand. Organizations look for professionals with advanced cybersecurity skills and credentials plus real-world experience. Additionally, many employers are bundling cybersecurity into other IT positions, which means applicants need cybersecurity expertise plus expertise in related fields. Burning Glass Technologies refers to these professions as  cyber-enabled jobs  and reports that they  make up 56% of all cybersecurity-related openings .

Job seekers are more likely to see an increase in the need for cybersecurity skills than an increase in job titles that specifically include the word cybersecurity. For example, the U.S. Bureau of Labor Statistics predicts employment for information security analysts is going to  grow by 33%  over the next decade – much faster than the average growth rate across all occupations. Because the data and systems businesses rely on are increasingly digital, jobs for computer network security analysts, digital security managers, security project managers and cloud security specialists will also grow. If you’re looking for more solid proof that cybersecurity professionals are in demand, read the descriptions for job openings in information technology, software engineering and networking. Employers may not post positions for cybersecurity engineers, even when that’s the skill set they’re seeking.

Eight factors fueling sustained growth in the field

More devices = more points of vulnerability

Think of all the connected devices you currently use in a day. Your laptop and phone may be top of mind, but you probably also interact with smart home devices, credit card readers, connected systems in your car and more. Cisco predicts that by 2023, the number of devices connected to IP networks will add up to  more than three times the global population . Every single one of those devices represents a point of vulnerability. As smart device adoption has expanded, even objects as innocuous as TVs and exercise machines  have become hackable . Companies that make smart devices must have professionals with cybersecurity know-how on their teams to create and maintain the extra security protocols necessary to keep up with the  increasing complexity of cyber attacks .

Rates of cybercrime are going up

Criminals have found many ways to capitalize on the widespread adoption of digital technologies. According to statistics from Check Point Research, cyber attack attempts  reached an all-time high  in 2021. Attacks on corporate computer networks grew by 50% between 2020 and 2021. And the number of data breaches also reached a record high in that same year. A significant  breach of T-Mobile’s customer databases  exposed sensitive information, including Social Security numbers, putting more than 54 million Americans at risk.

“There is  no reason to believe the level of data compromises will suddenly decline in 2022 ,” said the CEO of Identity Theft Resource Center, Eva Velasquez. “As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber hygiene to protect themselves and their loved ones from these crimes.”

The cloud represents a new point of vulnerability

When COVID-19 drove remote work transitions across industries, it also forced many organizations to make a rapid – in some cases, risky – transition to the cloud. Cloud computing platforms, like Amazon Web Services and Google Cloud, offer increased storage, empower remote collaboration and simplify file sharing. However, many companies could not or did not prioritize cloud security during transitions, resulting in security vulnerabilities.

Cloud adoption will continue, despite the fact that many workplaces currently don’t have cloud security strategies in place or protocols to ensure employees secure the data they share. This is especially true in health care and education – two fields that saw more than a 70% increase in cyber attacks in 2021. As a result, many of the  most in-demand cybersecurity skills  are related to cloud security.

The federal government is pushing cybersecurity investments

Governments are doing their part to keep data and information safer in the digital age. Three pieces of federal legislation that address data protection and cybersecurity are:

• The Health Insurance Portability and Accountability Act (HIPAA), which protects digital health care data.
• The Gramm-Leach-Bliley Act, which requires financial institutions to make their information-sharing practices transparent and protect sensitive data.
• The Federal Information Security Management Act, which requires federal agencies to implement processes that protect confidential systems information.

Attacks like the Colonial Pipeline ransomware hack highlighted the fact that cybercrime is a national security issue. International cyber threats have prompted a  hiring boom  in military and non-military agencies. In July of 2021, the Department of Homeland Security brought on  almost 300 cybersecurity professionals  and extended 500 tentative offers. President Biden made cybersecurity a top priority for his administration, budgeting  $15 billion for the issue in FY19 . He pointed to the need for more cybersecurity programs in secondary schools and higher education, saying that “ we have to make a greater investment  in education as it relates to being able to train and graduate more people proficient in cybersecurity.”

States are forcing organizations to bulk up their cybersecurity

States are making moves to safeguard against cybercrime. For example, California passed the Notice of Security Breach Act, which requires organizations to notify California customers of data breaches. All 50 states, plus the District of Columbia, Guam, Puerto Rico and the Virgin Islands,  have similar laws  for private companies and, in many cases, government agencies. In Michigan and Arizona, private and public organizations and universities have partnered to create cyber ranges to train new experts in the field. Every state has a Chief Information Security Officer (CISO) responsible for protecting government information – and that title comes with an impressive average salary of around $200,000 or more. State governments will likely continue recruiting experienced and credentialed cybersecurity professionals to keep up with changing regulations.

More people work remotely

More Americans than ever now work from home. They also attend school from home, shop from home and log in to medical appointments using computers and phones. Remote work, distance learning and virtual meetups have created a digital landscape in which sensitive information flows over networks 24 hours a day.

Cybercriminals aren’t attacking only large corporations. They attack individuals, health care providers and nonprofits. Cyber attacks against small businesses are  increasingly common , and many small business owners report they are not prepared to defend themselves. Employees unused to remote work and unfamiliar with social engineering fall victim to phishing scams. When one employee provides sensitive information to someone they think they can trust, cybercriminals can use it to exploit entire companies. In a study Positive Technologies conducted across multiple disciplines, including finance, government and industry, the company found external attackers could penetrate organizations’ local networks  93% of the time .

Third-party relationships create extended attack surfaces

In 2020, Russian hackers gained access to Pentagon, United States Treasury and Department of Homeland Security data  via security holes in SolarWinds’ Orion software patches . The attack drove home how devastating a cyber attack can be to national security and how much more vulnerable organizations and agencies are as a  result of third-party partnerships . Some sources estimate as many as 60% of new cybersecurity incidents may result from attacks on third parties. Many organizations don’t have the resources necessary to evaluate the security practices of third-party vendors, much less manage how vendors use data. Forrester Research predicts one-fifth of organizations will  add cyber incident insurance clauses to their third-party contracts  in 2022, making vendors who don’t take cybersecurity seriously financially liable for breaches.

Outdated technology leaves data vulnerable

Too many organizations, in an effort to save money and time,  still use outdated legacy software  that functions but is not as secure as newer applications and platforms. Software requires updates, bug fixes and patches to run smoothly and protect the data and functionality of systems. However, updates and upgrades can be costly and time-consuming, and many organizations avoid them – not realizing that they’re leaving systems and sensitive information vulnerable to viruses, malware and other attacks. In some cases, organizations using insecure outdated systems may be liable for damages when breaches happen due to what is effectively negligence. Involving security experts in systems maintenance is increasingly important. Experienced cybersecurity professionals can pinpoint system vulnerabilities and determine which upgrades are essential.

There’s still room for growth in the cybersecurity market

The digital landscape is fraught with risks in the present, and it is largely impossible to predict future cyber threats. The demand for qualified cybersecurity professionals will only grow as organizations learn the full extent of modern threats to digitized workplaces. Grand View Research predicts the cybersecurity market  will be worth more than $190 billion by 2028 . Right now, there are too few qualified professionals in the cybersecurity field. A bachelor’s degree plus certifications and firewall entry-level experience are no longer all professionals need to defend against cyber attacks.

To launch a  cybersecurity career , you will need not only advanced skills but also advanced credentials. The University of Tulsa’s Master of Science in Cyber Security focuses on the theories, concepts and techniques of modern  information assurance and network defense . The core  M.S. in Cyber Security coursework  covers auditing and testing methodologies, high-assurance information systems design and maintenance, legal, policy, technical and logical dimensions of cybersecurity, network security design and more.

More importantly, you can learn it all at your own pace in this  online master’s degree program  and earn your cybersecurity degree in just 20 months – or over four years if you need more flexibility.  Faculty members  are experts in the field. And TU has relationships with industry leaders at high-profile companies such as Amazon, Instagram and Google. Demand for cybersecurity professionals will still be high at companies like these by the time graduation rolls around if you  apply today .