Editorial

Cybersecurity “good guys fighting cybercrime”

(ISC)² study shows people are positive about cybersecurity pros – but wouldn’t really want to do their job

Posted 23 September 2020 by

Attitudes toward cybersecurity roles are now overwhelmingly positive, according to research released today.

Seventy-one percent of people say they consider cybersecurity professionals to be smart and technically skilled. Fifty-one percent also described them as “the good guys fighting cybercrime.”

But interestingly, 69 percent of respondents replied that cybersecurity seems like a good career path, just not one they see themselves pursuing.

The findings come from an online survey, 2020 Cybersecurity Perception Study, by cybersecurity association (ISC)². The organisation says they indicate a shift in popular opinion about cybersecurity professionals, “who have traditionally been viewed through a negative lens as roadblocks to business efficiency.”

Additionally, the skills gap within the cybersecurity industry is well documented. However, the report suggests the obstacles to attracting additional workers may be two-fold.

First, 77 percent of respondents said cybersecurity was never offered as part of their formal educational curriculum at any point, making it difficult for most people to gain a solid understanding of what roles in the industry actually entail and how to pursue the career.

The second factor that may be limiting interest is a pervasive belief that such roles would require very advanced skills development that would require time and resources to achieve.

“What these results show us is that while it’s becoming even more highly-respected, the cybersecurity profession is still misunderstood by many, and that’s counterproductive to encouraging more people to pursue this rewarding career,” said Wesley Simpson, COO of (ISC)².

“A truly effective cybersecurity workforce requires a broad range of professionals who bring different skillsets to their teams. We also need individuals with varied backgrounds in areas including communications, risk management, legal, regulatory compliance, process development and more, to bring a well-rounded perspective to cyber defence.”

TV cyber geeks

In the absence of formal cybersecurity education, perceptions about the industry and the professionals in it are formed primarily through portrayals in TV shows and movies (37 percent of respondents) or by news coverage of security incidents (31 percent).

Sixty-one percent of respondents said they believe they would either need to go back to school (26 percent), earn a certification (22 percent) or teach themselves new skills (13 percent) to pursue a career in cybersecurity. Almost a third (32 percent) of respondents said they believe too much technical knowledge or training would be required.