Deedee, Curricula’s master hacker, has been doing a good job keeping our team on their toes preventing cybersecurity attacks. Curricula's cybersecurity awareness training program has taught us the number one entry point of cybersecurity breaches starts with human interaction, not machines. But once the breach is made, machines are used to attack systems, access important information and cause major damage from the inside out.
Cybersecurity professionals play a critical part of any organization, of any size. As we celebrate Cybersecurity Awareness Month, we'll share an insightful analysis of education, career and demographic data in the cybersecurity space leveraging the Steppingblocks engine.
How did we find the gender gap in our data?
First, we identified well-known and in-demand job titles in the field of cybersecurity, such as Security Architects, Malware Analysts, Cryptanalysts and other cybersecurity professionals. Then, we trained our data to identify relevant profiles that meet this criterion. We found that a staggering 77 percent of the industry is comprised of males, with females coming in at only 21 percent. The remaining 2 percent is unknown.
This gender gap opens opportunity for women to capitalize on these high-paying and in-demand jobs. So why aren't more women joining? Perhaps universities aren't targeting their demographic to apply for these male-dominated programs, or perhaps there's a misunderstanding of the skills required to apply. Scroll down to see a breakdown by gender of current job skills real professionals possess.Gender Composition
Cybersecurity Gender Composition Data, Steppingblocks Population Analysis
What ages are most underrepresented?
Our analysis found that current cybersecurity professionals range from their early 30s to mid 40s with a high correlation between males and females in the industry. There's an accelerated population of younger professionals starting their careers here, with males joining at a higher pace than females, but there's still huge opportunity for millennials to grow this lacking workforce.
Not only do we see a gap in gender. There's also a gap in talent. To illustrate the severity of this need, Tripwire reports that in the first three months of 2016 hackers extorted businesses and institutions for more than $209 million in ransomware payments. Tripwire also cites a survey conducted by Kaspersky Lab in 2016 that found 68.5 percent of companies expect an increase in the number of full-time security experts. It's up to our educational institutions to promote their undergraduate and advanced degree programs to prospective students who may have no idea this career path exists.Age/Gender Distribution
Cybersecurity Age Distribution Data, Steppingblocks Population Analysis
Where are cybersecurity professionals on a map?
For companies and recruiters with an immediate need for cybersecurity professionals, here's where to find them. Take a look at the map below generated with the Steppingblocks Population Analysis tool, and you'll notice a high concentration of these roles in the east, followed by Texas and California. Atlanta ranks fourth as a top cybersecurity employer within this population.
The top employing cities are Washington D.C., New York, Dallas, Atlanta and Chicago — areas also identified as tech hubs, financial centers or homes to Fortune 500 companies.Geographic Locations
Cybersecurity Geographic Data, Steppingblocks Population Analysis
Where are high-volume, high-salaried cybersecurity professionals graduating from?
As we looked at the educational backgrounds of cybersecurity pros, we were curious to learn the variety of educational institutions producing the highest paid in the industry while adding volume to the mix. When looking at this population, we segmented employees holding six-figure income positions and identified the universities from which they graduated.
Our data revealed an interesting mix of online universities and Ivy League schools. In the table below you’ll see Capella and Walden next to Harvard and Cornell. The vast and ever-growing need for cybersecurity has led many institutions to hyper-focus their course offerings to produce graduates with a new skill set. This levels the playing field across all university types, and to keep up with changing technology, more traditional schools will have to adapt.
To break it down further, our analysis found that computer science is the predominant field of study for cybersecurity professionals, and it’s commonly mixed with an MBA or another business related major.
What skills do cybersecurity professionals have?
In an interview with ClearanceJobs.com, Mansur Hasib, program chair of the cybersecurity technology program at the University of Maryland University College said this:
Matching the right people to the right jobs has been a challenge. … The need for qualified and perpetually innovative people will only grow. Cybersecurity professionals who have strong communication, analytical, and leadership skills will continue to be in high demand.
Because the gender divide is also present at the job title level, skills also look different for males and females. Top job titles for males include Cryptanalyst, Security Architect and Security Engineer with the most prevalent skills being Active Directory, Information Assurance and Firewalls. For females, Computer Security Incident Responder, Source Code Auditor and Security Administrator top the list with Training, Information Security and Public Speaking as the most common skills.
Cybersecurity Male Skills
Cybersecurity Female Skills
Cybersecurity Skills Data, Steppingblocks Population Analysis
Who's doing the hiring?
While we found a high correlation of cyber experts with foundations in business and computer science, the majority of actual people in the industry show a much more disparate relationship. In the following analysis we segmented the top cybersecurity employers for the roles we referenced and looked specifically at the education credentials of who they hired.
It’s not surprising IBM and Northrop Grumman are hiring cybersecurity specialists with business, engineering and computers science degrees at the bachelor’s, master’s and advanced degree levels. What is surprising is the representation of philosophy and physical science degrees for some of the more senior positions.
So why should you care?
Educational institutions should evaluate and adjust their current course offerings to help close the technology skills gap. Companies and recruiters should learn the geography, skill sets and education of their most qualified candidates. And learners should know where to focus their attention to keep up with the changing objectives of cybersecurity employers.
How was this analysis conducted?
The Steppingblocks Analytics Engine (internally know as Carmen) is a powerful tool that analyzes billions of data points to generate meaningful insights. The cybersecurity career analysis was conducted using Steppingblocks' Population Analysis, which generates hundreds of insights from a provided population using a mix of machine learning, analytics and data processing technologies. The data is gathered from a combination of millions of records on career profiles, educational institutions, companies, employment and education data among others.
The Steppingblocks Population Analysis has a three-step process:
1) Identify a large target population from which insights need to be gathered.
2) Identify an optimal population with a defined set of attributes that fully describe the goal of the desired analysis.
3) Generate a population model using the optimal population, and apply it to the target population.
The goal is to generate a model that identifies the optimal characteristics to make the optimal population valuable and unique. The Steppingblocks Population Analysis tool identifies these attributes based on the desired outcome and provides a ranking to each record within the target population.
Want to learn how the Steppingblocks Population Analysis tool can benefit your educational institution or organization? Contact us for a custom demo.