Interested in breaking into cyber security but not sure you have the right technical experience? You may be counting yourself out too soon. The cyber security field is booming, growing faster than most professions with 3.5 million expected job openings by 2021. With cyber-crime damage costs to hit $6 trillion by 2021, it will take a village to successfully combat cyber crime. That means that while cyber professionals with technical skills are in high demand, so too are professionals with a diverse array of skillsets from law to marketing to writing.
Cyber Security Law
Cyber security is a relatively new — and critical — challenge for many organizations. If you have a legal background, working as a cyber security lawyer could be a great option. In financial services and health care in particular, in-house counsel has proven necessary to help organizations navigate this new terrain. However, without a background in cyber security, corporate attorneys can only provide so much assistance. Therefore, more and more organizations are retaining outside cyber security law firms to help them manage:
- Data breaches
- Compliance with local privacy laws
- Security policies
- Record management
- Litigation
- Digital media privacy
As a relatively new practice, cyber security law focuses on information security and data protection. In a 2015 salary survey, The International Association of Privacy Professionals found that “after C-suite or VP-level positions, lead counsel had the highest median salaries among privacy pros at $150,000.”
“A decade ago there was not enough demand in the field of cyber security law to build a practice around it,” J.J. Thompson, founder and CEO at Rook Security told CSO. “Today, entire practices are flourishing in the field of cyber security law. Cyber security attorneys play a greater role now than they did five to 10 years ago because they have more specific and more informed expertise than general litigators.”
Cyber Security Insurance
In 2015, gross written premiums for standalone cyber security policies totaled $2.75 billion. As the number and intensity of breaches increases, insurance policies are becoming more attractive. Allied Market Research predicts that the global cyber security insurance market will garner $14 billion by 2020.
But what is cyber security insurance exactly? According to the Data Center, “Cybersecurity insurance — sometimes referred to as cyber liability or data-breach liability insurance — is a type of standalone coverage. It helps companies recover from data loss owing to a security breach or other cyber event, such as a network outage or service interruption. Cybersecurity policies are different from property or general liability policies because prices and exclusions for cybersecurity insurance vary widely between insurers.”
One challenge for insurance companies writing cyber policies is the lack of data. “Unlike health, auto, or fire, insurance companies don’t have actual data to understand real risks to write cyber policies better,” Rick Tracy, CSO at Telos Corporation, told CSO. “They need to figure out how to underwrite cyber risk better so that the coverage is worthwhile for the enterprise. They need good information to make those decisions,” he continued. “Cyber is one of the few areas where there is a real growth opportunity.”
Cyber Security Writing
News entities, online publications, blogs and cyber security organizations need strong writers with passion and expertise to report on the constantly evolving cyber space. With cyber in the spotlight, story topics are not hard to come by. Online publications like Dark Reading, Krebs on Security and Troy Hunt, just to name a few, are wildly popular and extremely informative, all with a very narrow focus on cyber security. Similarly, organizations in the security space as well as businesses across several industries such as financial services, need technical writers capable of writing instructional materials and policies on information security. For writers, focusing on cyber can be a lucrative move. One job listing on Indeed, for a security technical writer based out of Washington DC, listed a salary of $70,000 – $100,000/year.
Cyber Security PR/Marketing
A data breach can mean a serious reputation and image hit for an organization. Think Target, Wendy’s, Equifax. Hence, the rise of public relations companies focused on cyber security. Southwest Airlines, for example, recognized the need for a PR cyber agency after “a series of minor events gained media traction.”
“As we continued to navigate through events, it became clear that a specialized skill was needed, and we quickly began our search for an experienced agency to help review processes, protect information, plan for a potential attack and coordinate communication across all stakeholders,” explained Brandy King, communications director at Southwest Airlines. “When we began our search for an agency to partner with us on Cyber events, it was important that the agency employees had firsthand experience on this specific topic, either working alongside or directly for a company that had fallen victim to a Cyber attack.”
“We also wanted an agency that hired staff based on their Cyber credentials. We enlisted a group that not only handled several high profile Cyber events, but also had a lawyer-turned-PR executive on staff to provide counsel on regulatory requirements, as well as a journalist who covered Cyber for the Wall Street Journal before joining the firm,” she continued. To respond to this need agencies such as Bluetext and W2 Communications have emerged, offering cyber security digital marketing and public relations services.
There is tremendous opportunity in the cyber security field. Whether you want to work in leadership, as a penetration tester, as a writer or as a lawyer, the opportunities are vast. If you are interested in beginning a career in this lucrative space, or simply increasing your cyber knowledge so that you can effectively communicate with IT and cyber departments in your organization, education can help.