Is it worth getting into cyber security?

Cyber security is becoming an increasingly important field as more aspects of our lives move online. With data breaches and hacking attacks in the news on a regular basis, there is a growing need for cyber security professionals to help protect individuals and organizations from cyber threats. But is pursuing a career in cyber security worthwhile? Here we’ll examine the pros and cons of getting into the cyber security field.

The growing need for cyber security

One of the biggest factors driving demand for cyber security expertise is the sheer growth of cyber attacks. According to the Online Trust Alliance, cyber incidents, including data breaches, attacks, and more, grew by more than 13% in 2020. The amount of sensitive data online continues to grow as well. There are now over 4 billion internet users worldwide and over 7.6 billion internet-connected devices according to Internet World Stats. All this represents a wealth of targets for cyber criminals.

At the same time, cyber attacks are becoming more sophisticated. Attackers use advanced techniques like ransomware, phishing, denial-of-service attacks, and more to compromise systems and data. The growing use of cloud computing, mobile devices, the Internet of Things and AI are also creating new vulnerabilities. To defend against these advanced threats requires advanced cyber security knowledge and skills.

Huge demand for cyber security professionals

As a result of the growing cyber risk, demand for cyber security professionals is skyrocketing. The information security workforce gap is projected to reach 3.5 million unfilled positions by 2021 according to (ISC)2. Other estimates put the global shortage of cyber security professionals at around 4 million. Demand is coming from organizations of all kinds looking to hire information security analysts, network security engineers, security managers, and other cyber security roles.

This massive talent shortage in the field gives those entering cyber security an advantage. Competition for open roles is less fierce than in other IT jobs or fields. Those with the right skills can often command higher salaries. The average salary for cyber security positions is already substantially higher than for IT jobs as a whole. Information security analysts earn a median salary of over $98,000 according to the Bureau of Labor Statistics.

Diverse and challenging work

A major advantage of cyber security as a career path is that it offers incredibly diverse and challenging work. Cyber security encompasses everything from monitoring systems for anomalies and investigating breaches to penetration testing, implementing security controls and policies, and keeping up with the latest threats and technologies.

Professionals in the field get exposure to a wide range of technologies, industries, and business operations. No two days on the job look the same. Cyber security roles involve continuously learning and problem-solving to outsmart sophisticated adversaries. The field also changes rapidly, requiring professionals to stay up-to-date on the latest cyber attack and defense techniques.

Tremendous career growth and advancement

The cyber security field provides abundant opportunities for career advancement and pay increases even early on. Roles like security analyst, security engineer and security architect have a clear progression. Continuous learning and certifications can quickly open doors to new opportunities. Professionals who gain expertise in in-demand areas like cloud security, critical infrastructure protection or application security can move up quickly.

Beyond technical careers, cyber security skills translate well into leadership and management roles like Chief Information Security Officer (CISO). Cyber security is a strategic, business-critical function at most larger organizations. Leadership experience combined with technical knowledge can position cyber security professionals for prime management spots.

Flexible work options

Another appealing aspect of cyber security is the amount of flexibility it offers. Cyber security roles span a diverse range of industries and organizations from technology to healthcare to government. Professionals can choose to work at global enterprises, innovative startups, consulting firms, and more. There are also options to specialize in specific industries or technologies.

Remote and hybrid work arrangements are also increasingly common in cyber security. Technical roles like security analyst or penetration tester frequently offer the choice to work remotely. The ability to work from home or flexibly gives professionals more control over their schedules and location.

High barriers to entry

Of course, although the benefits are substantial, getting into cyber security brings challenges. First, the technical learning curve is steep. Mastering disciplines like networking, operating systems, programming, and data analytics takes time even before layering on security skills.

Hands-on experience is also critical. Entry-level cyber security roles generally require 1-3 years of IT work experience. Gaining the right experience often involves taking IT roles before transitioning into a cyber security function. Educational requirements like bachelor’s degrees in computer science or cyber security are also typical gatekeepers.

Constant change and learning

While the continuous evolution of technology and threats may be appealing, it also poses challenges. The only constant in cyber security is change. To stay effective, professionals must dedicate time and effort to continuously learn new skills and keep up with emerging technologies, threats and regulations.

Ongoing education like certifications, training courses, conferences and independent study outside work hours are essential. Those unwilling to consistently keep learning and stay updated will struggle. Cyber security roles demand a lifelong dedication to education.

High stakes environments

Cyber security also comes with high stakes. Professionals are entrusted with securing critical systems and sensitive data. Even common roles like security analyst may need to make judgement calls and recommendations with major implications. High-pressure situations like incident response require making quick decisions with limited information.

Mistakes or oversight can lead to data breaches, financial losses and reputational damage. Those unprepared to operate under pressure and take responsibility for high-impact decisions may wash out. However, the stakes can motivate professionals to perform at their best and develop valuable skills.

Can be stressful work

The constant change, non-stop education and problem-solving under pressure endemic to cyber security can take a toll. Burnout is quite common due to heavy workloads and the need to be “always on.” Cyber threats don’t operate on a 9 to 5 schedule after all.

Insider threats and cybercrime can also be psychologically taxing. Professionals need resilience when continuously exposed to the negative sides of human nature, technology, and business. Weighing positive impact against stress is important in sustaining a cyber career.


Although demanding, a career in cyber security offers immense opportunities as well as the chance to do meaningful work. For those willing to learn continuously, problem-solve creatively and perform under pressure, cyber security offers challenging work along with substantial rewards and advancement. Ultimately, getting into cyber security is worth it for IT professionals looking for a diverse, fast-paced and critical career path.