Cybersecurity professional.

Cybersecurity consists of all the technologies and practices that keep computer systems and electronic data safe. And, in a world where more and more of our business and social lives are online, it's an enormous and growing field.

What is Cybersecurity?

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

Cybersecurity covers many aspects of the modern digital landscape, such as security measures to deliver data protection, information security, application security, network security, cloud security, endpoint device security, and the protection of people—staff, clients, customers, and public users of IT services. Recent technological advancements have opened up new possibilities for cybersecurity, but unfortunately, adversaries have benefited from these advancements, as well.

What Careers does Cybersecurity Offer?

The cybersecurity field remains a promising area of growth when it comes to career paths in tech and beyond. Remote-work security risks, increasing ransomware attacks, and more all contribute to the increased need for cyber professionals.

A recent survey conducted by the World Economic Forum shows that cybersecurity is the number one concern of CEOs at US-based companies. One part of the concern is that there just aren't enough people with the necessary skills to fill all of the available cybersecurity openings. This makes it a great time to consider a cybersecurity career.

There are a wide array of professional positions within the cybersecurity field. These positions generally fall into the following categories:

Application security describes security used by applications with the goal of preventing data or code within the app from being hijacked or stolen. These security systems are implemented during application development but are designed to protect the application after deployment.

Cloud security involves the technology and procedures that secure cloud computing environments against internal and external threats. These security systems are designed to prevent unauthorized access and keep data and applications in the cloud secure.

Infrastructure security describes the physical and cyber systems that are so critical to society that their incapacity would have a debilitating impact on our physical, economic, or public health and safety.

Internet of Things (IoT) security involves the security of any device connected to the internet and/or other connected devices. The IoT is a network of connected things and people, all of which share data about the way they are used and their environments. These devices include appliances, sensors, televisions, routers, printers, and countless other home network devices. Securing these devices is very important, and security is often considered one of the biggest barriers to widespread IoT adoption.

Network security is the protection of network infrastructure from unauthorized access, abuse, or theft. These security systems involve creating a secure infrastructure in which devices, applications, and users work together.

Some common job titles for cybersecurity professionals include:

  • Chief Information Security Officer
  • Cryptanalyst
  • Cryptographer
  • Cybersecurity Investigator
  • Computer Forensics Expert
  • Incident Responder
  • Data Protection Officer
  • Ethical Hacker/Penetration Tester
  • Malware Analyst
  • Risk Management
  • Security Analyst
  • Security Architect
  • Security Consultant
  • Security Engineer
  • Security Software Developer
  • Security Specialist
  • Source Code Auditor

What do Cybersecurity Professionals Do?

Cybersecurity careers are complex and positions can be found in most industries—from small nonprofit organizations to large multinational corporations.

No matter where they work, a typical cybersecurity professional is expected to:

  • Monitor networks for security breaches and investigate violations
  • Install and use software, such as firewalls and data encryption programs, to protect sensitive information
  • Prepare reports that document security breaches and their extent of damage
  • Conduct penetration testing in which analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
  • Research the latest information technology (IT) security trends
  • Develop security standards and best practices for their organization
  • Recommend security enhancements to management or senior IT staff
  • Help computer users when they need to install or learn about new security products and procedures

Source: US Bureau of Labor Statistics

More computing salaries and data sources.

How Much do Cybersecurity Professionals Make?

In 2022, the mean annual salary of information security analysts was $119,860. The lowest 10 percent earned less than $66,010, and the highest 10 percent earned more than $174,540.

Source: US Bureau of Labor Statistics

What Skills do Cybersecurity Professionals Need?

Professionals in the cybersecurity field typically have at least a bachelor's degree in cybersecurity or a related field, according to the US Bureau of Labor Statistics. Cybersecurity jobs require a mix of technical skills and soft skills—many of which will vary, depending on the position.

Technical skills needed may include:

  • Audit and compliance
  • Authentication
  • Coding/software skills
  • Computer forensics skills
  • Computer science fundamentals
  • Cryptography
  • Familiarity with attack tools and techniques
  • Firewall administration
  • Information security/assurance
  • Information management and high-risk decision-making
  • Information systems
  • Knowledge of security across various platforms
  • Linux
  • Network security
  • NIST Cybersecurity Framework
  • Penetration testing/ethical hacking
  • Python
  • Risk assessment and management
  • Security operations
  • Technical aptitude
  • Threat analysis
  • Troubleshooting
  • Understanding of hacking
  • Vulnerability assessment

Soft skills needed may include:

  • Active listening
  • Adaptability
  • Attention to detail
  • Creative problem solving
  • Curiosity
  • Desire to learn
  • Organizational skills
  • Planning
  • Project management
  • Research
  • Teamwork
  • Verbal and written communication skills

In addition, some cybersecurity professionals choose to pursue professional cybersecurity certifications to develop specialized knowledge and advance in their careers. Some common certifications include:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Security Manager (CISM)
  • Global Information Assurance Certification (GIAC)
  • CompTIA Security+ Certification

The Future of Cybersecurity

As companies large and small scramble to respond to growing threats, job opportunities in the cybersecurity field are increasing quickly. Today, there are more cybersecurity jobs than there are people with the right skills to fill them. The US Bureau of Labor Statistics predicts that jobs for information security analysts will grow by 33 percent through 2030—that's more than twice as fast as the average computer-related occupation and four times as fast as American jobs in general. Globally, the shortage of cybersecurity professionals is estimated to be 2.72 million.

With an increasing number of users, devices, and programs in the modern enterprise, combined with the increasing deluge of data—much of which is sensitive or confidential—the importance of cybersecurity continues to grow. The growing volume and sophistication of cyber attackers and attack techniques compound the problem even further.

Because of this, demand for professionals in the cybersecurity field is expected to remain very high. Cyberattacks have grown in frequency, and cybersecurity professionals will be needed to come up with innovative solutions to prevent hackers from stealing critical information or creating problems for computer networks.


Cybersecurity at Michigan Tech

Michigan Technological University's College of Computing is the first college in Michigan fully dedicated to computing, and one of only a few nationwide. Michigan Tech cybersecurity students develop next-generation cyber skills to confront new and emerging cyber threats.

Cybersecurity (BS)

In our Bachelor of Science in Cybersecurity program, you'll acquire the theoretical and practical knowledge needed to strategically assess, plan, design, and implement effective cybersecurity defenses; learn best practices and techniques for software development, data assets design, and the management and protection of valuable computing infrastructure; and develop trusted software systems in an Enterprise team environment with an understanding of the social, ethical, legal, and policy aspects of cybersecurity. Plus, you'll choose from one of two concentrations—Software Security or System and Network Security—to customize your degree.

Our students land internships with major companies, including Caterpillar Inc., DTE Energy, GE Aviation, General Motors, Harley-Davidson, Systems Control, and Toyota.

Cybersecurity (Minor)

Undergraduate students who do not wish to pursue the BS in Cybersecurity but have an interest in the field also have the option to add a cybersecurity minor to their degree program. The minor is open to all Michigan Tech undergraduate students.

Cybersecurity (MS)

Our Master of Science in Cybersecurity is a collaborative program through the Departments of Computer Science and Applied Computing. The curriculum combines theory and applied research across multiple computing disciplines and includes three tracks to focus your learning: Trusted Software Engineering, Critical Infrastructure Protection, or Network Security Management. You'll also choose one of three degree completion options: a thesis option, a report option, or a coursework option. There are many University-related and external funding options available and the Graduate School provides an extensive list of resources to help you identify funding opportunities. Faculty research is funded by the National Science Foundation (NSF), US Department of Energy (DOE), National Institutes of Health (NIH), Defense Advanced Research Projects Agency (DARPA), Microsoft, Google, and others.

Accelerated Master's Program

Our accelerated master's program allows you to earn your master's in just one additional year of study beyond your bachelor's. The program allows you to count up to 6 approved credits toward both your BS and your MS in Cybersecurity.

Only at Michigan Tech

The RedTeam, a student organization that promotes a security-driven mindset among the student population, provides a community for those wishing to learn more about information security. In spring 2021, the RedTeam competed in the National Cyber League (NCL) capture-the-flag (CTF) team competition and placed third overall, and tied for first in score (defeating more than 900 teams from across the country). NCL competitions are a great way to gain experience in cybersecurity tools and boost your resume.

The Michigan Tech CyberCorps Scholarship for Service program is a national program to recruit and train the next generation of security managers, IT professionals, and industrial control system professionals to meet the cybersecurity personnel needs of federal, state, local, and tribal governments. Scholarship benefits include full-time tuition and education-related fees, a generous stipend, professional development opportunities, and more. Applications are due February 1.