The cybersecurity sector is experiencing a surge in job opportunities. But, there are not enough skilled people to fill the roles.
According to the 2023 ISC2 Global Workforce Study, the cybersecurity workforce grew to an estimated 5.5 million, signifying a massive growth trajectory.
Despite this expansion, ISC2’s report shines a spotlight on a pressing reality: The cybersecurity workforce is still too small to counter the escalating threat landscape. The study reveals that while the industry ideally requires an annual workforce growth rate of 12.6% to be effective, it only saw an 8.7% increase—exacerbating the workforce deficit.
As the gap grows, the need for cybersecurity is “becoming pervasive,” says Ricardo Villadiego, the CEO and founder of LUMU, a freemium cloud-based cybersecurity analysis software. Villadiego believes that if you are enrolled in high school or college or starting from scratch, you must build a skill set to serve the increasing demand.
Cybersecurity is a field that deals with the protection of computer systems and data from malicious cyberattacks. Cybersecurity continuously faces new challenges and innovations as the world becomes more connected and dependent on technology.
Some factors shaping the cybersecurity landscape are geopolitical tensions, new technologies, and emerging threats. And with the constant reshaping of the industry comes the pay. According to Payscale, the base salary for an entry-level cybersecurity analyst is around $81,000.
“Traditionally, cybersecurity has been a field that requires highly skilled experts to manage it effectively,” Villadiego explains. “But, this approach has failed. There simply aren’t enough people with the necessary expertise to defend companies against the attacks they face today.”
In fact, the ISC2 study says that most of its respondents expressed concerns about the shortage of cybersecurity personnel, citing it as a pivotal risk factor for organizations.
Meanwhile, CompTIA’s State of Cybersecurity 2024 report emphasizes the critical challenge of bridging the demand-supply gap, highlighting the need to bring in less experienced cybersecurity professionals who can continue building their skills.
According to Tom Kellermann, the Senior Vice President of Cyber Strategy at Contrast Security, “There aren’t enough white hats or defenders.” Kellermann believes that a passion for defense is a crucial attribute for anyone looking to enter the field of cybersecurity. “When you watch sports, do you find yourself drawn to the defensive side of the game? Whether it’s hockey, basketball, football, or baseball, do you like defense?”
If you do, this career path could be the perfect fit.
Taking a free online course and coupling it with a certification is a great way to develop a well-rounded skill set. This approach enables learners to equip themselves with knowledge and expertise to succeed—at their own speed.
Fortune has saved you some time and money, curating six free online courses that can help you become a specialized player in cybersecurity and a strong candidate for hiring managers.
This free, self-paced course is for people just jumping into the world of cybersecurity. It teaches security principles, disaster recovery, and network security—all topics in the recently created Certified in Cybersecurity certification exam. This course and certification are free for the first 1 million people who sign up.
Duration: 14 hours
Difficulty: Beginner
Instructor: An ISC2 Authorized Instructor
What you get: Pre and post-course assessments, knowledge checks, study sheets, quizzes, podcasts, and flashcards
Exam difficulty: Beginner
Exam cost: Free
If cybersecurity were a sport, ethical hacking would be the offense. EC-Council’s Ethical Hacking Essentials Course covers topics from network defense and digital forensics to penetration testing and asset security. The curriculum teaches you the fundamentals of how to get your EC-Council Certified Ethical Hacker (CEH) certification.
Duration: 15 hours
Course difficulty: Beginner
Instructor: EC-Council
What you get: Certificate of completion
Exam difficulty: Beginner
Exam cost: A voucher costs $950
This nearly 19-hour-long course from Cybrary teaches IT professionals how to secure cloud and network infrastructure, encrypt data, and prevent cyberattacks. The course draws on CompTIA’s 40 years of experience in training and certifying IT professionals. It heavily focuses on the strategy and vocabulary you need to pass the CompTIA Security+ exam.
Duration: 9 hours, 44 minutes
Course difficulty: Beginner
Instructor: Kelly Handerhan
What you get at the end: Certificate of completion
Exam difficulty: Entry level
Exam cost: $392 registration fee
This short course from IT Masters is an introduction to the role of SOC analysts, who monitor and respond to cyber threats. The course covers the foundational knowledge required for the Cisco CCNA CyberOPS certification, a globally recognized credential in cybersecurity. The course trains on types of attacks, different aspects of cloud computing (from Google Cloud to Microsoft Azure), and the general fundamentals of cyber threats.
Duration: 4 weeks
Difficulty: Intermediate
Instructor: Matt Constable
What you get: Weekly hour-long webinars, written and video resources, questions from discussion forums, weekly activities to complete, an open-book final exam, and a certificate of completion
Exam difficulty: Beginner
Exam cost: $300–$450
The coveted CISSP badge is one of the most respected certifications in the field. Become a CISSP with this 4-hour certification course that covers vulnerability tests, malware management, and best practices. This SkillUp training program is regularly updated and gives you 90 days to finish. While the course is short and open to the public, you need at least five years of relevant professional experience to sign up for the exam.
Duration: 4 hours
Difficulty: Intermediate
Instructor: N/A
What you get: Certificate of completion
Exam difficulty: Intermediate
Exam cost: Free
While this course does not end in a certification exam or correlate with a certification, it is an excellent resource for learning the basics of cybersecurity. The Massachusetts Institute of Technology taught a 12-unit graduate-level, semester-long overview course in the Spring of 2014, and it is now available for free download. This class will introduce you to theoretical security problems in computer networks and cryptography.
Duration: 26 sessions
Difficulty: Intermediate
Instructor: Prof. Ronald Rivest
What you get: Access to lecture notes, example problem sets with answers, and project and programming assignments
Villadiego encourages those interested in getting an entry-level cybersecurity analyst job to use the CISCO website, which offers a network architect program that teaches fundamental networking knowledge.
“At the end of the day, cybersecurity problems happen on top of interconnected networks,” Villadiego adds. “So you need to have some level of basic networking knowledge.”
The CISA website offers free resources that teach everything from the cyber threat landscape and the types of threats that exist to strategies on how to defend against them.
Before starting any coursework, you should consider scheduling your certification test date and purchasing an exam voucher. This way, you’ll be pressured to prepare and ace your exams.
If you’re looking for something beyond free courses, Fortune ranked the best master’s degrees in cybersecurity.
© 2023 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information | Ad Choices
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions.