In the world of cybersecurity and cybercrime, choice and creativity work both ways. As technology changes and new opportunities for innovation in the industry happen, cybercriminals evolve to fit the new landscape. As the new technology pathways appear, new opportunities for cybersecurity careers will follow. Here is a look at some of the possible areas that will open for the cyberspace cadets of the now and near future.
Change happens when technology isn’t looking
Change is constantly happening in the world of technology. In the last 25 years since I first began working in the software industry, incredible changes have occurred. Back in the mid-1990s, email was only emerging and starting to enter more mainstream use. Back then, I still used a CompuServe domain for my business email. Since then, connectivity has gone way beyond, and new technology layers such as API connectivity, artificial intelligence and automate processes, have added complexity and new cyberattack verticals. And other innovations in technology and science are coming down the line too. Space exploration and new computing paradigms are entering the landscape, and with them, new opportunities and methodologies for cybercriminals to exploit. Cybercriminals are masters of change and any potential to take advantage of a new technology area will be explored. Here are three possible near-term career opportunities that are likely to pop up in the cybersecurity job market.
Cyberwars and the critical infrastructure
An imminent threat to nations across the world is not in the form of tanks and soldiers but cybercriminals and hackers. Terrorism, espionage and nation-state attacks are being increasingly used in a digital world to cause widespread disruption and danger to individuals. The critical infrastructures that control our lighting, water supply, banking, communications and so on, are all at risk, as they are a natural attack point for an aggressive nation-state or cyber-terrorism. The merger of the physical and cyber in an industrial environment, including critical infrastructures, has allowed complex, multi-faceted, vulnerabilities to emerge. A recent Infosecurity Magazine poll on the subject found that “organizations are not fully prepared to manage security effectively across both cyber and physical environments.” The poll also mentions the misalignment of security teams and a focus on other “priorities” outside of mitigation of cyberattacks. The market for critical infrastructure protection is predicted to grow by 10% and $135 billion by 2025. As it does, specialist cybersecurity knowledge in the protection of the cyber-physical infrastructures that control citizen services will be needed. Cybersecurity professionals wishing to work in areas involving critical infrastructures must understand how to balance the needs of the cyber physical within manufacturing and Industry 4.0 and citizen services, with the requirements of a defense-in-depth approach to security. However, those who can meet these requirements, will be able to find an interesting and varied career in the industry, now and in the near future.
Space Force cybersecurity
The recent Mars landing by the Perseverance rover has renewed the general public’s interest in the exploration of space. As such, space projects are seeing a new renaissance after a hiatus for many decades. In 2019, the U.S. Space Force, part of the 2020 National Defense Authorization Act, was made official. SpaceForce.mil is looking to recruit 130 cybersecurity or cyber “surety” officers into its Space Force officer ranks. The ad for these positions states, “The continued advancement of computers and technology has drastically expanded our capabilities. However, these very same advancements have created vulnerability to our security as well.” The Space Force officers will be expected to understand how to detect, prevent and repel, cybersecurity attacks against Space Force systems. The focus of this will be a zero-trust security approach. The new U.S. Space Force will work with Xage Security to build a prototype that is expected to be based on blockchain technology (an immutable and tamperproof system) to protect space systems. Cybersecurity professionals should watch this space (pun intended).
A quantum leap in cybersecurity
Quantum computing is not new, but the advancement of the sector is starting to finally take off as technology becomes a reality. Quantum computing is moving out of the lab and into an ecosystem of quantum technologies. Organizations such as the Quantum Consortium are bringing cross-industry vendors together to create this ecosystem. In a recent podcast from Quantum Consortium, entitled “Quantum Computing, Profound Implications for National Security” Dr. Michael Vermeer concluded, “The risk for quantum computing is real and urgent.” He continues by asking for increased international cooperation to resolve areas such as managing the risk to encryption that quantum computing brings. Encryption is an essential ingredient for creating a secure internet. Encryption is used to securely transfer data using the SSL/TLS security protocol, store data securely and apply digital signatures for non-repudiation. Without encryption, data security would be almost impossible to achieve. However, quantum computing has the potential to break the way current encryption works by attacking the underlying cryptographic schemes; stalwart encryption algorithms, such as AES 256 and RSA, will be at serious risk. The National Institute of Standards and Technology, NIST, is well-aware of the quantum risks to encryption and has developed an initiative to explore quantum-proof encryption. This initiative will work to develop a process to “solicit, evaluate and standardize one or more quantum-resistant public-key cryptographic algorithms.” What this means for future cybersecurity careers is a need for quantum cryptologists to help develop these standards, then implement them within the wider quantum ecosystem. It looks like those sci-fi movies you have watched over the years will stand in good stead for a future career in cybersecurity. From quantum cryptologist to Space Force officer, a career in cybersecurity is anything but boring.
Sources:
The ‘Air Gap’ Between IT & OT is Disappearing, Infosecurity Magazine CIP Market Size Worth $135.48 Billion By 2025, GrandView Research NERC Critical Infrastructure Protection (CIP) Boot Camp, Infosec Space Force Quantum Consortium Post Quantum Cryptography PQC, NIST Space Force continues work securing space from cyberattacks, FedScoop
