Do You Need a Degree to Work in Cybersecurity? What You Need to Know
Cybersecurity is a hot field right now. And it's one of the few industries that got a boost due to the coronavirus pandemic. When COVID-19 forced people across the globe to work from home for over a year, security risks increased.
And now with more companies adopting a work-from-home or hybrid work environment, security risks are growing fast! Not to mention, hackers are relentless in their efforts to hack into systems to destroy them or leak sensitive data.
All of this means there are more jobs in cybersecurity today than there were two or more years ago.
But does working in cybersecurity require a college degree? Can candidates work in cybersecurity without a degree? If yes, how can they do that?
We'll be answering all of these questions and more in this article. Plus, we'll offer some tips on how to get into cybersecurity if you don't have a technical background.
Can I Get into Cybersecurity without a Degree?
You may have overlooked cybersecurity as a field of work because you graduated without an engineering or computer science degree.
But there's good news! You can work in the cybersecurity field without a degree. That said, you will need to gain some experience through educational courses and certifications.
According to Deborah Hurley, professor of cybersecurity at Brown University, getting into cybersecurity doesn't necessarily require a degree in tech or cybersecurity.
"Whatever a person’s talent, with people, administration, management, education, or technology, there is almost certainly an aspect of cybersecurity for which their skills and experience are needed," she explains.
This means that the idea of cybersecurity being too technical or that only programmers and coders can join the field is more fiction than fact.
But to get into cybersecurity without a degree, you will need to do some self-studying and earn a cybersecurity certification or two.
However, searching the internet for information though helpful doesn't get you in the door with cybersecurity companies or as a cybersecurity analyst.
How to Get into Cybersecurity without a Degree?
Companies need more proof that you really know what you're talking about and what you say you can do.
That's where cybersecurity certifications come in. To support your claim that you're familiar with the field and that you've made the effort to break into cybersecurity without a degree.
Here's a list of cybersecurity certifications, based on job-grade level, to consider taking if you want to enter the field without a degree.
Entry-level Cybersecurity Certifications to Consider
If you want to work in cybersecurity but don't have a formal or technical degree, then the following certifications are great places to start.
You don't have to take all of them. But you'll need to review the benefits of each and the types of jobs they help you fill.
• CompTIA Security+
• GIAC Information Security Fundamentals (GISF)
• GIAC Security Essentials Certification (GSEC)
• Cisco Certified Network Associate (CCNA)
Mid-career Cybersecurity Certifications
The following intermediate or mid-career certifications require at least 2 years of work experience in the cybersecurity field.
• Systems Security Certified Practitioner (SSCP)
Advanced Cybersecurity Certifications
The following cybersecurity certifications are for advanced and managerial roles. Most of the following certifications require at least 5 years of working experience along with other certifications.
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• EC-Council Certified Security Analyst (ECSA)
• Certified Information Systems Auditor (CISA)
• CompTIA Advanced Security Practitioner (CASP+)
General Cybersecurity Certifications
Unlike the above 2 sections, the following certifications don't come with specific pre-requisites or a number of years of work experience.
• GIAC Certified Incident Handler (GCIH)
• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
Is Cybersecurity Hard?
The simple answer to this question is 'No.' Cybersecurity isn't hard.
But it does require certain skills so that non-technical candidates or those without an engineering degree can get in.
Here's an overview of the 5 main skills needed by cybersecurity analysts and personnel:
1. Constant Learning
Cybersecurity is a constantly growing and evolving field, which means any candidate – with or without a degree – needs to be proactive and constantly researching and learning.
2. Tech Knowledge
We've mentioned that you don't have to come from a technical background to get into cybersecurity. But cybersecurity is – eventually – tech-related, which means you'll need to brush up on some technical information that relates to cybersecurity.
This doesn't mean you have to be a coder or programmer.
3. Strong Communication Skills
Communication skills are essential in almost all jobs today.
Cybersecurity is no exception because it's a team-based field and job and it's constantly evolving. Having strong communication skills ensures a smooth workflow and process for you, your team, and the company's clients.
4. Problem-solving and Analytical Skills
Whether you come from a technical or non-technical background, as a cybersecurity analyst you need to have problem-solving skills.
To be able to respond quickly and efficiently to cyber threats and attacks, you need to be quick on your feet and able to analyze and address problems as they arise.
Because cybersecurity is a fast-paced and fast-growing field, it requires dedication and perseverance.
You must be willing to continuously learn – whether from resources or people – and work hard to build your career in the field.
This is even more so when establishing your career in cybersecurity without a technical degree.
Getting Started in Cybersecurity with a Non-Technical Background
If you're looking to work in cybersecurity without a technical or engineering background, then here's what you need to do:
1) Consider starting with an initial study of information technology (IT) so you can have – at least – a minimal background in IT before getting into cybersecurity.
2) Become familiar with the cybersecurity field and the latest trends.
3) Begin with security-related certifications. We recommend starting with CompTIA Security+.
4) Search for entry-level jobs to gain experience and put your knowledge and studies to the test.
What is the Salary of a Certified Ethical Hacker?
In Egypt, a certified ethical hacker (CEH) can range from EGP 6,000 as a starting salary to over EGP 13,000 a month for a senior role.
This means the average monthly salary for a CEH can be around EGP 9,000 a month or EGP 108,000 per year.
However, ethical hacker salaries can generally vary based on the candidate's experience, their skills, and where they are based.
"The experience level is the most important factor in determining [a candidate's] salary," explains SalaryExplorer.com. Like any job, the more experienced a candidate has, the more likely they are to get a higher salary.
A CEH with 2 to 5 years of experience is likely to make an average of EGP 9,500 a month, which is 32% more than any cybersecurity candidate or CEH with less than 2 years of experience, according to SalaryExplorer.com.
Meanwhile, Payscale.com reports that the average annual salary for a certified ethical hacker is around EGP 120,000 to EGP 200,000 per year, which means an average of EGP 10,000 to EGP 16,600 per month.
As for other cybersecurity jobs, here are monthly and annual average salaries based on data by Payscale.com:
Which Companies Hire Ethical Hackers?
Often referred to as a white-hat hacker, an ethical hacker is a security professional whose job is to hack computer systems in order to uncover security gaps and potential threats.
It's worth mentioning that, unlike black-hat hackers who have malicious intentions when hacking computer systems, ethical hackers are hired to put themselves in cyberattackers' shoes and uncover security gaps in order to help the company bolster its computer and network systems.
In other words, ethical hackers use penetration testing among other processes to uncover risks and mitigate vulnerabilities.
Tech companies are among the top companies that hire ethical hackers.
Globally, these are the top companies that hire ethical hackers:
- Little Caesars
- Bank of America
- The US Army
In Egypt, here are some of the companies that hire ethical hackers:
- El Sewedy Education
- Fixed Solutions
These are but a few of the companies that hire for this role.
In terms of industries, these are the top industries that hire ethical hackers:
- Transportation and freight
- Security companies
- Government agencies
In 2015, hackers breached over 104 million records across various healthcare entities.
Moreover, with the rising number of employees working from home, security concerns are growing. Companies need to stay on top of the latest industry developments and educate employees about work-from-home cybersecurity tips.
What this means is: There's a growing need for cybersecurity specialists worldwide. And there's a shortage of skilled candidates to fill those jobs.
To meet this shortage, many companies are beginning to hire candidates without a technical background. This means there's an opportunity to find work in cybersecurity even if your degree wasn't in programming or engineering.
So, if you're considering joining the cybersecurity industry without a degree, then you'll need to start from the beginning by acquiring some IT knowledge, taking relevant certifications, and working in the field to gain experience.
Want to get into cybersecurity? CyberTalents is currently offering a free cybersecurity program for beginners with no previous experience in information security. Apply here
Further reading to help you get into cybersecurity: