In advance of October’s Cybersecurity Awareness Month, Michael Nizich, Ph.D., adjunct associate professor of computer science at New York Institute of Technology and author of the new book, The Cybersecurity Workforce of Tomorrow, is available for interviews/comments on the most critical knowledge, skills, and abilities that cybersecurity professionals should have in 2024 and beyond (contact [email protected]).

According to Nizich, the last few years have seen double-digit increases in malicious cyber-attacks, including ransomware and phishing attacks, totaling between $9 trillion and $13 trillion globally each year in corporate losses and recovery costs. When considered in view of the expanding global workforce gap between skilled cybersecurity professionals and available cybersecurity jobs (around three million), Nizich examines the top skills and requirements needed to enter the cybersecurity workforce in 2024.

Be a curious and critical thinker. (Be able to ask yourself what, how, and why is something happening?)

Curiosity may have killed the cat, but in the case of the cybersecurity industry, it may lead to a promotion. Cybersecurity is a field based around sharp criminal minds thinking of new and nefarious ways of breaching perimeter security systems and tricking innocent users into granting access to their system. This is no place for mundane thinkers. Technical skills are great, and obviously required, but if you do not know how and when to use them because you lack the insight to identify the attack's origins, you will struggle.

Understand the difference between Information Technology (IT), cybersecurity, and cybercrime.

This is so important for new graduates, job transitioners, and even experienced technologists moving into the field. Having a solid grasp on the unique attributes of each concept and understanding where they fit in the bigger picture of secure systems and cybercrime are key to advancement in the field.

IT is what allows the existence of valuable digital data in the first place. It also enables the transfer of this data via telecommunications channels which then places that data at risk of theft or damage by cybercriminals.

Cybersecurity is an overarching concept of methods and frameworks to apply very specific information technologies that are focused on the protection and security of data.

Cybercrime is the set of activities exhibited by criminals to illegally benefit from the theft or damage of digital data rightfully belonging to others.

Enjoy making a difference in people’s lives and not just solving technical problems.

In cybersecurity, keep in mind that you are not fixing a slow computer for an employee as part of the IT staff. You are fixing a slow computer by identifying and mitigating malicious software on that computer that is attempting to lock your organization out of its own data and then force you to pay an exorbitant ransom to access your own data. You need to find a bit of passion, and even wonder, in what you are doing every day.

Cybersecurity is the magical place where you get to apply your hard-earned technology skills and your natural instincts to stop, and sometimes even catch, threat agents and attackers who were out to harm others.