Most UK and US workers now view cybersecurity professionals in a positive light, although worryingly few are considering a career in the industry, according to a new study from (ISC)2.
The certifications company polled 2500 workers in the US and UK to compile its 2020 Cybersecurity Perception Study.
It revealed that perceptions of those working in cybersecurity are now generally positive: 71% claimed they view security pros as “smart, technically skilled individuals,” while 51% described them as “good guys fighting cybercrime.”
However, more concerning is the lack of interest in pursuing a career in the industry: 69% of respondents said it’s not the right fit for them, despite admitting that objectively it seems like a good option.
Part of the reasoning behind this is that individuals believe cybersecurity roles require a significant investment of time and money in training and the accrual of technical knowledge.
Some 61% said they thought they’d need more education or a certification before getting a job in the sector, 32% believe it requires too much tech know-how or training, 27% said they don’t know how to code and 26% claimed it is “too intimidating.”
Women were more likely than men to perceive the industry as intimidating and to be put off by the lack of diversity.
These perceptions may have been formed in part because most (77%) respondents were never offered cybersecurity as part of their school or college curriculum. Partly as a result, the majority (68%) said their view of the industry is shaped by portrayals in TV shows and movies (37%) or by news coverage of security incidents (31%).
Frustratingly for those hoping to encourage more people into the industry, the report comes at a time when many are considering a career change. Further, attributes such as job stability (61%), flexible working (57%) and earning potential (56%), all of which are available in security roles, are now priorities for respondents.
Perceptions of cybersecurity matter because, with an estimated global shortfall of over four million professionals, a major recruitment drive is needed to encourage workers to switch career paths.
However, the unpalatable truth is that many of the respondents’ negative perceptions are accurate: employers still often rely too much on certifications and previous experience when selecting candidates, and diversity is a persistent problem.
A particularly acute challenge will be changing perceptions among younger professionals: Generation Z respondents were least likely to view cybersecurity professionals in a positive light.
“The reality of the situation, and what we need to do a better job of publicizing, is that a truly effective cybersecurity workforce requires a broad range of professionals who bring different skillsets to their teams,” argued (ISC)2 COO, Wesley Simpson.
“While technical skills are vital for many roles, we also need individuals with varied backgrounds in areas including communications, risk management, legal, regulatory compliance, process development and more, to bring a well-rounded perspective to cyber-defense.”