Unless you live completely off the grid, you’re probably aware that data/ security represents a major, growing challenge. As the world moves further from paper records to digital databases and consumers discover new and innovative ways to connect, every bit of data becomes more vulnerable to digital criminals.
Confidential employee files, the personal and financial information of customers, even medical records are at risk for hacking. And while big breaches — Equifax, Target, Yahoo — make news, many people don't realize that, every year, 60 percent of small businesses are hacked. A cyber security breach can devastate a small company — if it doesn't put it out of business altogether.
So what can companies do to protect their data? It’s no longer enough to employ a single “IT/ guy" to take care of everything. Bad actors are sophisticated and wily, constantly finding new ways to steal data. As such, an entire industry has emerged: the field/ of cyber security.
A cyber security director manages cyber security for a company or institution. This individual may be the head of security or report to a CISO (Chief/ Information Security Officer).
No matter an employer’s structure, the cyber security director is a leader on the IT team, responsible for developing and maintaining the security protocols that protect networks and databases, managing security personnel, and reporting on the state of the company’s cyber security.
In the event of a security breach, all eyes will be on the cyber security director to direct crisis management, investigate the cause of the breach, and implement solutions.
A director is a top-level management position. As such, this job requires considerable education and experience.
The cyber security field is made up of highly trained individuals. The data security of a company is no trivial matter, and failures have far-reaching and often devastating consequences. It’s no wonder employers want only the best in these roles.
To become a cyber security director, you typically need to work your way up from a lower-level IT or cyber security position — most of which require, at minimum, a bachelor’s degree in computer/ science, computer information systems, or a related field. If you intend to go into a particular field as a cyber security director, such as banking/finance or healthcare, undergraduate education in that field can come in handy as well. Cyber security specialists skilled in accounting, for instance, are much harder for companies to find — and thus in even higher demand.
As an undergraduate, look for opportunities to focus your studies not only on technology but also on information security. If your school has a criminal justice department, a digital forensics class would complement your computer/ science major.
Once you've earned your bachelor’s degree, you may be prepared to enter the workforce in an IT position right away. But, even if your job isn't specifically connected to cyber security, the experience of working in IT will serve you well. Take advantage of opportunities as they arise, but keep in mind that you will need to continue your education beyond a bachelor’s degree if you wish to become a cyber security director.
Professional certifications are one way to increase your credentials in this field. In fact, cyber security roles are significantly more likely to require such certifications than are other IT roles. Common cyber security professional certifications include:
These and other certifications can boost you from being an “IT professional with a bachelor’s degree" to being an “IT professional with a bachelor’s degree and advanced study in cyber security." This is the first step to transitioning from the entry-level into a role that is more security-focused.
If you’re serious about becoming a cyber security director, consider earning a master’s degree. There are many degrees available (both online/ and in traditional classrooms) specific to cyber security, and an advanced degree will cement your transition into a high-level role in this field.
If you’re interested in management and business leadership, you might also consider earning/ an MBA. Some schools offer MBAs with concentrations on cyber security and computer science. If you choose a more traditional tech-centered master’s degree, consider taking some management and business courses to round out your education.
As with any industry, experience is king in cyber security. Always consider how current job will help you land (and succeed in) the job you want next — particularly if you’re in an entry-level position and looking to move up. What you learn now will set the foundation for assuming a leadership role.
The demand for cyber security professionals is high and will only continue to grow. With your degree(s), certifications, and some entry-level IT work under your belt, you’ll be ready to move into a security-related field — as a cyber security specialist, architect, or engineer, for example.
But in order to reach director-level status, you need to know how to manage people and teams — so it never hurts to look into management training as well.
Many companies sponsor leadership-training courses, but if yours doesn't you can find a number continuing education classes in management and leadership online. All of this will be essential as you seek advancement into a director role.
Cyber security is a high-paying field to begin with, given the education requirements and the skills gap we’re currently seeing in the workforce. Qualified cyber security professionals are in high demand, and can therefore demand competitive salaries.
Cyber security directors can expect to make even more money than those in other roles. PayScale places the average annual base salary of a cyber security director at almost $174,000, and that's before bonuses and other incentive payments.
Unless you sign on with a tiny startup (with a cyber security staff of one, i.e., you), you likely won't start out as a cyber security director. That's OK; there's plenty of cyber security work lower down the corporate ladder, and most of it pays well. Jump in, learn your craft and build your network, and someday you may be leading a team of cyber security engineers. With a worldwide shortfall of qualified cyber security professionals, there's no better time to get started.