Chapter 2
The US Cybersecurity Industry
Abstract
We review both worldwide and US cybersecurity spending and the key economic drivers behind it, including the growth in cybercrime and increased government regulation.
Keywords
Cybercrime
The Internet-of-Things (IoT)
The Federal Financial Institutions Examination Council (FFIEC)
Health Insurance Portability and Accountability Act (HIPAA)
Family Educational Rights and Privacy Act (FERPA)
Federal Information Security Management Act (FISMA)
Federal Energy Regulatory Commission (FERC)
2.1. Current and expected growth of the cybersecurity industry
If you were on the fence about joining the cybersecurity workforce, then this chapter will sway your decision! We will showcase four specific drivers fuelling the sectors growth. Simply put, cybersecurity incidents keep rising, and with this reality, so does IT-security spending. For example, small-and-medium-enterprise (SME) cyber budgets, on average, have increased by 51%1 since 2012 (in tandem with an increase in cybersecurity recruitment spending).
2.1.1. Worldwide Cybersecurity Spending
Worldwide spending is expected to reach $71.1 billion in 2014, an increase of 7.9% over 2013, with the data-loss prevention segment recording the fastest growth at 18.9%. Total information security spending will grow a further 8.2% in 2015 to reach $76.9 billion2.
With a cumulative market value of $65.5 billion (2015–2020), the US Federal Cybersecurity market will grow steadily at about 6.2% compound annual growth rate (CAGR) while the private sector looks even more promising, growing from a current (2014) level of $95.6 billion to $155.74 billion by 2019, at a CAGR of 10.3%.
If you are serious about pursuing a career in Cybersecurity, here are four encouraging growth drivers to consider.
2.1.2. Growth Driver 1: Cybercrime
Cybercrime is big business and has finally reached the tipping point where consumers and regulators are demanding that businesses deploy effective solutions. McAfee estimates that the likely annual cost to the global economy from cyber crime is more than $400 billion.3
2.1.3. Growth Driver 2: The Internet-of-Things (IoT)
Cisco’s Internet Business Solutions Group (IBSG) predicts some 25 billion devices will be connected by 2015, and 50 billion by 2020,4 This eye-popping statistic is of concern from a privacy and security perspective, and vendors need experts to firm up their devices and IoT networks.
2.1.4. Growth Driver 3: Cybersecurity is Now a Main Street Issue
Everyone is now affected. Retail and healthcare-related attacks are reported on a daily basis, and have affected tens of millions of consumers that has prompted mainstream awareness to the problem.
2.1.5. Growth Driver 4: Regulatory Compliance
Regulatory compliance has been a major factor driving spending on security. Key government agencies to study include: The Federal Financial Institutions Examination Council (FFIEC) and The Federal Energy Regulatory Commission (FERC) and you should also review: The Health Insurance Portability and Accountability Act (HIPAA); Family Educational Rights and Privacy Act (FERPA); Federal Information Security Management Act (FISMA) and Federal Energy Regulatory Commission (FERC).
2.2. Employment opportunities
The cybersecurity market-growth potential is enormous. In parallel with this surge, is the demand for cybersecurity job seekers.
2.2.1. Private Sector Demand
Demand for cybersecurity professionals grew 3.5 times faster over the past 5 years than demand for other IT jobs in general, and about 12 times faster than for all jobs. In fact, CareerBuilder,5 an online employment website with more than 300,000 employers stated that demand for information security professionals is projected to grow 22% from 2010 to 2020.
2.2.2. Public Sector Demand
According to former Defense Secretary Robert Gates6, the Pentagon is “desperately short of people who have capabilities (defensive and offensive cybersecurity war skills) in all the services.” As a response to the lack of qualified and skilled cyber professionals, the US Government launched the National Initiative for Cybersecurity Careers and Studies7 (NICCS) to develop a technologically skilled workforce. Indeed, as we shall discover in Chapter 6, the US Government has created an “Internship Program,” managed by the Office of Personnel Management that offers students and recent graduates various opportunities to engage in experiential education.
2.3. 2015 salary guide for cybersecurity professionals
Predicated salaries for cybersecurity professionals in 20158 is promising. Here are some examples:
| Security IT Professionals | Salaries in 2014 ($) | Salaries in 2015 ($) | Change (%) |
| Data security analyst | $100,500–137,250 | $106,250–149,000 | 7.4 |
| Systems security administrator | $95,250–131,500 | $100,000–140,250 | 6.0 |
| Network security administrator | $95,000–130,750 | $99,250–138,500 | 5.3 |
| Network security engineer | $99,750–131,250 | $105,000–141,500 | 6.7 |
| Information systems security manager | $115,250–160,000 | $122,250–171,250 | 6.6 |
To further compound this growth, according to the U.S. Bureau of Labor Statistics9 in 2015, IT-security specialist employment will explode by 37% from 2012 to 2022, over 3 times faster than the 11% average for all occupations, placing it among the nation’s fastest growing employment fields within the nation.
2.4. Entry-level positions
It is unusual to start your career as an information security professional, rather, it is more of a role that you will most likely move into. With this in mind, typical entry-level job titles include: help desk technician; IT support technician/desktop support; IT support engineer; Microsoft Windows IT support technician; Microsoft Windows level-1 support engineer; IT infrastructure support consultant; SQL IT application support analyst; database administrator (including Oracle DBA); enterprise resource planning; Linux administrator and system administrator.