Cybercriminals have been attacking organizations all across the private and public sector. We hear about these attacks increasingly on the news—the mainstream news at that—nowadays. How can you leverage this awareness to help land your first cybersecurity job? If you identify companies in sectors with additional cybersecurity needs, you’ll find companies that are likely hiring. Let’s take a look at some key sectors with greater needs for cybersecurity talent. Some of them may surprise you.
Most Vulnerable Sectors
Generally speaking, companies which have suffered cyberattacks will invest to improve their defenses. So which sectors have suffered the most cyberattacks as of late? The publication IT Governance analyzed over 1,000 publicly disclosed security incidents that occurred in 2020. Their analysis revealed five sectors, which were most attacked.
Healthcare and health sciences sector - 21% of all recorded breaches
Public sector - 18% of all reported incidents
Technology and media sector - 14% of all incidents
Education sector - 14% of all incidents
Retail and leisure sector - 9% of all incidents
Winston Churchill once said, “Never let a good crisis go to waste.” The coronavirus is that crisis for cybersecurity. The COVID-19 crisis has created a lot of new opportunities for cybercriminals. As a result of that additional cybercriminal activity, 70% of organizations plan to increase their cybersecurity spending following the pandemic.
These five sectors should provide good opportunities for cybersecurity employment. After all, nothing stimulates cybersecurity spending (and hiring) like a successful cyberattack. Especially one that you had to publicly disclose. As a result of the volume of cyberattacks they suffered in 2020, companies in these sectors need to invest in cybersecurity, which already has a talent shortage. This could be a good opportunity for new talent to get a chance.
Critical Infrastructure Sectors
In 2013 the United States introduced the National Infrastructure Protection Plan (NIPP) with the mission to “Strengthen the security and resilience of the Nation’s critical infrastructure, by managing physical and cyber risks through the collaborative and integrated efforts of the critical infrastructure community.” The NIPP designated 16 Critical Infrastructure Sectors, which were deemed to be vital to national security.
Given that the US government declared the cybersecurity in these sectors is strategically important to national security, you can safely assume that companies in these sectors appreciate the importance of investing in cybersecurity.
Commercial Facilities Sector
Critical Manufacturing Sector
Defense Industrial Base Sector
Emergency Services Sector
Financial Services Sector
Food and Agriculture Sector
Government Facilities Sector
Healthcare and Public Health Sector
Information Technology Sector
Nuclear Reactors, Materials, and Waste Sector
Transportation Systems Sector
Water and Wastewater Systems Sector
The list of US Critical Infrastructure Sectors can be useful to aspiring cybersecurity professionals. Some sectors are less obvious than others. Naturally, organizations in these sectors are not evenly distributed around the country. Which of these sectors may be bigger where you live?
Knowing which sectors are deemed critical infrastructure is especially useful for anyone looking to get into cyber threat intelligence (CTI). After all, the “collaborative and integrated efforts” that the NIPP’s mission statement refers to includes intelligence sharing.
Find Organizations with Extraordinary Needs
In your cybersecurity job hunt, it can be helpful to identify sectors and organizations with an extraordinary need for talent. Some organizations come to appreciate their need for additional cybersecurity investment due to recent cyberattack. Other organizations have a constant recruiting need, which is highlighted by their critical infrastructure status.
You can find hidden gems of organizations by analyzing less obvious sectors with extraordinary needs. I’ll bet you wouldn't have thought of the retail and leisure sector or the food and agriculture sector. Use this knowledge of sectors with extraordinary cybersecurity requirements to be strategic about which companies you pursue, network with, and apply to. After all, these things take time (which is the ultimate finite resource). So be focused and approach companies in a targeted manner.