By Dotan Nahum, Head of Developer-First Security, Check Point Software Technologies
What Will Cybersecurity Jobs Look Like in 2028?
Macroeconomic turmoil, the Great Resignation, and layoffs by all-star companies – the landscape appears bleak in the global tech jobs market, yet the demand for cybersecurity professionals remains impressively high in comparison. Why? Because bad times bring the bad guys out.
Market research company Sapio found that nearly 80% of CISOs believe the world is in a “perpetual state” of cyber warfare, which Forbes calls “digital civil disobedience.” While digital transformation and the adoption of new technologies mitigate many threats, these factors also create new and unforeseen challenges across every industry.
Although the cyber jobs market is in a good place, AI has the potential to both threaten and strengthen the sector and the people within it. Over the next five years, will we see a growth in cybersecurity jobs as businesses face up to future threats, and how will the ripple effect of AI make its mark? Let’s find out.
Reviewing Future Risk Factors
Employers face an extreme reality: invest in cybersecurity or risk losing everything. The average cost of a data breach currently tops $4.35 million, and it’s terrifying to imagine this figure in five years’ time. Cyber insurance premiums have skyrocketed, and executives agree that a catastrophic cyber-attack is the most important scenario in their 2023 resilience plans. Deloitte’s Technology Industry Outlook paints a similar picture, advising leaders to bolster their cybersecurity capabilities to keep up with evolving digital transformation efforts. With that in mind, it’s impossible to review the future of the cybersecurity jobs market without considering the threat landscape that drives it forward.
The Metaverse: Into the Unknown
The metaverse has enjoyed lots of hype and little action so far. Although it is early days, metaverse cyber threats straddle the digital and physical worlds thanks to the use of software and hardware. As users further engage with the idea of an immersive digital identity, they will freely experiment with the blockchain, crypto payments, and NFTs. Unfortunately, hackers can follow every interaction made by a victim as each move is recorded on the blockchain, potentially contributing to phishing attacks and scams that could also have real-life implications. Promoting a zero-trust model, continuous authentication, and Multi Factor Authentication (MFA) will be essential to building a highly secure metaverse. But preparation will only take cybersecurity efforts so far – the metaverse era will be full of surprises.
Cloud Security: An Unrelenting Risk
According to PwC, 38% of business leaders expect more serious attacks via the cloud in the upcoming years. The migration journey is fraught with threats, as new and complex environments require culture changes (especially the development cycle and DevOps), different security tools, and also different perspectives. Remote working and the appetite for digital experiences will continue to add fuel to this fire. Employee leniency, extra devices, and increased outsourcing have created a perfect storm of risks that can’t be controlled within physical parameters, and cloud security spending will rise almost 27% year-over-year to protect and defend infrastructure, data, and people. Robust cloud security will include policy-based IAM, a zero-trust approach (once again), encryption for data protection, and AI-based threat intelligence tools.
AI: Untapped Potential
As far as cybersecurity is concerned, AI is a blessing and a curse. Palo Alto’s What’s Next in Cyber report found that 39% of executives believe threat detection can be completely automated, helping enhance operational efficiency in light of the shortage of cyber talent. However, Europol continues to point out the power that deepfakes and generative AI have in launching a new realm of social engineering attacks, plus the ethics entanglement as businesses experiment with tech like ChatGPT for various use cases. As much as AI will continue to enhance velocity, productivity, and efficiency in the workplace, it will also be a major risk factor in the coming years. The question is: can the only defense against AI be itself?
What Will Cybersecurity Jobs Look Like in Five Years?
An interview in Fortune magazine revealed that cybersecurity is “largely insulated from market downturns,” but what will we see when we finally arrive in 2028?
Better Opportunities for Senior Leaders
By 2026, 70% of boards will include one member with cybersecurity expertise, and Gartner predicts that cyber leaders will be recognized further as business partners and influencers. The benefit of this is that the board will switch its focus from protection to resilience. New SEC regulations might require companies to disclose the cybersecurity expertise of their board members, which is interesting considering 59% of directors told PwC that their board is currently ineffective at understanding the causes and impacts of cyber risks on their organizations.
A More Diverse Pool of Thought
Microsoft Security is leading the charge in promoting diverse hiring practices thanks to its commitment to training 250,000 people in community colleges by 2025. There’s no doubt that certification and academic prowess go a long way in the cyber sector. Still, requirements like these perpetuate the belief that cybersecurity is an exclusive club reserved for technical experts only. In reality, businesses that take the time to invest in women, minorities, and neurodiverse individuals will benefit from better problem-solving, collaboration, and knowledge sharing.
Employers Will Open Their Pockets
Fortinet found that 60% of firms struggle to recruit cybersecurity talent, and 52% find it hard to retain them. In response, they’re putting their money where their mouth is. Demand for application and cloud security skills will grow by 164% and 115% in the next five years, respectively – and these skills carry salary premiums. The average cybersecurity salary in the US sits at a healthy $240k, and wage inflation plus a worker shortage should help boost this figure by an extra $10k or so.
Blended Roles and Responsibilities
Better cybersecurity is for the many, not the few. Developers will become more involved thanks to shift left principles, and organizations will continue to build a culture of awareness across all departments and job functions, led by CISOs. In light of the metaverse, there’s also the thought that we may see cybersecurity professionals collaborating with ethics teams more so than previously. Organizations like NIST can develop standards and legislation, but these “good” principles must be embedded in the software and hardware from day one via development, DevOps, cyber teams, and more.
About the Author
Dotan Nahum is the Head of Developer-First Security at Check Point Software Technologies. Dotan was the co-founder and CEO at Spectralops, which was acquired by Check Point Software, and now is the Head of Developer-First Security. Dotan is an experienced hands-on technological guru & code ninja. Major open-source contributor. High expertise with React, Node.js, Go, React Native, distributed systems and infrastructure (Hadoop, Spark, Docker, AWS, etc.) Dotan can be reached online at dotann@checkpoint.com and https://twitter.com/jondot and at our company website https://spectralops.io/.