5 Myths and Solutions for Cyber Jobs
Where Are Those 4 Million Open Positions?
Shawn Stewart
Mr. Stewart has 27 years of experience with hundreds of international, commercial, military, and government IT projects. He holds certifications with ISC2, Cisco, Microsoft, CompTIA, ITIL, Novell, and others. He has a Masters in Cybersecurity, a Bachelors in IT, a Minor in Professional Writing, and is a published author.
There are supposedly 4 million open cybersecurity jobs in the US. Four million! That’s according to CyberSeek.org, Forbes, and the US Government. The United States Federal Government alone has 500,000 (Link). Indeed only shows 16,000 jobs (Link) and LinkedIn shows 110,000 (Link). Most of those are in one of three (3) primary categories; entry-level, experienced tester, or management. Where are the rest?
Myth #1 – Cybersecurity jobs are everywhere
If you watch job postings over time, you will notice the same jobs are posted again and again. As one candidate told me, “I’ve applied to the same job, at the same company, three (3) times now. The job expires, I get an email saying they moved on with another candidate, then the job reappears in a few weeks.”
Turns out, this isn’t his imagination. These are called Ghost Jobs (Link) and they fill nearly 50% of the jobs listed on job sites. Why? Companies say it’s to give the impression they are in growth mode and to keep their current employees motivated. I say it’s a scam to cover poor performance and appear bigger. Many companies have Ghost Job postings while in the process of reducing their own work force through layoffs.
Illegal? Unfortunately not, but it is highly unethical. How does a company keep their stock prices at all time highs in an inflated, slow economy? Remove the most expensive liability on the company’s balance sheet, people. And the big layoffs keep coming.
Myth #2 – Tax breaks for creating cybersecurity jobs
No, that’s just a lie. But, consider the Work Opportunity Tax Credit (WOTC), a joint venture by the IRS and US Department of Labor (Link). On the surface, this credit is a wonderful opportunity for veterans, those on government assistance, and other groups to be the top priority for hiring managers. When Ernst and Young laid off all those people, and I’m not picking on them, they eventually hire others back to fill those roles.
If your business can receive $2,400 in tax credit for qualified employees and your business is hurting because of a poor economy, you would do it. Who do you think they chose? Why do you think you are being asked about military, disability, race, and sex on every application? If companies were actually hiring the numbers of employees they need to keep their IT running securely, this wouldn’t be a concern.
SIDEBAR – This is where someone inevitably steps in and says, “AI took our jobs!” Well, no, unless your job involved repetitive, menial tasks that anyone could be trained to do, AI is nowhere near the level to replace a Human. Well, an AI could be writing this very blog, but I’m sure it would have more views. Don’t worry about learning how AI works beyond a basic understanding unless your job involves building neural networks and training an AI on specific data. Odds are you are already interfacing with it, it’s just hidden in the code of your favorite applications. Learn all about AI here (Link).
Myth #3 – Jobs will flood in after the election
I keep hearing this sentiment and it’s a dream. Before COVID, the sales pipelines for most businesses were full or at least flowing. Consumers and businesses were spending money because the economy was healthy. Unemployment was 3.6%, the lowest in 50 years.
As one financial analyst put it, in 2008, the banks were bailed out and the working class was left holding the empty money bag and an upside down mortgage. This created a recession, driving down stock prices and, besides financial institutions that held on to taxpayer money, forced a reset of the US economy.
When COVID struck, the Government again handed out taxpayer money. Unfortunately, the Government propped up the economy by printing more money and the stock market inflated to record highs while inflation and employment suffered. Go back to the 2002 recession. There have been both Republican and Democrat presidents and majorities in Congress. However, someone needs to force the Federal government out of the stock market.
And there’s no way the unemployment rate in the US is only 4.1%. LIES, LIES, LIES! So the 13 million people that lost their jobs since COVID are all working again? And how is it that Martha Stewart ends up in Federal prison for insider trading while every elected and non-elected government official is getting rich doing exactly the same thing? Now you understand why the Federal Government continues to inflate the stock market.
This isn’t my own wild theory, though I do have plenty. Everyone is bracing for a correction. You can blame the election all you want, but the truth is, the new President won’t take office until January 2025. The real concern is the interest rate cut.
Myth #4 – Inflation is over, we landed softly, and the jobs are on the way!
Historically speaking, the stock market corrects itself on average of about 3 years after the first rate hike, causing a recession (Link). This occurred in 2002 and 2008. In 2020, this happen but the Fed started pumping money in for COVID. So, are we going to feel the one-two punch of the 2017 and 2022 rate hikes in early 2025? That’s what most businesses seem to be waiting for.
Back to the fake jobs. How do you find a cybersecurity job in this market when companies simply aren’t hiring? Or worse, what happens if you land your dream job and get laid off after a year? Surely the world has not devolved to a “who you know, not what you know” scenario, has it? No. Some companies are hiring because they have no choice. But it’s evident something is coming. The big businesses know it and we would be wise to listen. We just need to wait it out.
Myth #5 – Cyber jobs require more certifications
How many certifications does a great cybersecurity employee need? None. No, really. If you search for Cybersecurity certifications, you will find pages. Why? There are no standards with IT certifications as does exist in the trade industries. There isn’t a state or federal test that one can take to be considered a cybersecurity professional. With some certifications costing as much at $1,600 per written exam, having the alphabet after your name may cost you more than help.
Every cybersecurity position will require training, whether formal education through a high school or college study program or an industry certification. But everyone, including vendors, have multiple certifications and each one claims it is the sure-fire way to make your resume stand out. Who do you trust? A vendor-neutral certification provider or vendors who ensure you learn cybersecurity specifically for their products.
Where Do We Go From Here?
Far be it from me to present problems and not provide some solutions.
Solution #1 – IT jobs as a Trade
Trade schools could help, but the only true answer is to treat IT jobs like a trade. Like an electrician, newly trained employees should be an apprentice to a master for a certain number of years before they become journeymen. Then, eventually, after their own training, certification, and experience, they become the master and train the next generation. But that would require businesses to treat their employees like humans, and not some renewable resources they can squander and replace.
Solution #2 – Certify to your job track.
Certifications are important but you need to find the one specific to your desired role. Do you want to be a penetration tester? EC Council has several industry-recognized options, including tiers (Link). No need to try to test at the expert level as a beginner. Want to focus on management? ISACA is your best bet (Link). Technicians and beginners can always trust CompTIA to get them started (Link). And everyone who is serious about security consulting MUST have the CISSP from (ISC)2 (Link).
The most difficult piece is understanding what YOU truly want to accomplish in the cybersecurity field. Many of us in IT have done almost everything from Help Desk, Engineer, Consultant, Manager, Director, and even Sales and Project Management. Don’t limit yourself and don’t feel like you need all those certs before you apply for positions.
Solution #3 – Real tax breaks to bolster cybersecurity jobs everywhere
Let’s stick with the hot market of Cybersecurity. The REAL jobs aren’t there. Where are they? Based on the latest rounds of hacks and breaches against Fortune 500 companies, I would say most corporations are terribly understaffed in IT and specifically cybersecurity. Why? Money, baby. Remember the most expensive liability? Guess who gets paid more. Right, IT staff. Giving companies financial incentives through tax breaks helps all Americans if it keeps our data safe.
Solution #4 – Vendor-neutral AI and Automation
Software and hardware manufacturers want you to believe their products will allow you to cut your workforce in half. I’ve heard it straight from the saleshorse’s mouth. They will tell you anything to get you to sign. Remember, they have quotas to hit or they get added to the unemployment number. To solve this, AI and automation technology should have its basis in a non-revenue based system. OpenAI should NEVER be for profit. If it is, another consortium must take its place and be the de facto standard for AI. No exceptions! Not even the government.
Software and hardware require constant monitoring, updating, and review. A consortium ensures the base technology is the same. If Cisco wants to add bells, whistles, and fancy integrations, fine. But the basics are the same so everyone in IT understands them. What’s the point of the daily 10-page security report if you don’t have the staff to understand it and react? How will you ever know if you’ve been breached? Oh, that’s right, the Feds will show up with a subpoena for your executives and a hefty multi-million dollar fine. You will be out of business.
Solution #5 – Get A Job With Your Uncle (Sam)
I would say strike out on your own. You don’t need corporate America. But I honestly believe I could discuss a CEO’s colonoscopy easier than cybersecurity. They simply don’t want to talk about it. Most small and medium businesses barely make enough to keep the doors open. Remember how COVID emptied the pipelines? Is all lost?
Well, I hate to say it, but the only place that is required by law to post actual jobs and fill them is state and Federal governments and their contractors. I know, I know, most people would rather live off the grid and eat earthworms than work for the IRS, but once you are in with the government, lateral and upward movement between departments and locations is easier. No, the pay is not great, but the real world experience is priceless. Plus, there are always government set-aside contracts available only to service disabled veterans, other veterans, women, and other groups on SAM.gov (Link).
Hang In There
If you really want to work in the corporate world, start by verifying jobs. Confirm jobs listed on job boards by checking the company’s website. It still may be a Ghost Job, but company website jobs are usually more corporeal. See what I did there? We cannot force the type of change necessary to make jobs appear out of thin air. Although the world completely changed because of COVID, business, the economy, and politics are cyclical. Don’t lose heart. Keep learning, training, and stay prepared. When the upswing comes, and it will come, you will be ready.
Need Help?
Reach out to us! We’re all in this together. Visit our contact page to submit an inquiry. Also, please follow us on social media for the latest updates.
Check Out Our Podcast!
The Hillbilly Hacker Podcast is the hottest new show on the Internet to learn about today’s latest technology in simple words. You can find the Hillbilly Hacker on Spotify, Apple, Amazon, or where ever you find your podcasts. (Link)