A question that comes up a lot in cybersecurity is whether you need a degree to become a cybersecurity professional. The answer is no. And yes. Here’s why.
This question really breaks down into two parts: Do you need a degree to get started in cybersecurity? And do you need a degree to progress in cybersecurity?
Here’s the no
It’s possible to get an entry-level job in cybersecurity without a degree, particularly if you have completed certifications such as CompTIA Security+ or Certified Ethical Hacker. The question comes up all the time on Reddit and Quora, and there’s always plenty of people who can testify that they have a successful cybersecurity career without a college degree.
There’s a huge backlog in cybersecurity hiring. According to Cyberseek, an industry joint initiative looking at the cybersecurity job market, there are more than a half-million cybersecurity job openings right now.
Consequently, someone who can demonstrate at least some capability in cybersecurity has a good shot in getting a job -- perhaps even more with a specialized cybersecurity certificate than with a more general degree. That’s particularly true if you have some experience as well. Cyberseek notes that many cybersecurity job openings are requesting particular cybersecurity certifications.
On a larger scale, companies are increasingly considering applicants without college degrees but with relevant certificates. Major companies such as Tesla, Apple, Google, and Netflix no longer require their prospective employees to have four-year degrees, according to Business Insider. (Keep in mind that many of the entrepreneurs that built large companies in software or hardware, including Bill Gates and Steve Jobs, didn’t have college degrees.)
CompTIA handles this question head-on. “A large portion of jobs in IT don’t require a four-year degree or even a two-year degree, and many IT job listings prove this,” the company said. “If not having a degree has held you back from pursuing a career in technology, you should know that most tech positions simply require proof that you can do the job, through certifications and prior experience. Hiring managers don’t weed out potential job candidates because they don’t have undergraduate degrees.”
The company goes on to point out that, according to the U.S. Bureau of Labor Statistics, 26% of IT workers in the United States do not hold a bachelor’s degree or higher.
That’s particularly true for cybersecurity, a field that’s so new and fast-paced that college degrees can’t keep up and for which there aren’t that many standards, writes cybersecurity professional Matt Day on the StartACyberCareer.com website, in an article entitled, “Five Big Reasons You Can Get Into Cyber Without a Degree.”
“Cybersecurity is a field that by nature doesn’t have a regulating body or structure,” Day points out. “Consider, for example, that in the field of medicine you must have a medical degree. This, of course, is not the case with technical fields like cybersecurity. Employers are free to hire whomever they want, including those without a degree.”
And one final point: While your competitors are spending four years or more picking up a college degree, you’re spending that four years gaining valuable experience and making useful contacts instead. And many of the individuals discussing the issue on Reddit and Quora agree that networking – the people kind – and experience are more important than degrees.
That is great in theory, but how do you network in an era of COVID-19? Here are some ways:
- Check out organizations like Meetup in your geographic and subject area. While not all Meetups are having in-person events, some of them are having virtual events, discussions, and so on.
- Look for conferences in your subject area. One advantage of virtual conferences is that you can attend them from anywhere in the world. In addition to learning, you can see who the experts are in your field and make contact with them afterward and ask questions and make comments in the chat windows.
- Don’t discount online discussion groups like Reddit, Quora, and support communities for the technology you have or are learning. While Reddit users generally go by a pseudonym, people still get to know each other. In Quora, you can set yourself up as an expert in various areas and the system will steer questions to you. Support groups for your technology are a great way to get to know other users in your field.
Here’s the yes
On the other hand, to advance beyond a certain level – certainly if you wish to progress to advanced roles such as Chief Information Security Officer – chances are, you may need a college degree. Whether it needs to be a specialized bachelor’s degree in computer science or cybersecurity, or any two- or four-year degree that demonstrates that you’ve completed a program, depends on the company.
Here are something to keep in mind: Many companies will contribute to your college education, or even pay for it altogether. So getting your foot in the door in an entry-level position with a relevant certification can mean that, in just a few years, you’ll not only have that college degree – free, with no debt – but several years of experience under your belt as well. That puts you in a great position for the next phase of your career, either at your existing company or at a new one.
If you’re looking to get into cybersecurity and help defend the companies of the present and future from devastating cyberattacks, look no further than Springboard’s new cybersecurity bootcamp.
* This article received a significant contribution from Sharon Fisher, who is consulting with Springboard -- as am I.