Cyberattacks are becoming more and more common. This means companies need more cybersecurity professionals to keep them safe. Cybersecurity is high-in-demand right now. In fact, demand for cybersecurity workers is outpacing all other IT positions.
Not only is this career in demand right now, it also pays very well. Professionals report earning an average of $116,000 per year (approximately $55.77 per hour). That’s almost three times higher than the national median income.
Have you decided that this is your new career path?
If you’re looking to break into the cybersecurity profession, you have two different potential career paths facing you. You can either enroll in a college degree program, or complete cybersecurity certifications.
This article will walk you through both options so that you can determine which path is better suited to your career goals.
By the end of this article, you will understand which career paths are open to you if you take certifications compared with obtaining a degree. You will also know which education type is more marketable and more important to employers.
Are College Degrees Becoming a Thing of the Past?
The answer to this question isn’t straightforward. An increasing number of schools are offering bachelor and master degrees in cybersecurity.
At first glance, it would appear that college degrees in this field are a requirement.
Cyber Seek shows 10 common cybersecurity positions, including the average educational requirements to apply for each one.
Less than 18% of entry-level jobs do not require a degree. For mid-level and advanced-level jobs, it’s even lower, at 14% or less, depending on the role.
This would indicate that a college degree is necessary in order to get into and advance in the field of cybersecurity.
However, Rod Rasmussen, VP of Cybersecurity at Infoblox, tells a much different story.
Rasmussen has said, "With the lack of manpower in the industry right now, just getting your basic credentialing and having at least some aptitude is sufficient to get an entry-level job. Those that are proficient will rise rapidly."
According to current forecasts, unfilled cybersecurity positions will reach 3.5 million by 2021. That’s only three years away!
The cybersecurity industry is still relatively young. Due to this, combined with the growing demand, the unemployment rate is currently an amazing 0%.
That’s not expected to change in the next several years, as the number of unfilled positions just keeps growing.
With this considerable workforce shortage, there will be increasing opportunity to enter and advance in the field without a degree.
Of course, the shortage, and the resulting demand may change in the future, as more people realize the huge opportunity for well-paying positions in this field.
Should I Choose a College Degree or Certifications?
As we just discussed, it’s not clear-cut on whether or not a degree is required to succeed in this field.
If you are considering whether you should opt for a degree or certifications, there are a number of things to factor into your decision.
First of all, be aware that College degrees typically take four years.
An entry-level credential can often be done in three to nine months.
If you opt for the degree option, and do not work while obtaining it, you will be entering the cybersecurity workforce in roughly four years.
If unemployment is still 0%, you should be able to walk into a good cybersecurity job.
However, according to Carlos Pelaez of Coalfire Systems Inc., “Executive slots are already taken.” The demand is for professionals at the entry-level and mid-level, according to him.
Which means you could find yourself four years from now competing for jobs above entry-level.
Your competition will likely be cybersecurity professionals who spent a few months getting the entry-level certifications, and then continued their certification training while employed in the sector.
This means the question isn’t, “Is a degree better than a certification?”
The question is really, “Is a degree better than a certification combined with hands-on experience in the field?”
According to Sean Tierney, head of the cyber intelligence team at Infoblox, the answer to that question is no. Tierney says, "Self-directed learning and experimentation are critical. College degrees, vendor training and professional certifications are great. However, the most frequent interview question is always along the lines of, 'tell me about your home lab, what kind of systems you’re running, and work you’re doing?'"
Of course there are opportunities to obtain a degree online or part-time, while still working within your field.
Ultimately, you will need to decide which option is right for you, as there are benefits to both education options.
One factor to consider is cost. Not only are certifications cheaper than degrees, they tend to be easier to obtain while working. In addition, 80% of people surveyed said that their employer paid for at least a portion of their certificate cost.
This means that once you have the entry-level certification and obtain a job in the field, any additional training may be covered, at least in part, by your employer. If money is an issue, opting for a certification may be more practical.
Will I Need a Degree to Get Ahead?
In general, no matter what field you’re in, the more education you have, the more opportunities are available to you.
Rasmussen College analyzed job postings to understand the education level being requested. Their findings were that earning a bachelor degree makes you eligible for 13 times as many jobs.
Keep in mind that Rasmussen is a College and they want to sell degrees.
However, this does line up with what Cyber Seek reports as well.
Does that mean you need a degree to get ahead?
Again, it depends.
Ultimately it comes down to the competition and the economy.
As discussed in the last section, if you’re competing against individuals who have less education but more hands-on experience, you may be at a disadvantage.
84 percent of employers believe half or fewer cyber security applicants are qualified for the position. This means that having a degree in the field could give you an advantage. It just doesn’t guarantee one.
Keep in mind that advancing your education is not the only way to open up more career opportunities. Experience will also help with career advancement.
Rasmussen College also analyzed the level of experience required for cybersecurity job postings.
Their findings show that the preference is 3 to 5 years of experience. Once you have at least 3 years of experience, you become eligible for more than 30,000 new positions.
According to Cyber Degrees, “A degree will only take you so far up the job ladder.”
Since cybersecurity is such a fast-changing field, their viewpoint is that it may be necessary to complete certifications even after you’ve obtained a degree.
The best certification to start with is CompTIA Security+. This course provides the foundation.
If you already have this certificate or a degree in cybersecurity, you may be looking for more advanced certifications to help you specialize.
There are a number of specialization certificates such as the:
How Much Will a Degree Cost Me?
The cost of a degree in cybersecurity will depend on the school.
OnlineU compiled a list of the most affordable cybersecurity degrees currently being offered. According to their findings, the cheapest degree is $5,780 per year or $23,120 in total.
They’ve ranked the top 25 cheapest online degrees in this area. School #25 comes in at $15,300 per year or $61,200 in total.
You can see that even across the ‘cheapest’ schools, the cost of a degree can vary widely.
What Are The Best Schools for Cybersecurity?
Cyber Degrees compiled a list of the top 20 schools for cybersecurity.
They made sure every school had the top faculty, a research lab, and ties to the government and private sectors. They also considered the following:
Scholarship and grant availability
Location (near tech centers, government defense agencies or corporate hubs)
Program completion rates
The top five schools according to Cyber Degrees are:
Georgia Institute of Technology
University Of Washington-Seattle
University Of Maryland-College Park
University Of Illinois At Urbana-Champaign
Every school on the list holds an NSA CAE designation. This means they are considered a National Security Agency (NSA) Center of Academic Excellence (CAE).
It is a voluntary designation that a school can apply for. If the school you want to go to does not have one, they may have simply decided not to apply for some reason. Do your research to understand why and judge for yourself which school is best for you.
All of these schools have labs designed to provide some hands-on experience for their students.
However, all top five programs seem to be designed for people who already have some background and experience in this area.
What If I Have CLEP Courses?
The acceptance of CLEP credits varies by school. If you have relevant past education and want to try to CLEP out of a class, make sure you choose a school that accepts CLEP and that you understand what their rules are.
There is no universal guideline around which CLEP mark is considered a passing score. The score required, and the amount of credits you receive for passing, can vary by school.
Most schools have a limit of just how many credits they will accept from CLEP testing.
What About Certifications?
If you already have cybersecurity certifications, some schools will also accept these as transfer credits in place of college courses.
Again, it depends on the specific school. You will have to contact any school you are considering and see which certifications they will accept, and how many credits they will award for each one.
After looking at the pros and cons of certificates and degrees, you should now have a good understanding of both options.
Which education path you choose will ultimately be determined by your individual situation. Do you already have a job in the field? Do you have a similar degree already (such as one in IT)? Would you be able to work while obtaining a degree?
The argument can be made that having both a degree and certifications provides you with the best of both worlds. However, we know time and money aren't always on your side.
An entry-level certification, such as the CompTIA Security+ will get you into a cybersecurity position. Whether you need further certifications or a degree to advance in your career will depend on your employer and your desire to specialize in a particular area within cybersecurity.