Thinking about a getting a cybersecurity degree but arenāt really sure? Youāre not the only one. Thereās a lot of debate on whether a cybersecurity degree has any value.
But as a sign of things to come, the Office of National Cyber Director recently announced a willingness for federal agencies to move away from education-based hiring and towards skills-based hiring.
So now the question everyone is askingā¦are cybersecurity degrees really worth it?
Read on as I walk through a few things to consider before you decide whether a degree is worth your time and money.
Do Employers Require a Degree in Cybersecurity?
Unfortunately, thereās no straightforward answer to this question. According to a 2023 ISACA report, only 52% of organizations require a university degree for hiring in entry-level cyber roles. Part of the reason for this lack of clarity is the challenge employers face when determining how 'well-prepared' college graduates are.
The ISACA survey revealed that 28% of respondents agreed or strongly agreed that recent cyber graduates were well-prepared for the challenges in their organizations, whereas 24% disagreed or strongly disagreed.
This indicates that employers are divided on the effectiveness of a cybersecurity degree. However, this doesnāt mean that obtaining a degree in cybersecurity lacks value; there are still several benefits to consider.
Keep in mind this thought process doesnāt apply to leadership positions. Most executive roles, such as those of a CISO, typically require a degree in cybersecurity or a related field. Additionally, some companies may even prefer candidates with a masterās degree.
Benefits of a Cybersecurity Degree
Thereās no doubt that a cybersecurity degree is an excellent launching pad for a successful career in the cyber industry. While itās absolutely possible to land an entry-level job without a cyber degree, itāll likely be more challenging for you. Compared to an equally capable candidate without a degree, a degreed candidate is more likely to gain access to a wider range of positions, secure an interview, be hired, receive opportunities for promotion, and earn a higher salary.
However, I believe the most significant benefit of obtaining a cybersecurity degree lies in the experiential learning it offers, particularly through internships. Internships provide an opportunity to develop necessary skills in a real-world environment while allowing companies to invest time and effort into your training, thus improving your chances of employment after the internship.
Calculating Your Degreeās Return on Investment (ROI)
Itās important to recognize that your return on investment (ROI) depends entirely on your career goals. If youāre āokayā with an entry-level position, low upfront costs, and slow growth with potential limits on promotion opportunities, you might be fine without a degree.
And I completely understand that going to college isnāt cheap. The average cost of an undergraduate degree on campus is $36,436. To calculate a more accurate ROI, consider also the four years of lost wages during your studies because youāre likely working part-time instead of full-time. Assuming a wage of $15 per hour, youāre giving up $15,600 per year, or $62,400 over four years. This, plus the cost of your undergrad degree, brings your total educational cost to $98,836.
Now, using the median annual salary of an information security analyst, which is $120,360, the average ROI comes to 21.8% per year, derived from ($120,360 - $98,836) / $98,836.
After working for ten years, this translates to an ROI of 1,100% without a single promotion and an ROI of 2,300% after 20 yearsāa massive return for your four years of education! Keep in mind that other factors, such as taxes, inflation, and salary increases, will also impact your actual ROI, but this gives you a basic idea of the benefits.
How to Start Cybersecurity Without a Degree?
Cybersecurity professionals currently occupy 82% of US jobs. Additionally, employment growth is expected to rise in the next decade. This means that, degree or not, the industry urgently needs quality candidates.
If you arenāt interested in a 4-year degree, here are a few alternatives to consider:
- Associateās Degree: Gain a competitive edge with a two-year cybersecurity associateās degree, which provides a flexible, albeit less comprehensive, foundation in cyber knowledge compared to a full four-year bachelorās degree.
- Bootcamps: Cybersecurity boot camps condense essential knowledge into a 6-to-28-week intensive course but also cost anywhere between $10,000 and $20,000.
- Solo Work: Consider working as an open-source project contributor or engaging in solo projects if internships arenāt appealing to you. Building a robust portfolio is crucial to demonstrating your expertise and securing an entry-level cybersecurity job.
Final Thoughts
This article explored whether a cybersecurity degree is required by employers, the benefits of having one, and whether itās worth the personal investment. And though a degree can open many doors and potentially lead to higher salaries, it's not the only way into the industry. With the cyber industry's rapid growth and the shift toward skills
-based hiring, alternatives like associateās degrees, boot camps, and self-directed projects also offer valuable entry points.
Ultimately, the debate continues: Is a traditional degree necessary, or should we value practical skills more?
What's your take? Do you think degrees are essential, or is it time to reprioritize and determine what is essential? Share your thoughts below.