Harvesting Upside from Cybersecurity: Getting a Job or Placing Capital

Where is the best employment potential in cybersecurity? What should investors be thinking about in terms of cyber opportunity? What should established organizations be thinking about in terms of both employment and investment? In this article, we explore some of cyber’s potential.

Job Opportunities

One answer is clear: building cyber skills is a path to winning in the employment wars, whether one is planning a job in cybersecurity itself or another type of role.

Within the next few years, cybersecurity may potentially more than double employment (if hiring managers can fill the open positions). There are expected to be more than 4 million cyber jobs available on top of the 2.8 million currently employed in the sector. However, cyber expertise is not limited to people in the security organization. Increasingly, business and legal professionals who have cyber knowledge and skills are being highly sought after, given the pervasive nature of an effective cyber strategy—implementing it requires crossing multiple silos and accessing a large swath of the organization.

Cyber investment by organizations coming out of COVID is expected to increase by 70%, adding billions of dollars of revenue opportunity to an already large and expanding industry. Intelligently deploying that capital to improve an organization's cyber effectiveness requires business leaders and professionals who have a rich understanding of cybersecurity without being security professionals.

The gender gap prevalent in FinTech extends into cybersecurity. Estimates vary, but it appears that approximately 20% of cyber experts are women. Organizations that have diversity hiring goals may wish to consider providing training and support to increase the ranks of cyber-qualified women.


On the risk side of the equation, investors need to adopt a sophisticated view of risk assessment with respect to cyber. Having investment professionals and due diligence firms trained on cyber issues and how to assess cyber risk has moved from an afterthought to a necessity, with tangible financial impacts on getting it wrong.

In terms of opportunity, Investors should take a page out of Wayne Gretzky’s playbook and look at where the puck is going (or if we wish for a more Space Age metaphor in homage to Elon Musk, determine the orbital mechanics of the space station for an intercept). Advancing the cause of cyber training and certification appears a fertile area for evaluation, to meet the burgeoning needs of an enterprise. New kinds of access control, centered on multimodal biometrics, new approaches to monitoring and response built around next-generation artificial intelligence systems, and alternative approaches to managing data security, are trending domains that could offer fertile hunting for the next unicorn.


Where do established enterprises fit into this equation? On the downside, the cyber talent gap that makes the sector so appealing as a career option is exactly the problem businesses need to solve. About 39% of CIOs have identified cybersecurity skills as one of the top three areas they have difficulty placing. On the upside, Accenture reported in 2020 that organizations that invest in broad-based cyber literacy across their companies (instead of just in the IT department) are 200% better at remediating cyber breaches. New training such as the Oxford Cyber Futures program provides a vehicle for widespread upskilling of the entire organization.

The Future of Cyber

What is coming next is potentially a brighter tomorrow around cyber. About 70% of enterprises expect to increase investment in cyber as they emerge from COVID. New technologies are bridging deficiencies in critical areas like digital identity and data security, and large-scale government initiatives foster cyber capacity development across entire ecosystems. The next five years of cyber represents a wealth of potential upside.

The Oxford Cyber Futures program launches on June 30.