The global growth in the frequency of cyberattacks has resulted in an increase in demand for cybersecurity professionals.
Ivy Simon
Editorial Writer
The global growth in the frequency of cyberattacks has resulted in an increase in demand for cybersecurity professionals.

With corporations and organisations growing increasingly reliant on IT and technology for transactions and communications, cybersecurity has emerged as a critical concern.

As a result, cybersecurity specialists are now in high demand across all industries of work. Their role is to develop and implement technologies, processes, and systems to secure all systems connected to the Internet, including software, hardware, and data, from cyberattacks.

Career Overview

Job roles in cybersecurity typically fall into one of three core categories:

  • Consulting: Advising clients on strategies and best practices they can implement to protect their organisations. This includes conducting risk assessments to measure how exposed they are to potential threats.
  • Engineering: Designing, building, and maintaining IT systems that are robust enough to resist cyber threats. These roles are usually project-based. 
  • Operations: Operational security (OpSec) professionals monitor IT systems for indicators of active attacks, and mitigate them accordingly. This also includes digital forensics  ̶  where you investigate clients’ machines or systems after an attack to try and trace its source, and penetration testing  ̶  where you simulate attacks to unearth potential vulnerabilities in a system.

While most cybersecurity specialists are employed by enterprises that provide IT services to other businesses, certain organisations such as banks and online retailers do invest in their own in-house cybersecurity teams.

Work styles vary greatly depending on the role. For example, cybersecurity consulting and engineering work is often project-based for specific clients, with such projects spanning anywhere from 12 to 24 months. Work is done in teams of varied sizes, though graduates are frequently led by seniors or experienced mentors.

OpSec roles, on the other hand, often have a steeper learning curve and more irregular hours. For example, if you’re working at a security operations centre where clients' systems are constantly monitored, you could be called in short notice to investigate or stop an active attack, or to advise clients on how to recover after a breach.

Graduates in this line of work are encouraged to obtain further professional certifications or to keep investing in relevant courses to upgrade their working knowledge. This is a constantly evolving field, so staying up to date on the latest developments and best practices is crucial. 

Trends and developments

In 2020, the United Nations’ International Telecommunications Union (ITU) ranked Malaysia as number eight out of the top ten countries globally that had demonstrated the highest commitment to cybersecurity infrastructure. In Budget 2023, the Malaysian government has allocated RM73 million to CyberSecurity Malaysia (CSM) to improve monitoring, detection, and reporting capabilities in order to increase the nation's cybersecurity resilience.

This is promising news for graduates keen on entering this line of work, as local employers and public sector agencies will be looking to strengthen and renew their cybersecurity practices in the face of additional government investment.  

With that said, one key area of focus will be responding to the increased cybersecurity challenges of remote work. A 2022 study by UK-based Reboot Digital PR Services indicated that Malaysia is still one of the ten least secure Asian nations when it comes to remote working. Companies will have to invest more to plug security loopholes in their virtual private networks (VPNs) for remote working staff, or research new methods of setting up secure external tunnels to company infrastructure. 

Pros and cons

A dynamic industry
In this industry, there is never a dull moment because graduates have the opportunity to work with a wide range of clients, from governmental organisations to private companies.

Irregular working hours
It can be challenging to stay one step ahead of cybercriminals, and since issues and dangers can arise at any time, graduates need to be prepared to work extra hours in case of emergency.