Do You Need a Degree to Work in Cybersecurity?

The need for skilled cybersecurity professionals is already huge. And it's getting bigger.

It's estimated that upwards of 38 billion devices around the world will be Internet-connected by 2025.

And with more of us working remotely and relying on online services for everything from grocery deliveries to medical consultations, people who can keep those systems secure will find their skills in ever-greater demand.

But is a university degree necessary to get started in cybersecurity?

The short answer is no. Many job postings do call for a degree, but that doesn't necessarily mean you can't land those roles without one.

In many cases, employers are more interested in what you can do rather than what credentials you hold. It's more about proving your skills on the job rather than in the classroom.

And that means that some basic cybersecurity training can be enough to launch you into a new career.

Exactly what skills do you need and what are employers looking for? Here's what you need to know.


HUGE DEMAND AND SCARCE SUPPLY makes cybersecurity degrees "optional"

Even before the pandemic, the number of jobs for people who could detect and prevent data breaches was expanding enormously.

A 2016 report from Deloitte estimated that the demand for cybersecurity professionals in Canada was growing by 7 percent annually.

Data from the Canadian Occupational Projection System reveals that an average of 11,200 jobs for IT systems analysts and consultants will become available each year between 2021 and 2028.

The huge demand and lack of available talent mean salaries in this field can also be quite high. On average, information security specialists in Canada make over $80,000, according to PayScale.

What does this all mean?

It means high demand and scarce supply of IT security professionals has made degrees "optional" for many newcomers. 

A career guide from the Canadian Centre for Cyber Security makes this point clear.

"The shortage of cyber security professionals is so pronounced that organizations are retraining employees in basic cyber security skills on the job!"

Many employers have so many open positions that they are willing to accept candidates with basic cybersecurity training rather than full-fledged degrees.

If you can prove you have the skills to do this work, and perhaps some industry certifications, you can easily get your foot in the door.


Technical SKILLS YOU NEED to get hired in cybersecurity

Anyone looking to start a career in cybersecurity needs to possess certain basic skills.

We reviewed some current job postings for entry-level roles such as Security Analyst,  Network Administrator, and Junior Penetration Tester to find out what kinds of technical skills employers want.

Generally speaking, you should be comfortable with tasks like:

☑️ Installing firewalls, access controls, anti-virus software, and other network security tools

☑️ Monitoring system performance and security

☑️ Researching cyber threats and attacks

☑️ Reviewing security alerts, log files, and reports

☑️ Carrying out data backup and disaster recovery procedures

☑️ Creating and updating security documentation and training materials


Soft skills employers look for in new IT security hires

Technical knowledge is important, but it's not the end of the story. Employers like to hire cybersecurity pros who demonstrate soft skills like the following:


☑️ Analytical thinking

When a security breach occurs, or a vulnerability is discovered, you need to stay calm and work through the problem. Logical reasoning is key for troubleshooting IT issues and identifying solutions.


☑️ Willingness and ability to continually learn

Things change fast in the IT security field, so ongoing skill development is critical. You need to keep up with the latest security threats, network vulnerabilities, industry trends, and best practices.


☑️ Communication skills

Cybersecurity positions often include educating and training end-users on how to avoid viruses, phishing scams, and other kinds of common cyber attacks.

You'll also need to carefully document threats, fixes, findings, and solutions for your employer. Being able to break down complex concepts and clearly express yourself is important in this job.



You might not need a university degree, but cybersecurity certifications can be essential for starting and advancing a career in this field.

In a survey of cybersecurity professionals, completing a certification was one of the most popular pieces of advice offered to newcomers.

It's wise to check out job postings to see which specific certifications employers are looking for.

The survey we looked at said the Certified Information Systems Security Professional (CISSP) designation was by far the top choice.

Certifications related to cloud security, such as Certified Cloud Security Professional (CCSP), are also well respected by employers.


what can you expect from a college cybersecurity diploma?

Don't want to invest time and money in a university degree?

A short, focused cybersecurity course at the college level can help you develop a solid foundation of skills for a career in IT security.

A good program offers training in:

☑️ Current threats and vulnerabilities

☑️ Security practices for multiple platforms, such as Windows, Unix, and macOS

☑️ Network monitoring

☑️ Cloud security

☑️ Web application security

☑️ Ethical hacking techniques

☑️ Digital forensics

☑️ Disaster recovery procedures


Most diploma programs take 2 years or less. Some include an internship so you can get hands-on work experience.

And many are designed to prepare students for key cybersecurity certifications.

That means diploma holders can get entry-level roles, and with experience and talent, work their way up into leadership positions, even without a degree.

For instance, with a college diploma, you can qualify for positions like Security Analyst and Penetration Tester.

Once you gain some experience, you could also pursue roles like Ethical Hacker or Cybersecurity Manager/Consultant.



The unique Cybersecurity program at Herzing College Toronto is just 12 months long and includes a 100-hour internship. The training is also available at the Ottawa campus.

Herzing's course includes preparation for four certifications that can help students advance their careers in IT security:

☑️ Certified Information Systems Security Professional (CISSP)

☑️ Certified Cloud Security Professional (CCSP)

☑️ Cyber Security Practitioner (CSXP)

☑️ Systems Security Certified Practitioner (SSCP)

Eager for more information? Click below to get complete course details and chat live with an Admissions Advisor. We're here to help.


Explore the Cybersecurity Diploma Program