According to PwC’s Global Economic Crime Survey (2016), digital crimes are on the rise. In fact, cybercrime leapt from fourth to second place in the most common types of economic crimes among responding businesses. Around 50 organizations reported losses in excess of $5 million, and an alarming one-third of those lost more than $100 million. Only 37 percent of responding companies—a majority dealing with financial services—had detailed response plans to deal with cyber-threats, and 61 percent of CEOs were concerned about their company’s cybersecurity. With cybercrimes on the rise, there is expected to be a concurrent explosion in career opportunities for people with degrees in digital forensics.
To combat the international spread of cybercrimes, there’s a wealth of degree programs in computer forensics (i.e., digital forensics) all over the country. They’re available at the associate degree, bachelor’s, master’s, and certificate levels, including online programs. For example, St. Petersburg College of Florida provides an online associate of science (AS) degree in digital forensics and computer investigations; additionally, Sam Houston State University (SHSU) of Huntsville, Texas offers a hybrid master of science (MS) in digital forensics. Classes in digital forensics vary by degree level, but generally feature training in cybersecurity fundamentals; information assurance; network & systems security; file systems analysis; incident responses; penetration testing; and internet server environments.
It’s important to note that not only are degrees in digital forensics expected to be in demand, but the affiliated careers are relatively lucrative. By illustration, Indeed (Sept. 2016) reports that people in the field of computer forensics make an average annual salary of $95,000. Related careers also commanded impressive mean salaries, including digital forensics examiners ($92,000), lead security analysts ($90,000), and information systems security engineers ($102,000).
Above all, as cybercrimes such as state-sponsored attacks, “smart spam,” and ransomware continue to proliferate, so too will the career opportunities in digital crime-fighting.
Here are five hot careers open to people with degrees in digital forensics, including typical education required, job descriptions, and salary prospects.
Level of Education Required: Many of these security professionals have at least an associate degree in digital forensics, although several years of experience in the field may be a substitute. According to the International Information Systems Security Certification Consortium—also known as (ISC)2 or “I-S-C-squared”—candidates for this coveted certification must have five years of security work experience in two of the eight domains discussed below.
What They Do: Information systems security professionals ensure that an organization’s virtual data is secure through testing vulnerabilities; analyzing results; and presenting ideas to improve security. In more granular terms, these professionals work with various tools such as Kali Linux, Wifi Pineapple, and programming languages such as Python to create tools to address security threats. (ISC)2’s eight domains of knowledge in this profession include security & risk management, security engineering, software development security, asset security, communications & network security, identity & access management, security assessment & testing, security operations, and software development security.
Expected Salary: PayScale (2016) reports that Certified Information Systems Security Professionals (CISSPs)—i.e., those with the popular (ISC)2 certification—earn between $60,000 and $209,000 per year, with the high end being compensation for experienced security executives.
Level of Education Required: A majority of employers prefer forensic computer analyst candidates with at least a bachelor’s degree in digital forensics, cybersecurity, or a related field.
What They Do: Forensic computer analysts (i.e., forensic digital analysts) examine digital information from the scene of cybercrimes. They gather and store compromised data, recover files affected in a cyberattack, and detect where cybercriminal activity may have originated. They also may be called upon to extract information from destroyed devices, keep detailed logs of activities, and handle sensitive information (e.g., documents, videos, financial information) in a professional manner. They have a strong working knowledge of computers (hardware and software), programming languages, and systems, as well as databases, communication systems, digital surveillance, networking, and hacking patterns. To learn about a similar career, check out the computer forensics examiner page.
Expected Salary: According to PayScale (Sept. 2016), an aggregator of self-reported wages, the median annual salary for forensic computer analysts was $68,357, although this figure increases sharply with experience. In fact, the 105 responding mid-career professionals (i.e., those with 10 to 20 years on the job) made a median annual salary of $105,000.
Level of Education Required: Similar to other positions in digital forensics and cybersecurity, information security analysts typically have at least a bachelor’s degree in a relevant field (e.g., computer science, computer forensics, cybersecurity) prior to securing work.
What They Do: Information security analysts (i.e., IT security analysts) are the proactive gatekeepers in cybersecurity. They monitor digital networks for breaches in security systems; install and maintain up-to-date software (e.g., encryption programs and firewalls); research best practices in securing information technology; attend conferences to learn about new cybersecurity products; perform penetration testing to reveal system weaknesses and vulnerabilities; present findings organizational leaders; collaborate on incident response plans; and train organizational personnel about how to use digital security products. Notably, the Bureau of Labor Statistics (Dec. 2015) reports this is a very high-growth career. In fact, the BLS expects an 18 percent increase in openings for information security analysts between 2014 and 2024, much more robust than the average growth projected for all occupations during that time (7 percent).
Expected Salary: According to the BLS (May 2015), the average annual salary among the 88,880 information security analysts nationwide was $93,250. Impressively, this is approximately double the average annual salary for all occupations in the country ($48,320, BLS).
Level of Education Required: Malware analysts typically have at least a bachelor’s degree in the field of computer science, digital forensics, or a related subject.
What They Do: The Infosec Institute, one of many training schools in digital forensics, reports that malware analysts identify, analyze, and document the nature of various cyber-threats such as worms, rootkits, bots, viruses, Trojan horses, and others. “Malware” describes any intrusive or hostile software often used to gain access to sensitive proprietary data or damage the computer system. Since the code of malware is varied and continually evolving, these skilled analysts must be competent in multiple programming languages, data recovery, static and dynamic analyses, software development, and the practice of reverse-engineering.
Expected Salary: There are varying reports on the salaries of malware analysts. Glassdoor (Sept. 2016) reports that these professionals make between $73,000 and $91,000 per year. Indeed (Sept. 2016), by contrast, found that malware analysts nationwide make an average annual salary of $99,000.
Level of Education Required: Information technology auditors typically hold a bachelor’s degree in digital forensics, information systems management, accounting, finance, computer science, or another relevant field.
What They Do: IT auditors conduct audits on computer and networking systems to determine security vulnerabilities, as well as to detect any financial mismanagement or fraud in an organization. They strive to ensure IT accounting processes and resource management practices are meeting the needs of both the company and its customers. Specifically, these cybersecurity professionals gather and analyze data; evaluate risks; present reports to organizational management; recommend improvements to system efficiency (e.g., user experience or processing capacity); and ensure compliance with regulations.
Expected Salary: According to Glassdoor (Sept. 2016), information technology auditors nationwide earned an average annual salary of $72,721. Interestingly, Indeed (2016) reported a higher average salary for IT auditors at $79,000, and Payscale (2016) found a somewhat lower average at $64,000.
These are only five of the high-growth careers open to people with degrees in digital forensics. As mentioned in the introduction, this is expected to be a booming career field in years to come due to the increasing sophistication of cyberattacks and the mass migration of businesses to digital platforms around the world.
Finally, here are a couple of other career possibilities for people with training in computer forensics, including some links to relevant career pages: