Industry insights

Most valuable cybersecurity skills to learn in 2022

Drew Robb
December 14, 2021 by
Drew Robb

The annual list of top-paying IT certifications from Global Knowledge is always a good index of where big money is to be made and showcases IT's significant challenges. Not surprisingly, the cloud and cybersecurity dominate the list. 

Google Certified Data Engineer, Google Certified Professional Cloud Architect and Amazon Web Services (AWS) Certified Solutions Architect – Associate are the best-paid certifications around. 

But right behind, and rising fast up the rankings, are three cybersecurity certs. Occupying positions four, five, and six on the list are: 

Should you pay the ransom?

Should you pay the ransom?

Download The Ransomware Paper for real-world ransomware examples, mistakes and lessons learned.

These sought-after credentials open many doors on the road to successful IT careers. According to the survey, both CRISC and CISSP earn an average pay of more than $150,000 per year. CISM is only slightly behind at a little more than $149,000. Why? A steady increase in security breaches worldwide is driving demand for professionals that understand IT risk. 

Earning a CRISC or one of these other qualifications is a way for IT professionals to gain insight that will prove invaluable in helping organizations identify, evaluate and manage IT risk, as well as plan and implement the appropriate defensive and remediation measures. Those earning these certifications also learn how to communicate security matters within IT and non-technical personnel and executives across the organization. 

Armed with such skills, security manager, security director, security engineer, security analyst and security architect become more attainable.

Threat intelligence skill sets 

According to Foote Partners IT Skills and Certifications Pay Index, specific security skills are in the highest demand. These include:

  • Cyber threat intelligence
  • DevSecOps
  • Identity and access management
  • Security testing
  • Management of security infrastructure
  • Security architecture
  • Encryption
  • Ability to secure data warehouse
  • Business intelligence (BI)
  • Security project management skills
  • Vulnerability scanning
  • Ability to oversee all aspects of enterprise security

"These IT skills are among those earning the highest pay premiums," said David Foote, an analyst at Foote Partners. He added that skills related to DevSecOps, identity and access management, risk assessment and security architecture had the highest pay premium, all gaining at least 10% in market value in recent months. 

He delved into some specific skills: 

  • Risk analytics and assessment gained 5% in salary value over the course of 2021. "Risk analytics exploits internal and external structured and unstructured data to model scenarios and outcomes, providing insights into areas such as fraud risk, market risk, IT risk and financial risk," Foote said. "The resulting insights provide an organization with a plethora of benefits to security, operational continuity and competitive advantage." 
  • He noted that machine learning (ML) and artificial intelligence (AI) skills directly play risk analysis. Those familiar with ML and AI who can combine those skills with risk or security competencies will find their job prospects multiplying. 
  • Managing a cyber threat intelligence program is another big winner. Foote Partners said its market value surged by almost 15% during the year as a skill set. The basic idea is to collect threat information from several sources and subject it to evaluation. Context is key, as well as ascertaining the reliability of the information. Those most valued in this arena possess the ability to detect similarities and differences within vast quantities of information and can spot abnormal activity. 

Foote added that the know-how of analysis differentiates threat intelligence from mere information gathering or dissemination. Cyber threat intelligence revolves around detecting bad actors and determining their intended targets, capabilities, tactics, techniques and procedures. 

Cybersecurity engineering skills

Cybersecurity engineers scored highest in salary growth in 2020, according to the latest Tech Salary Report from jobs website Dice. The report highlighted skills like cloud, AI, ML and cybersecurity as high demand. While tech salaries overall grew by 3.6% last year, cybersecurity analysts' salaries surged by 16.3% in 2020. Rates have risen again in 2021. 

The specific skills required for these cybersecurity positions include vulnerability analysis, risk management framework, ISO 27001 and data loss prevention. The Dice report put the projected 10-year growth for the position of a cybersecurity analyst at 28.5%. 

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

"The widespread adoption of remote work resulted in widely dispersed networks and teams, with many employees working via their personal laptops and phones," said Art Zeile, CEO, DHI Group, a provider of AI-powered career marketplaces that focus on technology roles. 

"This led to increased vulnerabilities, providing hackers with unprecedented opportunities to attack and breach defenses. In response, the need for skilled technologists to identify and plug these security holes saw cybersecurity analysts enjoy the largest growth in the salary of any occupation."  


Drew Robb
Drew Robb

Drew Robb has been writing about IT, engineering and cybersecurity for more than 25 years. He's been published in numerous outlets and resides in Florida.