Pros and cons of working in cybersecurity: is it right for you?

No matter your industry or business size, it pays to have quality cybersecurity. In Australia, cyber incidents are reported roughly every six minutes, and the average self-reported cost to a small business is about $49,600 per incident - a reminder that skilled professionals are essential across sectors. 

If you’re considering a move into this field, here are five pros and five cons to help you decide.

The pros of working in cybersecurity

1) Competitive salaries and strong opportunity

Cybersecurity skills are well paid in Australia. Cyber Security Analysts typically earn around $105k–$125k, with higher ranges for senior and specialised roles. Large breach costs and persistent threats also keep demand (and pay) buoyant.

Where the jobs are: finance, health, government, telecoms, retail, professional services-any organisation holding sensitive data.

2) High demand and job security

Australia continues to face sustained skills shortages in dedicated cyber roles, while incidents remain frequent. Government has also committed A$586.9m (2023–2030) to uplift national cyber resilience, signalling long-term demand.

3) Clear paths for career progression

Entry points (e.g., service desk or junior security analyst) can lead to specialist roles such as security operations (SOC), incident response, governance/risk/compliance (GRC), cloud security, penetration testing, architecture, and ultimately leadership (e.g., CISO). Progression is driven by practice, certifications, and on-the-job outcomes.

4) Flexibility and contracting options

Much cyber work can be done remotely and after-hours when needed; contracting and consulting are common. Many professionals choose portfolio careers across multiple clients, especially in assessment, hardening, and incident response.

5) You’ll never stop learning

Threats, tools and regulations evolve quickly. Organisations are investing more each year (global information-security spend forecast ~US$213bn in 2025), so there’s ample scope to grow skills and specialise.

The cons of working in cybersecurity

1) High-stakes, sometimes high-stress

Security teams work where business risk is real. Incidents can happen any time, and on-call rotations or late-night response windows are common—especially in SOC and incident response roles.

2) Variable cyber maturity across organisations

Some employers under-resource security or lack executive understanding. You may spend time educating stakeholders, building business cases, and improving security culture. (The national strategy funding helps, but maturity still varies.) 

3) Repetition and process discipline

Despite the Hollywood myths, a lot of value comes from methodical work: reviewing alerts, tuning controls, patching, testing back-ups, documenting, and auditing. Automation helps, but steady processes matter.

4) Low tolerance for mistakes

Misconfigurations and missed signals can be costly. The average Australian data breach was estimated at ~A$4.26m in 2024, underscoring why accuracy, peer review and defence-in-depth are critical.

5) Fast-moving knowledge treadmill

New attack methods, tools and regulations arrive constantly. Expect to invest in ongoing learning (hands-on labs, certifications, community, and vendor updates) to stay effective.

Is cybersecurity a good fit for you?

You’ll likely enjoy the work if you:

• Like solving puzzles under time pressure

• Communicate clearly with technical and non-technical audiences

• Are comfortable with procedures, documentation and continuous learning

• Care about risk, privacy and resilience - not just tech for tech’s sake

Study pathways with Upskilled (online, trainer-supported)

If you’re ready to explore the field, Upskilled offers flexible, online options:

• ICT50220 - Diploma of Information Technology (Cyber Security)
  Build practical capability in network security, incident response, secure admin and risk. Ideal for stepping into SOC, analyst, or security admin roles.

• ICT40120 - Certificate IV in Information Technology (Focus on Cyber Security)
  A foundational route if you’re newer to IT, with units that introduce security concepts alongside broader IT skills.

(Confirm current intakes, units and entry requirements on each course page.)

Quick tips for breaking in

1. Pick a lane: SOC analyst, GRC, cloud, identity - start broad, then specialise.

2. Do hands-on labs: Try home labs, emulated attack/defence, and capture-the-flag (CTF) challenges.

3. Earn targeted certs: E.g., CompTIA Security+, Microsoft SC-900/SC-200, GIAC/ISC² as your career matures.

4. Show your work: Keep a portfolio (GitHub/writing) with playbooks, detections, or case studies - scrub any sensitive data.

5. Network locally: Join meetups and communities; many roles fill through referrals.

FAQs

Is there really that much demand?
Yes. Australia continues to report frequent incidents (about one every six minutes), and small-business losses per report have increased - evidence that organisations of all sizes need capability.

What kind of salary could I expect starting out?
Entry-level and junior analyst roles vary by state and employer, but SEEK places Cyber Security Analyst average pay around $105k–$125k. Senior/specialist roles can be higher.

Can I study online while working?
Yes, Upskilled cybersecurity programs are delivered online with trainer support and digital learning resources. 

Ready to get started?

Translate your curiosity and problem-solving into a career that protects people and organisations. Explore ICT50220 - Diploma of Information Technology (Cyber Security) or ICT40120 - Certificate IV in Information Technology (Cyber focus) and chat with an education consultant about the best pathway for you.

Ana Isabel Alonsagay Ana Isabel Alonsagay freelance writer and founder of anaisabel.org, a blog on lifestyle, culture, and entertainment. When she isn't pinned to her keyboard, you can find her at your local cinema, blasting Broadway soundtracks or attending cosplay conventions.