With cyber-attacks soaring and costs projected to reach $10.5 trillion globally by 2025, new research by Hack The Box has uncovered the most sought-after skills within Security Operations Center (SOC) teams and the evolving role of the modern cybersecurity professional.

This new report comes as the global shortage of 3.4 million cybersecurity professionals is severely impacting SOC teams. The demand for security analysts alone is estimated to be 150% higher than the average growth projected for all cyber occupations.

The cybersecurity professional is no longer just red or blue

This talent shortage, coupled with the rise of AI-based threats, is placing mounting pressure on cyber professionals to have the most up to date skills across all areas of security. Historically, cybersecurity roles are categorised as either offensive (red team) or defensive (blue team). However, new research shows almost 60% of professionals are now opting for hybrid careers that combine both offensive and defensive cybersecurity skills.

The findings show that 3 in 10 cybersecurity professionals are interested in transitioning from blue team careers to red, offensive roles. This demonstrates a blurring of the lines between cyber roles as well as a desire among security professionals to explore different career paths.

Commenting on this finding, Haris Pylarinos, CEO and Founder at Hack The Box, says, “Our research indicates that modern cybersecurity professionals are increasingly focused on enhancing their expertise in both red and blue areas. This trend could pave the way for the emergence of hybrid cyber professionals, leading to a potential market shift where businesses seek candidates who possess well-rounded cybersecurity skills, rather than red or blue expertise alone.”

Cloud security shows no sign of fading

Contradicting claims of slowed cloud adoption, the report also highlights the continued importance of a solid foundation in cloud security. In fact, almost half (44%) of SOC analysts rank cloud security as the most valuable skill for the next five years.

Sabastian Hague, Defensive Content Lead at Hack The Box says: “The importance of cloud security is still undeniable. According to Gartner’s research, worldwide end-user spending on public cloud services is expected to surge by 20.7% to reach $591.8 billion in 2023, up from $490.3 billion in 2022. So, even with all of the discussion around the rise of new AI threats and the need to upskill there, don’t forget the importance of keeping your cloud skills up to date. It’s critical for businesses and professionals not to lose sight of this with the hype around AI”.

A shift in mindset: handling not preventing cyber threats:

Amid record-high security breaches, defensive cybersecurity professionals consider incident handling (29.5%) the most crucial skill to master. Network traffic and flow analysis, along with server log analysis, ranked second and third, respectively, on the list of essential current skills.

Haris Pylarinos continues, “A big misconception is that containing threats is the main job of a cybersecurity professional. The reality is that successful attacks and breaches are bound to happen. So, the most crucial skill isn’t preventing an attack; it’s handling and containing an unexpected incident. It’s no surprise that incident handling is the top skill listed by SOC Analysts, but businesses need a mindset shift to ease the burden on security professionals so they don’t have to bear the weight of defending every threat. Instead, their expertise shines in how they respond after the incident.”

The need for practical learning:

In the face of increasing demands and emerging pressures on cyber teams, developing new DFIR (Digital Forensics and Incident Response) skills is vital for SOC professionals. When surveyed about their interests in improving DFIR skills, over half (58.4%) of security professionals placed practical machines at the top of their list of preferred ways to learn. In contrast to 5.5% who find blog posts about DFIR useful. This shows that there is a growing need for practical cybersecurity platforms, enabling employees to combat cybercrime effectively.