Younger generations lack understanding of cybersecurity careers
It's been accepted wisdom for some time that an injection of extra talent is needed to solve the cybersecurity skills shortage.
Further confirmation of this comes in the form of a report from ProtectWise looking at the survey responses of 524 technology-savvy millennials and post-millennials in the US, conducted by Enterprise Strategy Group (ESG), to see if there were potential answers to the security skills shortage.
The data shows that the younger generation understands and acknowledges that technology and computing are likely to play a significant role in their future careers. This means that the generations that grew up with iPhones and iPads may have a leg up on earlier generations in acclimating to tomorrow's job-related technology demands.
Gaming has contributed to an appetite for technology-oriented careers, with 40 percent of all those surveyed having been gamers for more than 10 years. In addition 68 percent of respondents would classify themselves as either a technology innovator (27 percent) or early adopters of technology (41 percent).
Interest in technology is also influencing educational choices. Computer science and technology is the college major most cited by respondents as their intended (or actual) field of study on 23 percent. This is followed by science and mathematics (18 percent) and engineering (15 percent).
But while a vast majority of respondents suggested that they are interested in computer-related careers, cybersecurity was cited by just nine percent. So what can the security industry do to attract young talent?
When respondents were asked why cybersecurity was not a career they were considering, ignorance of and lack of opportunity to learn are the top of their responses. 'Don't know enough about this field/career path' is the reason most often selected by those that were not interested (37 percent), followed by 'don't believe I have the technical ability/knowledge/aptitude' (28 percent), level of education required (21 percent) and number of certifications required (15 percent).
There's a gender split too. Women are more likely to profess to not know enough about the cybersecurity field when compared to males -- 42 percent as against 35 percent. Plus women are more likely to say they don't have the technical ability/knowledge/aptitude to pursue a career in cybersecurity field than men -- 34 percent vs 25 percent.
"We believe millennials and post-millennials represent an untapped resource to solve the cybersecurity skills problem," says Gene Stevens founder and CTO of ProtectWise. "There's a definite strong self-identification with technology and a vast majority are interested in computer related careers. But there's a lack of awareness surrounding cybersecurity. We believe there's strong potential for sideways moves into cybersecurity from other technology fields, greater exposure to security issues is likely to lead to further interest."
Only 17 percent of those surveyed say that they know someone in their family who has worked in cybersecurity. Also 69 percent have never taken a class in school that focused on cybersecurity. Only four males out of all people surveyed described their current job as being in cybersecurity.
"This very much suggests that awareness and education is the core problem," adds Stevens. "Respondents are poorly informed about and underexposed to these careers."
You can read more about the findings on the ProtectWise blog.