Much more can be done to help ensure a safe cyber future for all.
Every day we read headlines about a new cybersecurity breach, and chances are high that our own personal data has already been compromised through one of our favorite social media or shopping sites. It should come as no surprise that cyberattacks are increasing in both complexity and quantity, all while the cybersecurity field suffers from a staggering talent shortage.
By the year 2020, that shortage is projected to reach a jaw-dropping 1.8 million unfilled roles globally. But a recent survey from ProtectWise and Enterprise Strategy Group offers hope. It reveals that tech-savvy millennials and post-millennials may be the key to filling the talent gap. But it also highlights a lack of awareness of cybersecurity jobs and learning opportunities. While millennials now make up the largest generation in the workforce, only a mere 7 percent of cybersecurity workers are under the age of 29. Much more can be done to tap into the millennial pool, and the next generation of cyber talent to help ensure a safe cyber future for all.
Interestingly enough, the presidential administration’s recent National Cyber Strategy could be the tailwind needed to fuel a superior cybersecurity workforce. It calls for cooperation and support between the public and private sectors through education, recruitment and retention. While the National Cyber Strategy looks great on paper, actions will determine its long-term success. Below are three ways we can be proactive today, and help grow the next generation of cyber talent for tomorrow:
Create Learning Opportunities Early, in and out of the Classroom
At the recent National Initiative for Cybersecurity Education (NICE) Conference, industry leaders discussed how schools can integrate cybersecurity education in both technical and non-technical ways throughout grades K-12. They argued that teaching kids about privacy, digital safety and other best practices in small doses, beginning in the youngest of classrooms, can, in turn, help educate parents at home and eventually educate the broader society. Other experts shared ideas about how teaching kids coding and hacking can actually help them understand how cyber thieves think and threaten their safety. Leaders suggest the long-term goal will be to graduate kids with cyber certifications, giving them the understanding of penetration and intrusion detections so they are not victims. That kind of knowledge becoming more generally available among our workforce will be incredibly valuable.
The education sector also stands to learn a great deal from the private cybersecurity sector. To address knowledge gaps and build awareness of cyber professions at a younger age, companies can choose to support after-school cybersecurity clubs that offer fun, hands-on learning opportunities, teach after-school enrichment classes, promote career pathways or help develop cybersecurity curriculums for high schools. There is a multitude of ways that the private sector can give back and invest in tomorrow’s security pros.
Design Security Products with the Next Generation in Mind
The private cybersecurity sector also has both an opportunity and responsibility to create user-friendly security products, and that involves acknowledging our short attention spans, and the sheer power of good design.
What has worked in the past for the cybersecurity industry—often clunky, convoluted and ugly software—hasn’t kept pace with the younger workforce. Of course, security products must have enough power behind them to combat complex cyberattacks, but there’s no reason they can’t be visually appealing and intuitive on the outside. Security leaders are borrowing a page from Apple and Facebook, and stepping up their designs to compete alongside popular consumer apps.
B2B security product teams are turning to innovative customer experience experts to create age-responsive, intuitive and fluid user interfaces that set a fun mood and are both pleasing to the eye and productive enough to thwart hackers. Good design in security is proving it can reduce human error, improve data comprehension, make teams more effective and be easier and more realistic to train less experienced workers.
Promote and Incentivize Government Cybersecurity Careers
ProtectWise’s survey revealed that cybersecurity remains unknown as a career choice. Most millennials don’t know any cybersecurity professionals, and the vast majority surveyed said their schools don’t offer cybersecurity classes. With limited exposure available, perhaps a national cybersecurity recruitment campaign that reaches the younger generations through social media, games and within primary and secondary schools is needed to spur conversation on the field and its immense opportunities.
The National Cyber Strategy also promises to provide competitive financial compensation for the US government workforce, as well as unique training and operational opportunities, in order to compete with the private sector. Under the Homeland Security Department, the federal government has an opportunity to build out unique training programs that incorporate specialized intelligence units and offer differentiated skills on an ongoing basis.
Another resource that we can do a better job sharing with young people is CyberCorp: Scholarship for Service. This program offers scholarships for up to three years of support for cybersecurity undergraduate and graduate education. In return, recipients agree to work after graduation for the U.S. Government, in a position related to cybersecurity, for a period equal to the length of the scholarship.
Many resources, great and small, exist to move the needle where it needs to be, but it will require work on everyone’s part. Whether in education, the private sector or government, these are a few ways we can get the ball rolling today to fill the cyber talent gap.
Sylvain Gil is the co-founder and vice president of product at Exabeam.