Alexander's Blog

Sharing knowledge with the global IT community since November 1, 2004

The Millennials are Key to Closing the Cybersecurity Skills Gap

/
/
Cybersecurity

The demand for cybersecurity professionals has increased significantly in recent years, yet there is a skills gap that is hard for employers to close. There are too many unfilled cybersecurity jobs available today and the need for cybersecurity professionals will only increase in the future. According to the Bureau of Statistics, the average salary of a cybersecurity professional is $116,000, but there are many cybersecurity experts who make as much as the senior executives and this trend is expected to continue for some time. So why are there so many open positions and not enough qualified candidates? There are several reasons why the supply of cybersecurity professionals has not caught up with the demand. The technology moves at a rapid pace and it takes time to train people in the cybersecurity skills at a level that can match the skills of cybercriminals. The fact of the matter is that there are plenty of cybersecurity jobs available today, but there just aren’t enough qualified skilled workers to meet the demand.

The Demand for Cybersecurity Professionals

According to Forbes, by 2019 the demand for cybersecurity professionals will reach 6 million, and Symantec CEO Michael Brown believes that there would be 1.5 million fewer applicants for those jobs. In other words, there would be millions of unfilled cybersecurity jobs, but not enough qualified people to fill those positions. Other estimates put the shortage of cybersecurity specialists at even higher numbers. In its 2016 Cybersecurity Skills Gap, the information security advocacy group ISAACA predicted that there will be shortage of 2 million cybersecurity professionals by 2019. Just to remind you, 2019 is only a little over 14 months from now.

2016 Cybersecurity Skills Gap

In May 2009, President Obama declared that “the cyber threat is one of the most serious economic and national security challenges we face as a nation.” Since then cybersecurity training for state employees is now mandatory in several states, and the number is growing. Here’s a list of the states that have mandatory cybersecurity training for the state employees. At the time of writing, this list was last updated on October 11, 2017.

  1. Colorado
  2. Delaware
  3. Florida
  4. Louisiana
  5. Maryland
  6. Montana
  7. Nebraska
  8. Nevada
  9. New Hampshire
  10. North Carolina
  11. Ohio
  12. Oregon
  13. Pennsylvania
  14. Utah
  15. Vermont
  16. Virginia
  17. West Virginia

In almost all the other states, voluntary cybersecurity training is available for the executive branch state employees. With all 50 states realizing the importance of cybersecurity training, cybersecurity professionals can count on so many more opportunities and job security…..no pun intended!

The Raytheon Report

According to Raytheon, a cybersecurity company, “If there’s one profession that’s hungry for young workers, it’s cybersecurity. There are plenty of challenging, well-paying jobs for millennials. But finding well-qualified young adults for those positions is another story.” Raytheon and the National Cyber Security Alliance (NCSA) surveyed young people between the ages of 18-26 in 12 countries and published a report in October 2015 which was fascinating.

NOTE: Americans born between 1980 and 2000 are often referred to as the Millennials, or Generation Y. This is in contrast to the Generation X (GenX), which includes people born between 1965-1979 and Baby Boomers who were born between 1946-1964. Millennials make up the largest share of the U.S. population at 28.7%, compared to the Baby Boomers which make up 23.7%.  (NPR.org).

Here are some of the highlights that pertain to the Millennials from the United States. You can check out the complete report by Raytheon for more details.

  • In the U.S., 74% of women and 57% of men said schools did not offer the skills that are needed to pursue a degree in computer sciences.
  • 41% of Millennials are interested in cybersecurity careers.
  • 28% of Millennials are more likely to choose a career that makes the Internet safer, even though they don’t know what a career in cybersecurity might entail.
  • 64% of Millennials said they never heard about cybersecurity careers from their teacher, counselor, or other officials.
  • 43% said that there were no cybersecurity programs or activities available to them at school.
  • 80% of Millennials have never met or spoken to a cybersecurity professional.
  • 50% have never received formal classroom training in cybersecurity.
  • 62% didn’t hear about cyberattacks in the news last year.

Raytheon Cybersecurity Survey

The international survey showed that, when it comes to cybersecurity, the Millennials in the Middle East are way ahead of their peers in the U.S., the Europe, and the Asia Pacific in almost every single category. They are more knowledgeable, better trained, have met or spoken to cybersecurity professionals, have more cybersecurity programs available to them, and have a better understanding of the responsibilities involved in a cybersecurity career. Although the report didn’t discuss the reasons why the young adults in the Middle East were more informed about cybersecurity than the rest of the world, based on the survey results I am assuming cybersecurity education is given a higher priority in that region, which in turn produces more cybersecurity professionals. We definitely need a higher level of cybersecurity awareness among the Millennials in the United States.

At the time the Raytheon study was done, there were 49,493 jobs in the United States that required Certified Information Systems Security Professional (CISSP) certification, but there were only 65,362 professionals that held the CISSP certification and majority of them were employed. The CISSP certification is one example, but in recent years other security certificates, such as Certified Ethical Hacker (CEH) and Certified Information Security Manager (CISM), are also in great demand. The need for cybersecurity professionals is currently at the desperation level and the number of unfilled jobs will only grow in the coming years.

Why We Need the Millennials?

The Millennials are not only our future, they are the largest group in the U.S. workforce and make up about 29% of the U.S. population. We need to get the Millennials more involved and educate them about the cybersecurity careers so we can close the skills gap. Luckily, 41% of them are interested in a cybersecurity career, despite the lack of cybersecurity career guidance from their teachers and counselors. Because the Millennials are more tech-savvy than their parents, grasping the security concepts is not difficult for them. Millennials are much more interested in securing the Internet than the previous generations because they have a better appreciation and understanding of the Internet and how it effects our lives. In other words, they are more educated when it comes to the technology in general, but the young adults need more information on cybersecurity careers, the dangers associated with cyberattacks, and the impact of cybercrimes on our nation and society. Obviously, this information is less likely to come from their parents, but it can and should come from their school and work. Businesses need to hire more Millennials as interns, attract more Millennials as potential employees, and create an environment which offers more advancement opportunities for them so they can stay with the organization for a long time.

IBM has posted an executive report which addresses the cybersecurity skills gap and suggests a new approach. Among other ideas, IBM recommends the following:

Going beyond the traditional classroom
  • Establishing apprenticeships, residency programs and internships (for example, ApprenticeshipUSA).
  • Emphasizing certification programs and embedding them into education programs. Examples include CompTIA Security+ certification, Certified Information Systems Security Professional (CISSP)  certification and Certified Ethical Hacker (CEH) certification.
  • Leveraging code schools and boot camps.
  • Sponsoring clubs and competitions like CyberPatriot and CyberTitan.
Making connections and sharing information
  • Fostering better collaboration and developing tools for students, educators and industry (for example, CyberSeek and TechHire).
  • Actively recruiting underrepresented groups through conferences and organizations like the International Consortium of Minority Cybersecurity Professionals (ICMCP), Hire our Heroes, Women’s Society of Cyberjutsu and Women in CyberSecurity (WiCyS).”

If you are currently planning your career, I encourage you to consider a career in cybersecurity. A cybersecurity career will offer plenty of job opportunities, great salary and benefits, a lasting career, and some very exciting challenges.

Thanks for reading my article. If you are interested in IT training & consulting services, please reach out to me. Visit ZubairAlexander.com for information on my professional background.

Copyright © 2017 SeattlePro Enterprises, LLC. All rights reserved.

  • Facebook
  • Twitter
  • Linkedin

Leave a Comment

Your email address will not be published. Required fields are marked *

This div height required for enabling the sticky sidebar