Attracting Millennials to CyberSec Jobs

Interest Is Building, But Knowledge of Field Lacking
Attracting Millennials to CyberSec Jobs

Recent massive data breaches, such as those affecting Target, Home Depot and JPMorgan Chase, have thrust cybersecurity issues into the spotlight. So it's no surprise that interest in cybersecurity jobs is growing among millennials.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

A recent survey found that nearly 40 percent of millennials, age 18-26, said they are more likely now than 12 months ago to choose a career in which they can help make the Internet safer and more secure.

In the recent 2014 Raytheon-National Cybersecurity Alliance Millennial Survey, 26 percent of millennials said they have some interest in a possible career in cybersecurity. The No. 1 career of interest, the survey shows, was "app designer/developer."

When asked if they knew what the job responsibilities of a cybersecurity professional entailed, however, 68 percent of millennials surveyed said "no."

Diana Burley, a professor at George Washington University, says millennials are becoming more interested in cybersecurity because technology is integrated into every aspect of their lives.

"Also, high-visibility cybersecurity news events ... along with news stories about the thousands of jobs, are enough to pique anyone's interest," she says.

What would increase millennials' interest in a career in cybersecurity? Forty-eight percent said they'd be more likely to choose the field if they had information on what specific jobs within cybersecurity entailed.

Careers Millenials Say Are of Interest


Source: 2014 Raytheon-National Cybersecurity Alliance Millennial Survey

"Cybersecurity is not perceived as a 'glamorous' profession," says Frederick Chang, Director for the Darwin Deason Institute for Cyber Security at Southern Methodist University. "[Millennials] don't have an in-depth understanding of what is entailed to work in the field, but what they do know comes across to them as somewhat nerdy. Becoming an application developer that helps to create the next high-powered, high-tech startup company is perceived as cool - being a cybersecurity person is not."

Hord Tipton, executive director at ISC2, which offers information security certifications, attributes this lack of knowledge to a lack of education. "Unfortunately, educators are generally not poised to teach various aspects of information security," he says. "And, in many areas, guidance counselors are lacking in their knowledge of the profession."

A Long-Term Effort

Burley says organizations must go beyond targeting millennials "for the moment" and put resources into keeping their attention over the long haul.

"News stories and awareness campaigns often are effectively designed to grab your attention - to raise interest, but not necessarily to engage," she says. "Efforts to engage need to focus on encouraging persistence, high energy, and a willingness to put forth dedicated effort to pursue the career field."

To keep students engaged, cybersecurity education must be a part of the curriculum at all levels, Tipton argues.

The materials used to teach cybersecurity should match young students' learning styles by, for example, incorporating gaming techniques, Tipton says. "So much in the field is abstract, so it is important to be able to use what students can relate to."

Millenials: What Would Increase Your Interest in Cybersecurity Career?


Source: 2014 Raytheon-National Cybersecurity Alliance Millennial Survey

Tipton also stresses that hands-on opportunities are key. "Similar to what you see in the medical field, first-year students are [working] at the medical facility getting experience. That's the way it should be for [cybersecurity] students; they should be in the trenches immediately, facing challenges and increasing their skills and knowledge."

Careers Resource

A valuable resource for building interest in cybersecurity careers is the National Initiative for Cybersecurity Education Workforce framework.

The framework is used to define the cybersecurity workforce and provide a common lexicon to categorize workers, says William Newhouse, program lead at NICE.

"NICE has been encouraged by feedback that high school guidance counselors were taking an early distribution of the framework in a laminated form and turning it into posters for their office walls, thus exposing high school students to cybersecurity as a career for the first time," he says.

Burley says educators can help students align the job roles within the NICE framework with their interests, and then provide a roadmap that connects academic programs to job role preparation.

"There is no typical set of job responsibilities for a cybersecurity professional," she says. "We need to continue our efforts to unbundle the career options - and the different requirements and paths to pursue them."

Chang stresses that extracurricular activities are also key in a cybersecurity education. For example, SMU students compete in the National Collegiate Cyber Defense Competition. In the competition, student teams assume administrative and protective duties for an existing commercial network. Each team is scored on their ability to detect and respond to outside threats, maintain existing services and respond to business requests.

Department of Homeland Security employees within NICE have also developed the National Initiative for Cybersecurity Careers and Studies portal, Newhouse notes. The portal offers "the ability to explore cybersecurity career paths, degree programs and internship opportunities, learn about competitions, and find general information about education, training and awareness," he says.


About the Author

Megan Goldschmidt

Megan Goldschmidt

Associate Editor

Goldschmidt is the former Associate Editor for ISMG. A recent graduate of Ithaca College, she has worked for multiple publications in NJ and NY, including the Trentonian and the Rochester Business Journal, instilling a passion for writing, editing and social media.




Around the Network