March 13, 2018 By Heather Ricciuto 4 min read

The dreaded childhood question: What do you want to be when you grow up? Chances are you remember being asked this repeatedly throughout your childhood and adolescence. But how many of you actually knew in middle or high school what you wanted to be?

Did you want to be a doctor, firefighter, police officer, lawyer or teacher? Did you aspire to enter those professions because they were familiar — or because your parents or role models worked in those professions?

Did you choose that field because you wanted to make a difference in the world?

The Need for Cybersecurity Career Awareness

Whether you are 8 or 80 years old, things haven’t changed. The truth is we steer toward the familiar. We want to be like our role models, and we do what is comfortable.

Ask any group of middle school students today what they want to be, and I guarantee the majority of them will shout out the same admirable professions we wanted for ourselves as children: doctor, dentist, lawyer, teacher and the like. A few may want to be actors, artists or musicians — and at least one person in the crowd will say he or she wants to be a marine biologist or astronaut.

However, it’s not likely that anyone will say he or she wants to work in technology, let alone cybercrime. From where does this problem STEM (pun fully intended)? Sadly, many children today don’t understand the variety of science, technology, engineering and math (STEM) careers that exist in today’s world.

The majority of youth today are unaware that a cybersecurity education can lead to a fascinating and rewarding career — and that they can make a difference in the world by fighting cybercrime. While they may see fictional cybercrime fighters in television shows and movies — think “CIS: Cyber” and “Mr. Robot” — they are not exposed to cybersecurity role models in their daily lives. Many roles in cybersecurity sit behind the curtain, like the Wizard of Oz, defending against dark forces.

While cybercriminals are improving their craft, the organizations defending against them are struggling to find skilled candidates to fill high-paying jobs. Even though governments, industry leaders and educational institutions do what they can to address the problem, the supply of talent remains weak.

To address the talent shortage, it’s critical to build cybersecurity career awareness among our youth. According to the “Securing Our Future: Cybersecurity and the Millennial Workforce” report commissioned by Raytheon, Forcepoint and the National Cyber Security Alliance, only 52 percent of respondents said they have some idea of what cybersecurity professionals do for a living.

Sadly, only about one-third said they had been approached by a teacher or guidance counselor about a cybersecurity career. How can we fill the gap in our talent pipeline when our children don’t even know that cybersecurity is a meaningful and rewarding career option? This is where we all can make a difference.

We know millennials place high importance on problem-solving, communication and making a difference in the world. To attract more millennials into this industry, we must first make them aware that a career in cybersecurity can meet all their most important career objectives and match their values.

Cybersecurity, a term that was once more or less reserved for the government and military, is now a household term. Thanks to advancements in technology, we live in a highly connected and informed world with 24/7 access to information. But while these emerging technologies have made our lives far more convenient, they have also introduced new risks. As a result, we must not only teach our children to stay safe online, but also to understand the vast array of skills needed to help strengthen the fight against cybercrime.

Dispelling Myths About Cybersecurity Careers

Unfortunately, in my experience, students who are aware of cybersecurity as a career option typically have the misconception that it is only for those with broad technical skills. While it is true that computer scientists, engineers and researchers all are in high demand, the truth is that we also need graphic designers, user interface designers, business graduates, lawyers, writers, project managers and educators.

There are roles for people with all kinds of skills and educational backgrounds in this industry. In fact, within IBM Security, you won’t just find computer science and engineering graduates — you’ll see people with degrees in early childhood education (ECE), journalism, marketing, as well as ex-military and more.

So, how can we build awareness among our youth? We all have a role to play in driving cybersecurity career awareness.

Parents and teachers can start by encouraging children to engage in any or all of the following activities:

Furthermore, K-12 and college educators can:

Finally, those of us in the cybersecurity industry can:

  • Volunteer at competitions or mentor teams.
  • Conduct guest lectures.
  • Teach part-time.
  • Represent our companies at career fairs.
  • Share our own experiences by writing blogs, contributing to online publications and speaking at conferences.

Making the World a Safer Place

The variety of roles in cybersecurity is vast — as are the skills needed to fill them. By leading the charge on cybersecurity education, we can create a culture of awareness that will shape the future of our industry.

By redefining how and when cybersecurity is introduced to students, we can inspire them to fight cybercrime, to be our future leaders and innovators — and to help us make the world a safer place.

I, for one, look forward to the day when I hear a middle school student say, “I want to fight cybercrime!”

Listen to the podcast: Consider a Career in Cybersecurity

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today