Millennials are not known for their security advocacy. In fact, 97 percent of them are connected to the internet and many utilize unsecure cloud-based tools to help complete tasks. However, they have grown up in the cybersecurity era and are inclined to make risk-based decisions and share valuable information online for the sake of convenience.

Millennials Are the Future, Not the Problem

It is critical that we encourage millennials to work in security since there is a lot we can learn from a new generation of IT users. To stay ahead of the game in security, companies must think like cybercriminals. Millennials and cybercriminals share many key qualities that make them vital to the security workforce: They’re tech savvy, they collaborate and they’re curious.

Huge data breaches and the industry’s increasing skills gap have thrust cybersecurity into the spotlight. Still, according to a Raytheon study, 46 percent of millennials are unaware of the skills needed to enter the security workforce.

Empty Seats to Fill

It may seem prudent for organizations to employ more experienced professionals, but they are sparse and in high demand. Could millennials fill the empty seats?

Students are exposed to computers in the classroom from a young age, so getting young professionals interested in IT is not the challenge. Enabling them to pursue cybersecurity careers is more difficult, because it requires the industry to push out more relevant education. Millennials aren’t chasing cybersecurity careers, perhaps due to the high level of IT literacy needed for computer science degrees or a lack of awareness of the security jobs available in what can still be considered a niche industry.

Organizations must invest in training people with the right skills early on. Government institutions understand the importance of developing this kind of talent in terms of the future of national security. The U.K., for instance, introduced a computing curriculum to equip young people with the skills needed to start a career in security.

The Long Haul

Millennial talent is needed to protect this increasingly connected world. But organizations shouldn’t just target this generation in the short term; it’s important to share knowledge to develop skills for the long haul. Millennials must be educated about the career paths available to them.

With organizations sponsoring security competitions and education programs, a talented workforce can be built to strengthen national security. Once enthusiastic and ambitious employees are on the team, encourage them to stay by cultivating their professional growth and maintaining an attractive working environment. PwC found that training and development, flexible working hours and financial rewards are the top benefits millennials value most from an employer.

As the sector struggles to fill positions, the ability to attract and retain millennial talent is a vital step toward achieving long-term success in security.

More from CISO

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read