May 18, 2017 By Fran Howarth 2 min read

Much has been written about the skills gap in terms of the lack of qualified security practitioners to fill the roles available within organizations. In fact, the skills gap is currently one of the top concerns for CISOs, and the situation is poised to get event worse.

Look to the Millennials

A recent Frost & Sullivan report looked at the importance of the millennial generation in filling the skills gap, which it estimated will amount to 1.8 million information security workers by 2020. Millennials will be critical for closing this gap, since they will form an even larger cohort than the baby boomer generation.

Information security education has progressed, but it is still a work in progress. It is unlikely that any organization will be able to fill its needs with university graduates alone, especially given the competition for candidates. This makes it a necessity that organizations ramp up their training programs, taking into account not just the technical skills that are required for information security positions, but also the soft skills that link technology with business needs.

Train From Within the Ranks

The research by Frost & Sullivan found that the millennial generation is particularly open to on-the-job training. In fact, 65 percent of this demographic stated that it is very important to them — a higher clip than previous generations. Millennials place a particular emphasis on mentorship and leadership programs, which is one reason why they are likely to change jobs voluntarily: The research found that better perks are a greater motivation than low job satisfaction when considering a career move.

Embrace Diversity

Millennials are also more likely than previous generations to value diversity, with 46 percent saying that diversity is very important to them. A full two-thirds of millennials claimed to speak more than one language, compared to just over one-third of baby boomers. The value placed on diversity may also help organizations tap the pool of female workers who may not have been motivated to study technology previously.

Another recent study found that women comprise just 10 percent of the information security workforce. If women are not drawn to information security as an education option, on-the-job training may help organizations to train current female workers and increase diversity within their ranks. That move is likely to appeal to millennials.

A New Approach to Close the Skills Gap

Tackling the skills gap requires a new way of thinking for organizations. Rather than leaving everything to recruiters, they should look at current employees and seek to leverage what they already have. For the millennial generation, job satisfaction is vital. Ensuring that they can stay current through training and education will not only increase morale, but also help organizations to overcome the cybersecurity skills gap.

Read the IBM Executive Report: Addressing the Skills Gap with a New Collar Approach

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today