Much has been written about the skills gap in terms of the lack of qualified security practitioners to fill the roles available within organizations. In fact, the skills gap is currently one of the top concerns for CISOs, and the situation is poised to get event worse.

Look to the Millennials

A recent Frost & Sullivan report looked at the importance of the millennial generation in filling the skills gap, which it estimated will amount to 1.8 million information security workers by 2020. Millennials will be critical for closing this gap, since they will form an even larger cohort than the baby boomer generation.

Information security education has progressed, but it is still a work in progress. It is unlikely that any organization will be able to fill its needs with university graduates alone, especially given the competition for candidates. This makes it a necessity that organizations ramp up their training programs, taking into account not just the technical skills that are required for information security positions, but also the soft skills that link technology with business needs.

Train From Within the Ranks

The research by Frost & Sullivan found that the millennial generation is particularly open to on-the-job training. In fact, 65 percent of this demographic stated that it is very important to them — a higher clip than previous generations. Millennials place a particular emphasis on mentorship and leadership programs, which is one reason why they are likely to change jobs voluntarily: The research found that better perks are a greater motivation than low job satisfaction when considering a career move.

Embrace Diversity

Millennials are also more likely than previous generations to value diversity, with 46 percent saying that diversity is very important to them. A full two-thirds of millennials claimed to speak more than one language, compared to just over one-third of baby boomers. The value placed on diversity may also help organizations tap the pool of female workers who may not have been motivated to study technology previously.

Another recent study found that women comprise just 10 percent of the information security workforce. If women are not drawn to information security as an education option, on-the-job training may help organizations to train current female workers and increase diversity within their ranks. That move is likely to appeal to millennials.

A New Approach to Close the Skills Gap

Tackling the skills gap requires a new way of thinking for organizations. Rather than leaving everything to recruiters, they should look at current employees and seek to leverage what they already have. For the millennial generation, job satisfaction is vital. Ensuring that they can stay current through training and education will not only increase morale, but also help organizations to overcome the cybersecurity skills gap.

Read the IBM Executive Report: Addressing the Skills Gap with a New Collar Approach

More from CISO

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read