October 25, 2018 By Laurie Gibbett 3 min read

It has never been more important to attract young people to the cybersecurity industry. With the global IT skills shortage predicted to increase to as many as 3.5 million unfilled roles by 2021, according to Cybersecurity Ventures, there is a growing need to educate those seeking out a security career so they can come prepared with the right skills for the job.

Why You Should Engage Students at a Young Age

Many organizations looking to hire young cyber talent support university programs. The challenge here is that university students have already been nurtured through the education system and will likely already have an understanding of what type of career they want to pursue. This approach thus excludes individuals who never had career guidance or opportunities that pointed them in the direction of the security industry. The talent pool to fill the skills gap would be much larger if organizations engaged with and provided more security career information to students at a younger age.

Having never received knowledge of the security industry during my own school days, I landed in this field thanks to the opportunities and connections from my previous roles. Thinking back to when I was at school, there were many kids who did not know what they wanted for a career, as well as those who wanted to be doctors, teachers, veterinarians, — some of the typical roles the education system unconsciously pushes through the curriculum.

So, how do we help young people understand the vast amount of different jobs in the world? We tell them.

Public-Private Partnerships Expose Students to the Security Career Track

Some governments have implemented programs to help improve security job awareness, both within the school curriculum and through extracurricular activities. The U.K. National Cyber Security Centre (NCSC) already runs several initiatives under the CyberFirst umbrella, providing opportunities to young individuals looking to get into the industry.

But educating more people about security is not just the job of the public sector; organizations that hire security professionals also have a responsibility to help grow this talent pool. We need to empower young people and help them be open-minded about the careers they might embark on 10 years down the line.

Since 2016, IBM has been hosting CyberDay4Girls events to promote cybersecurity education for students in the U.S., Canada, Australia, South Africa and, most recently, the U.K. The most recent event, which hosted 92 13- and 14-year-old girls from Farnborough Hill in England, took place at the IBM Hursley research and development laboratory. The NCSC was also present to provide advice and information on the CyberFirst program, a great example of the public and private sectors working together to inspire young individuals about security. The event was also important as a means to show that there is a place for female security professionals in the industry.

On the day of the event, IBM Security employees led educational and interactive activities covering the Internet of Things (IoT), social engineering, security operations and incident response (IR). The day rounded out with some inspiring career journey presentations from IBM Vice President of Development Mary O’Brien and champion for women in cybersecurity, author, speaker and advisor Jane Frankland.

The Long-Term Benefits of Cybersecurity Education

The event was a huge success, with 95 percent of students rating it either good or excellent. We certainly enjoyed their engagement and curiosity.

Security professionals have a responsibility to provide career and education opportunities to students, and while these types of sessions are rewarding in the short term, the benefits we’ll see in the long term will no doubt be even more worthwhile.

Learn more about IBM Cyber Day for Girls

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today