It has never been more important to attract young people to the cybersecurity industry. With the global IT skills shortage predicted to increase to as many as 3.5 million unfilled roles by 2021, according to Cybersecurity Ventures, there is a growing need to educate those seeking out a security career so they can come prepared with the right skills for the job.

Why You Should Engage Students at a Young Age

Many organizations looking to hire young cyber talent support university programs. The challenge here is that university students have already been nurtured through the education system and will likely already have an understanding of what type of career they want to pursue. This approach thus excludes individuals who never had career guidance or opportunities that pointed them in the direction of the security industry. The talent pool to fill the skills gap would be much larger if organizations engaged with and provided more security career information to students at a younger age.

Having never received knowledge of the security industry during my own school days, I landed in this field thanks to the opportunities and connections from my previous roles. Thinking back to when I was at school, there were many kids who did not know what they wanted for a career, as well as those who wanted to be doctors, teachers, veterinarians, — some of the typical roles the education system unconsciously pushes through the curriculum.

So, how do we help young people understand the vast amount of different jobs in the world? We tell them.

Public-Private Partnerships Expose Students to the Security Career Track

Some governments have implemented programs to help improve security job awareness, both within the school curriculum and through extracurricular activities. The U.K. National Cyber Security Centre (NCSC) already runs several initiatives under the CyberFirst umbrella, providing opportunities to young individuals looking to get into the industry.

But educating more people about security is not just the job of the public sector; organizations that hire security professionals also have a responsibility to help grow this talent pool. We need to empower young people and help them be open-minded about the careers they might embark on 10 years down the line.

Since 2016, IBM has been hosting CyberDay4Girls events to promote cybersecurity education for students in the U.S., Canada, Australia, South Africa and, most recently, the U.K. The most recent event, which hosted 92 13- and 14-year-old girls from Farnborough Hill in England, took place at the IBM Hursley research and development laboratory. The NCSC was also present to provide advice and information on the CyberFirst program, a great example of the public and private sectors working together to inspire young individuals about security. The event was also important as a means to show that there is a place for female security professionals in the industry.

On the day of the event, IBM Security employees led educational and interactive activities covering the Internet of Things (IoT), social engineering, security operations and incident response (IR). The day rounded out with some inspiring career journey presentations from IBM Vice President of Development Mary O’Brien and champion for women in cybersecurity, author, speaker and advisor Jane Frankland.

The Long-Term Benefits of Cybersecurity Education

The event was a huge success, with 95 percent of students rating it either good or excellent. We certainly enjoyed their engagement and curiosity.

Security professionals have a responsibility to provide career and education opportunities to students, and while these types of sessions are rewarding in the short term, the benefits we’ll see in the long term will no doubt be even more worthwhile.

Learn more about IBM Cyber Day for Girls

More from CISO

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…

What’s new in the 2023 Cost of a Data Breach report

3 min read - Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the research points to new opportunities for containing breach costs. The research, conducted independently by Ponemon Institute and analyzed and published by IBM Security, constitutes the…

Cyber leaders: Stop being your own worst career enemy. Here’s how.

24 min read - Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. We’ve been beating the cyber talent shortage drum for a while now, and with good reason. The vacancy numbers are staggering, with some in the industry reporting as many as 3.5 million unfilled positions as of April 2023 and projecting the disparity between supply and demand will remain until 2025. Perhaps one of the best (and arguably only) ways we can realistically bridge this gap is to…

Poor communication during a data breach can cost you — Here’s how to avoid it

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…