Modern field guide to security and privacy

Cybersecurity firms need millennials — here’s how they can change to attract top talent

Professionals under 30 today will make up three quarters of the cybersecurity workforce by 2025


Michelle Davies/The Journal-Gazette via AP
In this Feb. 15, 2017 photo, Serena Perez-Takaya works on making a phone app simulation while attending Girls Who Code, a program at the Allen County Public Library's main branch in Fort Wayne, Ind. Girls Who Code is a national nonprofit dedicated to closing the gender gap in technology.

It may be fashionable to criticize millennials. But if you’re building a cybersecurity company, you’re going to need them. 

A lot of them.

Today, millennials comprise about a third of the cybersecurity workforce. But the cybersecurity jobs gap is growing (from 1.5 million today to 1.8 million by 2022, according to the latest Global Information Security Workforce Study (GISWS) from (ISC)², and drawing more millennials into the information security field will be crucial to avoiding that expansion.

First and foremost, showing younger workers pathways to career development and proof you’ll invest in their growth will resonate deeply with tomorrow’s infosec stars.

The (ISC)²  survey shows millennials value workplaces offering mentoring, professional certifications on the organization’s dime, leadership tracks, and other career-advancing opportunities. Importantly, salaries were not the highest priority.

Millennials that the report defined as “successful” were likely to identify themselves as a security professional, make more than $50,000 a year, and work in positions where their organizations supported their professional development with executive leadership and other training programs.

Those who were defined as “less successful” were likely to identify themselves as an IT professional, make less than $50,000 a year and were somewhat likely to feel their opinions were marginalized or not important within an organization.

It’s important to note that regardless of their levels of success or reported job satisfaction, 28 percent of less successful millennials and 29 percent of more successful millennials left their jobs voluntarily last year.

This shows that millennials were much more likely to change jobs than older generations (Gen X changed at 20 percent and Boomers at 14 percent) between 2015 and 2016. This movement is not based on job satisfaction, but rather, which jobs offer more enticing perks.

Another gap between companies and their future employees: perception of what counts as great training for the job. Millennials are likely to feel that hard skills, like understanding cloud computing, were key in the minds of hiring managers.  However, hiring managers reported that softer skills, like communications and analysis, were more important than those hard skills when bringing in new talent.

Smart companies may look to alter the composition of jobs themselves to attract top talent. Many millennials see themselves moving away from traditional structures and into more multi-purpose roles. Role diversity was a big factor for many in job satisfaction, according to the (ISC)2 report.

Eight years from now, millennials will make up three quarters of the overall workforce, a Pew Research study indicates, marking a major demographic shift across all industries. Thus companies across the cybersecurity industry would be well-served to understand what professionals under 30 want from their employers so they can bring in the best and brightest.

Learn more about the future of the cybersecurity workforce by downloading the full Global Information Security Workforce Study (GISWS). The GISWS was conducted via a 100-question Internet survey that canvassed 19,641 security professionals from around the globe. 

of stories this month > Get unlimited stories
You've read  of  free articles. Subscribe to continue.

Unlimited digital access $11/month.

Get unlimited Monitor journalism.