U.S. high schools are not filling the educational pipeline with enough potential cybersecurity specialists to meet the needs of either the government or private sector, according to a new survey.
The survey of 1,000 adults between the ages of 18 to 26 – the so-called Millennial generation – was conducted by Zogby Analytics and sponsored by Raytheon Corp. as part of the 10th annual National Cyber Security Awareness Month.
The month-long observation is put on by the U.S. Department of Homeland Security, along with the industry consortium known as the National Cyber Security Alliance, to make the public more aware of cybersecurity risks.
This year, they’re also trying to convince younger members of the public that cybersecurity is a good career option.
But the results of the survey, at least, weren’t encouraging. Seventy-five percent said they were confident their friends wouldn’t post anything embarrassing or harmful to them online; 20 percent said they’d had to ask someone to take down a piece of embarrassing or harmful information.
“Millennials” are aware of risks online: 82 percent password-protect their laptops; 61 percent do the same on their phone. Thirty-seven percent backed up the data on one or the other during the past month. But 81 percent said no teacher or guidance counselor ever suggested a career in cybersecurity, and 26 percent were unconcerned enough about mobile banking that they’d never changed their passwords.
The overall picture of millennials is that of a group that is comfortable with both information technology and the ways it can be disseminated or misused, but not one that is particularly interested in cybersecurity careers.
“Given that we need to add thousands of cybersecurity professionals to the workforce in the coming years, the data shows we have a long way to go in engaging young people in the idea of a career path in cybersecurity,” according to a statement from Michael Kaiser, executive director of the National Cyber Security Alliance.
Only 35 percent of young men said they would be interested in a career in cybersecurity; only 14 percent of young women said the same.
A quarter of mid-sized companies polled by I Strategy Group in the Spring said they face a “problematic shortage” of IT security skills, according to ESG analyst Jon Oltsik. Eighty-three percent of enterprises said it was “extremely difficult” to find qualified security specialists.
Meanwhile, 22 percent of the jobs in the DHS division responsible for supplying much of the department’s cyber security were vacant, according to a Government Accountability Organization (GAO) report in June.
In a poll published this Spring, IBM found half of students and teachers in computer science and information technology see security as one of only three issues with the potential to hold back technological development during the next two years.
Only 60 percent – of a group chosen entirely from the tech disciplines – thought their academic programs addressed IT security enough to prepare students for emerging technology areas.
The only saving grace may be that nearly every other country in the world is facing the same shortage of skilled IT security specialists, though their responses may be more vigorous than those in the United States. Iran’s Republican Guard Corps has a special cybersecurity/infowar division; some Iranian schools include cybersecurity in civil defense training in schools. Indian security agencies also committed last year to training half a million computer security specialists during the next five years, according to New Zealand outlet TimesNewsLive.
“We have to protect our systems both in government-critical infrastructure and important private sectors like banking and telecoms,” Data Security Council of India CEO Kamlesh Bajaj told the paper. “Tangible steps will be taken and a major investment is to be set aside for this purpose.”
The U.S. DHS continues to expand the effort to promote cybersecurity careers – an effort it revamped in 2012 after a task force led by former Attorney General Janet Napolitano recommended better training programs, alumni-referral efforts, and advised DHS to pay more attention to candidates from two-year community colleges as well as four-year universities or IT training programs.