Despite the seemingly never-ending stream of cyber-attacks, a new study shows some surprising trends about the cyber-security talent pipeline.
Far from being a cyclical, seasonal market, the cyber-security business is constantly growing, and demand is high for skilled IT professionals who understand the needs of modern IT security. Yet a new study, sponsored by Raytheon and conducted by Zogby Analytics, shows surprisingly little interest from young adults in pursuing a career in cyber-security.
Based on a survey in September of 1,000 adults in the U.S., from ages 18 to 26, the study found that only 24 percent of those polled expressed a desire to pursue a cyber-security career. In contrast, 40 percent of the respondents were interested in a career in the entertainment business, and 32 percent were interested in being an app designer/developer.
Among those attracted to the cyber-security field, the study found a gender gap. Young men gravitated more to cyber-security careers than young women.
"As a father of a young daughter, I was surprised and a little disheartened by the gender gap of those interested in a career in cyber-security," Jordan Wiens, cyber-engineering lead at Raytheon Intelligence, Information and Services, told eWEEK
Lack of awareness is one possible reason there is little interest in a career in cyber-security: 82 percent of respondents noted that their high school guidance counselors made no mention to them about the possibility of a cyber-security career.
"From a company perspective, I think we saw the lack of high school encouragement to engage in the cyber field as especially surprising, given the dramatic need for skilled security practitioners," Wiens said.
The survey also asked about workplace incentives in helping determine what types of work young adults want to do. The need for interesting work was cited by 69 percent of respondents while 65 percent said that competitive pay is important.
The impact of not having enough young adults interested in cyber-security could well be leading to an increase in cyber-attacks. The International Information Systems Security Certification Consortium (ISC2) reported
earlier this year that existing IT security professionals are feeling overwhelmed due to staffing shortages. Those shortages are also having a direct impact on data breaches.
Somewhat ironically, while there was little interest in pursuing a career in cyber-security, respondents to the Raytheon study recognized the importance of security awareness. The study reported that 86 percent of participants indicated that formal education programs for cyber-security awareness are important and should be increased in the workforce.
Overall, people are aware of the possible threats, but they haven't adjusted their behaviors to adequately match them yet, Wiens said.
"We need to simplify security advice to practical steps that everyone can follow," Wiens said. "Most importantly, though, we need to increase skepticism. Most poor practices fail the basic common sense test. "
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist