Cyber security must tap the young T
he cyber landscape is influencing many aspects of our lives as technology and the internet penetrate the way we socialise, purchase goods and maintain our health. This reality is particularly evident in this region, which boasts of one of the world’s highest internet penetration rates and youngest populations.
But the continued expansion of technology and interconnected systems is increasing the prevalence of cyberattacks. Governments and enterprises are faced with the task of responding to cyber risks with a workforce that is equipped to prevent, identify, and respond to attacks. The cyber security profession itself is facing a current gap of 2.9 million workers around the globe.
Gaps to fill
This gap is also pronounced in the Middle East and North Africa, where organisations sometimes lack an understanding of cybersecurity requirements; businesses find it difficult to support new staff with the necessary training; and qualified talent can be hard to find. But given that the region has one of the world’s youngest populations and highest youth unemployment rates, there is tremendous opportunity to better engage millennials in the cyber workforce.
Data from the World Bank show that the millennial generation in the Mena comprises approximately one-third of the total population and more than 50 per cent of the labour force. They have the potential to resolve major cyber talent shortages if the industry recognises and leverages their potential. As digital natives, they are tech-savvy enough to quickly acclimate and evolve into a cybersecurity occupation with the appropriate formal and onthe-job training.
The cybersecurity profession also aligns with Mena millennial career motivators, including the ability to continuously learn and have a successful career. It is also often known for prioritising continued professional development for valued industry certifications, offering engaging work that evolves to keep pace with an ever-changing threat landscape, career progression opportunities, and high salaries.
While the opportunities and career motivators exist, better preparation and engagement will go a long way in attracting Mena millennials to join the future cybersecurity workforce. A concerted effort is needed to design targeted cyber-awareness campaigns to improve the cybersecurity employee value proposition and engage millennials through government, employer, and academia collaboration.
There is a need to develop a holistic programme with multiple stakeholders, including government, employers, and academia to support it with a professionalised career model, motivation-based recruitment and workforce capacity building. Mena governments can build a robust “Government Cybersecurity Corps” of nationals that can be more readily trusted with sensitive data.
Get them young
Schools must not only embed cybersecurity into the classroom but also offer students experiential cybersecurity learning programmes. This can be offered through lab simulations or cybersecurity competitions. There should also be opportunities to practice applying skills with cybersecurity employers.
One such programme would integrate co-op internships into a school’s cybersecurity curriculum where students would alternate semesters of academic study with semesters of employment with a cybersecurity employer, thus gaining guided instruction from both an academic adviser at the school and a mentor or manager in the workplace.
If this corps is recruited early in school, they can be given the proper exposure to such opportunities at an early age, and then incentivised with education scholarships and selective government cybersecurity opportunities when they come of age. Government scholarship programmes are also effective in attracting skilled cybersecurity talent for a broad range of cybersecurity roles.
While millennials are often thought of as tech-savvy, very few report receiving adequate technical skills or cybersecurity knowledge (e.g., security architecture, incident triage) in formal education programmes. Consequently, organisations should adopt a “hire-then-train” strategy.
They should offer benefits for employees to obtain advanced technical certifications after they have been hired. These programmes should also reflect the need for cybersecurity functions to be fulfilled by teams with diverse skill sets and should be coupled with efforts to grow junior employees through apprenticeship, formal on-the-job shadowing, and monitored performance that provides real-time feedback as they carry out their job duties.
Looking ahead, attracting Mena millennials to join the future cybersecurity workforce and can be bolstered through better engagement and preparation of this generation. If all stakeholders contribute to efforts to engage millennials in the cybersecurity profession, then critical workforce gaps can be closed.
■ Souheil Moukaddem is Executive Vice-President at Booz Allen Hamilton