The pilot project, known as the (ISC)² Young Professionals program, was unveiled in earnest during a reception at this week’s ASIS International/(ISC)² Security Congress in Philadelphia. The global organization for IT security professionals will begin the pilot with eight local chapters, with plans to extend it across more (ISC)² chapters in early 2013.
The program, said (ISC)² in a statement, would “provide a platform for aspiring and emerging security professionals to join the information security workforce”. The Young Professionals program will seek to attract interest from those in high school, college, or recent college graduates – under the age of 35 – “who are looking for ways to bolster their careers and deepen their connections within the professional community”, the organization added.
(ISC)² Young Professionals will also enlist (ISC)² members with a depth of professional experience in mentoring roles.
The impetus for the program, it added, was the increasing gap between demand for qualified infosecurity professionals and the available talent pool, as well as the “absence of an effective, existing pathway for young people to join the profession”. At issue is data from (ISC)²’s recent workforce evaluation study, which estimates a pending deficit of 30,000 cybersecurity professionals by 2013. This is compounded by the fact that less than 10% of current information security professionals are under the age of 29.
Information security is often misperceived as a “dull” profession says Hord Tipton, executive director of (ISC)². What the Young Professionals program does is focus the pitch, and demonstrate to aspiring professionals that infosec is actually a challenging field rife with “gamesmanship” – think Spy vs. Spy, he says. “There’s a lot of glamor that’s in the profession that kids don’t normally see unless you begin to expose them to it”, he told Infosecurity.
Julie Peeler, director of the (ISC)² Foundation, says there is a need to raise awareness about the information security profession. “Very few people outside this industry know we exist”, she lamented. “Even within IT, there are people that don’t know you can go into IT security and have a fantastic career in doing so.”
While there are more younger professionals coming into the infosec field lately, Tipton anticipates – based on (ISC)²’s recent workforce study – that far more will be needed to keep up with demand. Add to this the relative lack of security awareness among ‘digital natives’.
“Youngsters know the functionality of this technology…but they are not security-aware”, he observed. Because many interested in the field will find a lack of security training at the secondary and post-secondary education levels, Tipton says you rarely have an aspiring infosec professional coming out of college that does not require additional training and guidance – and area he hopes the mentoring function of the Young Professionals program will provide assistance with.