Ageism in Cybersecurity: Why Baby Boomers and Gen-Xers Matter in 2022
As it strives to plug the worsening workforce shortage, is the cybersecurity industry giving much thought to making the workforce more age-diverse? Here’s a deep dive.
The cybersecurity industry, besieged by a crippling workforce shortage, has rightly focussed on racial and gender diversity over the years to close the skills gap. However, amidst the race to become more inclusive, the industry has spared little thought for Baby Boomers and Gen Xers, giving way to a new form of discrimination: Ageism. Let’s look at whether Baby Boomers and Gen Xers are becoming a burden, is a younger workforce an asset, and if the industry should devote greater attention to age diversity in the years ahead.
As of September 2021, the U.S. cybersecurity industry was officially short of 377,000 professionals. However, the figure shouldn’t distract us from the fact that the workforce grew from just 804,700 in 2019 to a healthy 1,142,462 in 2021 at a rate of 30% a year. (ISC)² says this figure has to improve as the workforce needs to grow 65% to effectively defend organizations’ critical assets in the coming years. Is this a target the industry can achieve?
According to the (ISC)² Cybersecurity Workforce Study 2021, a record-breaking number of professionals entered the cybersecurity industry in 2021, thanks to corporate initiatives such as higher investments in training and certifications, providing more flexible working conditions, investments in diversity, equity, and inclusion initiatives, providing well-defined career paths, and addressing pay and promotion gaps if any.
Increasing focus on other aspects, such as encouraging women and minorities to pursue STEM degrees in college, establishing organizational diversity goals, and establishing mentorship programs, could also significantly enhance the size of the cybersecurity workforce over the next few years.
See More: Cybersecurity Careers: Are Women in Cyber Faring Better Than Those in IT?
The Baby Boomer-sized Hole in the Cybersecurity Workforce
Organizations worldwide are now investing heavily in diversity, equity, and inclusion initiatives to address the existing shortage, and the results are evident. Nearly 1.4 million professionals entered the global workforce in 2021, and job satisfaction levels are at an all-time high of 77%. However, one aspect of an inclusive workforce is often overlooked or pushed under the carpet: the representation of Baby Boomers and Gen Xers in the workforce.
Cybersecurity firm Automox believes that many tech companies “often refuse to reveal the average age of their workforce and offer minimal internal support to older employees.” Quoting recent statistics, Automox said that the average employee age at 46% of companies is between 20 and 35 and 43% of employees fear losing their jobs because of their age. The median age of employees at large tech corporations like Google and Facebook stands at 30 and 28, respectively, compared to the median age of the U.S. labor force (42).
“The perception that employees need to be young in order to have a solid understanding of the latest technologies may be a cliché at this point, but it’s become a widespread impression that many have difficulty overcoming. As a result, the tech sector has taken on a youthful culture in which employees in their mid-30s are already often seen as over the hill,” Automox said. A major reason enabling this trend is the startup culture which is highly biased toward younger professionals. “Unless you’re a professional athlete, being asked to accept that your career will end in your 30s or 40s sounds ludicrous, but it’s the reality faced by many “aging” employees in cybersecurity.”
Baby Boomers are those who were born between 1946 and 1964. The term denotes a significant spike in birth rates following the Second World War. As of 2022, the oldest and the youngest Baby Boomers are aged between 58 and 76. Another aging demographic is Gen X, born between 1965 and 1980. Gen Xers are now aged between 42 and 57 and form a significant percentage of the U.S. labor force.
A combination of declining fertility rates and increasing longevity ensured that in 2015, there were over 44 million baby Boomers and over 52 million Gen Xers in the U.S. labor force. By 2030, a study by Darrell Norman Burrell from the Florida Institute of Technology estimates that the number of Americans over the age of 64 will double. There will be half as many individuals aged 20-29 as those aged 55-75. Due to advances in healthcare and lengthening life spans, more and more Baby Boomers and gen Xers are delaying their retirement plans, and this is an opportunity that organizations should not miss.
“There is a rush to hire younger workers with the assumption that if you hire someone in their 20s, they will work for your organization for the next 30 to 40 years, but research shows that average workers in their 20s and early 30s spend on average 2-3 years with one employer,” said Burrell. “Ignoring the possibility of hiring and training employees in their late 50s and early 60s as a potential cybersecurity talent pool could be a significant mistake especially when they can bring the value of maturity, considerable work experience, and wisdom of critical thinking skills.”
See More: What Do Gen Z Women Want at Work? Hear from Industry Leaders
Are Baby Boomers still relevant?
A recent study by Appgate, titled How Do Generational Differences Impact Enterprise Cybersecurity Teams?, throws light on the value Baby Boomers can bring to the table if given a chance to prove their worth. The study says that Baby Boomers witnessed enterprise technology growth, are well-established legacy system gurus, and hold a fundamental role in managing them and integrating old with new. On the other hand, younger generations struggle to integrate traditional technology with security frameworks as they are less familiar with legacy systems.
Baby Boomers have the advantage of higher cognitive abilities that come with experience. They have a broader and more strategic mindset influenced by their experiences, are less likely to buy the latest tech fad, and have learned key skills vital to maximizing cybersecurity strategies, such as thinking deeply, avoiding distraction, and fully focusing when required. Appgate recommends that organizations consider Baby Boomers as cybersecurity saviors, not dinosaurs.
By 2030, the number of Americans over the age of 64 will double and there will be half as many individuals aged 20-29 as those aged 55-75
“Millennials aren’t as cyber-savvy as we think: while they may be tech-savvy digital natives, Millennials may lack accountability and a deeper understanding of the back end of security, which can make organizations more susceptible to cyberattacks. Many retiring cybersecurity professionals can stay in key roles or be redeployed as post-retirement consultants to support legacy systems and support the transfer of knowledge to Gen-Xers and Millennials,” the firm said.
Allen McNaughton, the director of Systems Engineering at Infoblox Federal, says that cybersecurity is not only about what you can learn and how quickly, but also the experience you have had. Therefore, organizations should not be averse to hiring Baby Boomers or Gen Xers.
“Older security professionals bring a wealth of experience and knowledge with them that cannot be replaced by quick learning. Plus, I’ve never met an older professional who was unwilling to learn a useful skill for their job. And when it comes to stress, older pros may actually have an advantage. Anyone who wants to stay in security has to develop an ability to handle stress well. It’s not a career for the faint of heart,” he says.
Of late, dismissing the beliefs and attitudes of older generations as obsolete has become a trend. “This sort of mentality can certainly exist in some Silicon Valley-type companies. But I think a lot of folks have realized that older workers come with a lot of experience, which can be leveraged to make for a more effective and efficient workplace,” McNaughton says. “Plus, older workers are able to mentor younger ones and help them grow their skills and profession. This kind of mentorship is highly valued in many workplaces.”
Is Gen X Ready for the Challenge?
Though not as experienced in enterprise technology as Baby Boomers, Gen Xers enjoy more than a decade-worth of experience than Millennials (born between 1981 and 1996 and also known as Gen Y). The youngest Gen Xers are still in their early 40s, dominate all leadership roles across industries, and act as mentors to Millennials and Gen Z professionals. Many of the latter are now entering the workforce.
As per Appgate’s research, while Millennials are often more tech-savvy, tend to move quickly, and look for fast solutions, they may balk when it takes to implement more robust security controls. This is where Gen Xers can play a significant role. They can bridge generational gaps by playing a pivotal role in distilling and bridging the experience and expertise of Boomers and Millennials.
The study found that Gen Xers (42-57) are highly collaborative, are very adept at new IT and cybersecurity system integrations, and are most engaged with organizations if they feel they are part of a team. In terms of cybersecurity know-how, they are the best as they “grew up with the transition from mainframe to personal computing” and witnessed the evolution of cybersecurity, so they have deep expertise when it comes to how hackers break into systems and the way organizations have adapted and developed safeguards.
See More: OK Boomer, OK Millennial, Let’s Talk About Using These Terms in the Workplace
Building An Age-Inclusive Cybersecurity Workforce
According to McNaughton, companies should understand that older security pros have a lot to offer. There is a significant amount of experience out there, and they have learned how to be more effective and efficient over the years.
“We have learned not only what to avoid, but more importantly how to fail and bounce back more successfully. Leaders (and our younger colleagues) should also understand that social media and texting are not the only ways to communicate. Many older pros like to actually talk to people. But most of all, everyone needs to listen to their colleagues and make communication a two-way street. Both older pros and millennials should keep an open mind and realize that there is plenty to learn from each other.”
“Organizations must seek to combine the strategic thinking and legacy tech experience of Baby Boomers with the education and exposure to modern tech solutions held by Gen-Xers and Millennials.” – AppGate
Letting Baby Boomers and Gen Xers mentor Millennial workers is essential in cybersecurity. An NTT report on Cyber Security and the Next Generation found that millennials prioritize simplicity and productivity at the cost of cyber responsibility. More Millennials are willing to pay a ransom than those from other generations and are often more optimistic than Baby Boomers and Gen Xers about the time it takes to recover from a cyber attack. According to Biscom, Millennials are twice as likely to prioritize simplicity over security when handling sensitive data and tend to over-share on social media.
According to Appgate, Millennials excel in adopting new technology and being the drivers of digital transformation. The best way to make a cybersecurity team highly efficient is to combine the strategic thinking and legacy tech experience of Baby Boomers with the education and exposure to modern tech solutions held by Gen-Xers and Millennials.
“Most businesses are still slow to take proactive steps to reap the benefits of an age-diverse workforce. Yet, there’s every reason to believe that IT and security staff could benefit from this cross-pollination of technical skills and the softer skills of collaboration, problem solving and deep thinking brought by each generation of its current workforce,” it said.
Do you think Baby Boomers feel welcome in the cybersecurity industry? Comment below or let us know on LinkedIn, Twitter, or Facebook. We’d love to hear from you!
