How security leaders can effectively manage Gen Z staff

In 2022, I started a podcast aimed at converting more Gen Z to seek careers in cybersecurity. In doing so, I had to educate myself on what they value and realized the many differences between Gen Z and previous generations.

Gen Z refers to those born between mid-to-late 1990s and 2010, making them between the ages of 11 and 28. This means they grew up experiencing a much faster rate in which technology evolves. The first iPhone, for example, was launched in January 2007 with its successor coming out in June 2008, creating what would become an almost yearly update that made thousands of people line up in front of Apple stores across the world on release day. During the period, the internet went from a somewhat new thing to something people used daily, further increased by the easy access brought by smartphones.

There is only a small portion of Gen Z that is already in the specialized workforce, therefore hard data to quantify it is scarce. ISACA recently surveyed just over 1,900 security professionals and found in these numbers less than a handful of respondents from Gen Z.

What Gen Z expects from employers

Researchers and those who have worked with Gen Z seem to agree on several points: This generation saw parents and grandparents struggle through recessions, they have been raised in a connected world, and they lived through a global pandemic when some were reaching adulthood.

Growing up with much easier access to the internet and technologies, this generation tends to find it easier to understand tech and its applications. When it comes to finding work, Gen Z also knows what it is looking for. “I found Gen Z look for employment opportunities that agree with their ethos and they may compromise on financial benefits in doing so. They value flexibility and work fitting around life rather than the other way around,” says Sameera Bandara, who is head of IT at gold mining company St Barbara and has a career working in cybersecurity, having employed people from various generations.

This connection to their ethos also means they are more likely to create something new rather than accept a situation that isn’t ideal for them. They do value flexibility, as Bandara points out, and are less likely to become a slave to their job like previous generations who would not naturally question silent expectations some employers may have, such as that they constantly work late.

At the same time, Gen Z wants autonomy and believes that should come as a reward based on performance. “I have found there is a stark contrast between how Gen X and Gen Z approach working hours. In a team where I had both generations employed, I found the Gen X employee was more regimented about the hours worked whereas the Gen Z employee was focused on productivity and performance rather than hours worked,” says Bandara.

Other characteristics Bandara noticed while working with Gen Z is their clear focus on working for companies that aligns with their values and, from a managerial perspective, they prefer a less hierarchical and more personal relationship with their managers.

How employers perceive Gen Z

Another point that the people I spoke to seem to agree on is that this generation needs to know the “why” before getting any job done. It is almost as if they need to be convinced as opposed to others who may simply just get on with the job.

Despite the challenge this may pose, there are often positives to take from them as well. Bandara says one of his biggest challenges is the tendency Gen Z has to communicate electronically, even when sitting right across from the team. “Given that a lot of communication can be misinterpreted without other cues this was a challenge in building a tight knit team.” On the other hand, this was compensated with a strong capability to build a relationship with someone that they’ve never met entirely using electronic media, says Bandara.

One of the biggest lessons Bandara took from working with this generation is that, rightly managed, highly dispersed yet tight-knit teams can be successfully built using only electronic communications.

Other employers of Gen Z in a broader spectrum, have noticed they are hungry for knowledge, but this can be perceived as impatience at times as once they believe they have learned and executed a task successfully they want to move on to the next challenge.

Gen Z is also good at communicating their expectations clearly and asking for feedback, says Biljana Cerin, CEO of Ostendo Consulting. They can also be easy to manage when it comes to following policies and procedures once they understand the importance and the reasoning behind these, she says.

Strategies for CISOs to retain Gen Z

Now that you have an idea of what to expect from Gen Z employees you can work with other professionals in the organization—such as area managers and human resources—to help establish where this generation of professionals may fit within your teams and how to work with them without alienating others.

Actively focus on shared values

As mentioned above, Gen Z will look for jobs in organizations that share their values. Gen Z is likely to remind their superiors of such values if they find themselves being asked to do something that goes against such. Be ready for situations like this and make sure the company’s values isn’t just a marketing creation. Another way to look at this is to proactively go after individuals whose values resonate with the company’s.

Be open minded to alternative working styles

All working generations have experienced pros and cons of work from home, the office or a mix of both. This is unlikely to be a Gen Z-only preference, but younger generations may be more prone to think, “Why do I need to go to a specific location to do a job I can perform from anywhere?”

Gartner’s recent human resources research—not only focused on tech workers—found the rise in hybrid work has meant that many new-to-the-workforce employees have had few in-person opportunities to observe norms and determine what is appropriate or effective within their organizations. The solution posed by the research firm is not to force a return to the office but build intentional connections among employees.

Have an open mind. Many Gen Z entered the workforce during the pandemic, which shaped their perceptions of what to expect. Older generations knew the before and adjusted back to the office quickly but the same can’t be expected of the younger generations.

Help Gen-Z grow

The two aspects here are peer training and paid training. Gen Z is eager to learn but also to move forward, now even though this may not be effective to all roles it can be a positive in cybersecurity where attackers and attacks are always evolving fast.

Share knowledge with them and put them to work with others willing to do the same. Be open to offer and accept requests for paid training, as this will keep them motivated at the same time as they feel valued.

Every generation is different but generational characteristics should not be a CISO or any manager’s only knowledge base. It is important to know that every person is different and likely requires a different type of management. Not all Gen Z employees will prefer to work from home or communicate only electronically, and the same applies to the previous generations who worked for most or a large portion of their work life from the office, as they may have found that they work better from home.