It’s an interesting question, the best way is probably for security to be a greater part of the curriculum for IT degrees and diplomas and also that these are updated with more relevant courses that focus on security, blockchain and cryptography.
But I think the younger generations are choosing not going to college and rather learning to code at places like www.freecodecamp.org and www.codefights.com. These companies need to have entire sections dedicated to security and potential employers should insist on this.
I once worked on a software implementation at one of the big pharma companies and before we could even install the software it had to get OWASP certified. This involved Vlad who worked for a company called Sensepost launching a barrage of hacks on our app for 2 days and writing a 20 page report on the various weaknesses he found which we were to plug before we could get approval. I learnt more in those weeks about security then in my whole degree so I think if the software cycle permanently involved a “Vlad stage” as the final step then younger devs will learn in a practical way.