Creating an apprenticeship culture in cybersecurity

Apprenticeships are an excellent way for keen, less experienced professionals to get their big break. An apprenticeship offers all-round on the job training in often challenging and diverse environments as well as giving the sponsoring company a reliable supply of high-caliber, junior employees at a lower cost than more experienced alternatives.

However, there’s currently a lack of apprenticeships in cyber – and it’s hardly surprising. Cybersec is still a relatively new field, and a lack of opportunity for entry level professionals is typical in fast-growing industries. However, the industry needs to commit to creating a cybersecurity apprenticeship culture – despite all the challenges, it promises huge rewards.

Supply and demand

Currently, demand for cybersec far outstrips supply. For instance, the number of cybersecurity vacancies that remain unfilled each year, has exploded from just 1 million in 2013 to more than 3.5 million in 2021.

Lack of investment, constantly changing essential skills and increasingly sophisticated threats have all contributed to a global talent shortage, making high quality candidates hard to find.

Hence the argument for creating a culture of apprenticeships in cybersec is a compelling one. However, the National Apprenticeships Bill has been paused in Congress since 2021, and there isn’t a relevant trade union in the sector to push the agenda forward. Frustratingly, progress has stalled.

For the foreseeable future at least, the responsibility will rely with companies themselves.

Apprenticeships are awesome

The benefits of apprenticeships on the cutting edge of cybersecurity are numerous. For candidates, they allow those entering the sector or changing direction to earn a salary while studying an in-demand specialism. This allows for personalized support and development opportunities, speeding up new entrants’ rate of development as well as their future employability.

For employers, apprenticeships create a sustainable pipeline of skilled employees. The result is a near-constant flow of high-caliber team members who meet the unique needs of a company’s niche. Plus, research shows that investing in the early stage of an individual’s career creates a valuable loyalty dividend, which in turn improves employee motivation and retention. The result? Hugely positive, money-can’t-buy impacts for brand reputation and significantly reduced recruitment costs.

Unpaid internships aren’t apprenticeships

In many cases, unpaid internships have replaced apprenticeships. However, this strategy is, at worst, exploitative, and at best, short-sighted.

With a free source of labor – albeit relatively low-skilled labor – there’s no incentive for businesses to grow the intern’s skillset. The intern is usually tasked with a series of repetitive tasks for which the client gets billed and their sponsor gets revenue – but the candidate gets very little in the way of professional learning or development.

Unpaid internships are also elitist by definition, and attract candidates from an extremely narrow field. Organizations who rely on unpaid internships cannot possibly claim to be diverse and representative. The reality is that very few people can afford to work for free.

On the other hand, companies can be forgiven for not wanting to plow investment into apprenticeships when no one else is doing it. Nobody wants to be the company that trains up the next generation of cybersec professionals only to see them quickly cherry-picked by rivals.

So then, it seems that without the investment, we can’t grow an apprenticeship culture – but without an apprenticeship culture, we’ll continue to struggle to fill the cybersecurity talent gap. It’s a vicious cycle.

A brighter future

However, there are signs that the tide is beginning to turn. An increasing number of institutions including New York University, Rochester Institute of Tech, the University of Washington and even Harvard, have established free courses designed to help would-be cybersec professionals to master the basics.

With bodies such as these recognising the value that upskilling has and providing a bridge to either formal, fee-paying further education or a route to entry level roles within industry, we can only hope that other establishments follow their lead to broaden access into this most talent-starved of sectors.

And at Cyberstrike, we’re certainly doing our bit. We’ve responded to the needs of companies and candidates by establishing the Talent Gap Project, through which we connect aspiring cybersecurity professionals to businesses who can help their careers take off. Got a few formal qualifications, experience in a different area of tech or simply full of potential and seeking a fresh start? We’d love to hear from you – help you with your resumé and prepare you for interviews.

And if you represent a company or organization with a gap to fill and open to matching with hot new talent? Trust us to make some introductions – free of charge, of course.

The absence of an apprenticeship culture in cybersecurity is not without its challenges. However, we’re taking steps to bring recruiters and talent together.

Find out more about our Talent Gap project here.


Leave a Reply

Your email address will not be published. Required fields are marked *