Despite bitter partisanship in Washington, shoring up the country’s cybersecurity defenses is a critical priority on which both Democrats and Republicans agree.
Last December, the Obama administration released a report with a number of recommendations to protect the country, including launching a national cybersecurity apprenticeship program and renewing focus on protecting critical infrastructure. The Trump administration has largely continued his predecessor’s cybersecurity initiative, signing an executive order that highlights many of the same topics. Several cabinet members have been tasked with assessing the scope and sufficiency of existing cybersecurity apprenticeship programs and infrastructure security, hinting at future support.
But the business community doesn’t need to wait for Washington. Apprenticeships are already proving to be a valuable tool to close the cybersecurity skills gap.
Staying ahead of the curve
Organizations understandably focus on hiring cybersecurity experts who have the experience and skills to fit their needs. But this exclusive emphasis on the end of the talent pipeline is self-defeating. Without taking a proactive stance to develop more talent, a business’s ability to hire qualified cybersecurity experts is at the mercy of market forces. Employers must move beyond attracting existing cybersecurity professionals and take a role in training them.
Apprentices should be viewed as future employees who already bring a knowledge of your organization’s environment, processes and vulnerabilities to the table, valuable assets that a more experienced outsider would lack. Apprenticeships are not a short-term solution to an immediate need, but as a deliberate, long-game approach to ensuring a reliable talent pipeline.
While an apprenticeship program may seem like additional work for existing cybersecurity staff, the opportunity to mentor and train a new wave of workers is a valuable experience that helps sharpen skills and develop leadership abilities. According to CompTIA’s 2017 IT Industry Outlook, only a quarter of IT professionals felt their employer uses their talent to its fullest extent. Instead of letting cybersecurity professionals’ talent go to waste, businesses should let them play a role in solving their most pressing hiring challenges.
Combining theory and practice
The CompTIA 2017 IT Industry Outlook also found that more than a quarter of tech executives lacked confidence in applying technology to meet business goals. Skilled cybersecurity professionals play a critical role in providing the confidence that a company’s digital transformation will not be its undoing. Cybersecurity apprenticeships ensure that the organization’s talent pipeline is filled with professionals who understand security not only at a conceptual level, but have the practical, hands-on experience required to effectively support the business.
Where coding boot camps once filled this role, the cybersecurity landscape has evolved to the point where this is no longer feasible. Security professionals require knowledge beyond basic language skills and a comprehensive understanding of the interaction of software, hardware and business processes. By combining practical training in solving business challenges, supported by mentorship from established security professionals and augmented by industry accepted certifications and credentials, apprentices can enjoy access to a wide body of knowledge grounded by real-world experience.
Developing a sustainable pipeline
As the IT skills gap widens, organizations are looking longer and harder to recruit qualified cybersecurity professionals. Maintaining that status quo is no longer acceptable. Businesses must rethink the way they interact with the talent pool and develop new strategies to keep their pipeline flowing.
Apprenticeships benefit both businesses and their employees, granting organizations access to a more predictable and sustainable pool of talent while providing fledgling cybersecurity experts with the experience, education and mentorship they need. Businesses can overcome the scarcity of security professionals, but only if they’re willing to take a more proactive stance in training tomorrow’s workforce.