Apprenticeships are one of the missing pieces of the cyber skills gap puzzle
Keith Buzzard, Chief Technology Officer
Despite our awareness of what is becoming less of a skills gap and more of a skills chasm, the cyber security industry is still not much closer to solving the problem.
You’ll have read more than enough articles about the cyber skills gap, so we won’t bore you with yet more statistics (though, if you want them, you can find some interesting ones here and here). We will remind you though that, as with any complex problem, there is no simple one-size-fits-all or silver bullet solution.
One of the options for the skills gap is apprenticeships. Typically, a Level 3 or Level 4 Cyber Apprentice will undertake some basic technical training to give them foundation knowledge in computer basics. Additionally, they will receive specific security training to enable them to either grow into a cyber security-specific role or an engineering role with a security focus.
So why apprentices? Many companies will still opt for a graduate scheme and, let’s face it, someone who has already learnt a lot of the theory elements of technology/technical security is very appealing. But apprenticeships shouldn’t be ignored. Here’s why:
Learn by doing can result in faster ROI
According to a survey run by HM Government, 78% of employers said apprenticeships helped them improve productivity. This seems obvious to us. Apprenticeships are, after all, nothing new – many hands-on trades have historically relied on a master craftsman taking a young person under their wing to show them how to do the job. It enabled them to pass on their skills and also meant they had someone to assist them. We would argue that cyber security isn’t much different; while there are some important theoretical elements, learning by doing is critical. It also allows a better understanding of the subtleties of interaction, rather than providing a clean abstracted ‘perfect’ classroom (let’s be honest, the real-world is never that perfect anyway).
Shaping apprentices to fit your operations
No business is the same and every employee with experience who joins an organisation will have to re-learn how they do tasks to some extent, because how they did something in a previous role isn’t necessarily how their new employer does things. This isn’t a bad thing, of course, but there are also advantages to an employee who is effectively a blank canvas and won’t have to unlearn ‘bad’ habits. And somebody who joins your company at the very beginning of their career and has a positive experience can feel a strong sense of loyalty to their employer, and their colleagues.
Apprentices bring diversity to your organisation – and that pays
Not everyone has the same learning style, and definitely not everyone thrives in a university setting. Plenty of the more technical members of the cyber security community come from a range of neuro-diverse backgrounds, which can make university unattractive to them. It may well be that with careful selection you can identify someone with an equivalent level of knowledge that they have achieved through self-directed learning; a powerful indication that an individual will absorb knowledge rapidly and has a passion for the subject.
People with different approaches to learning and problem-solving are demonstrably critical to maintaining a competitive edge in a range of industries. And not just in the private sector: taking advantage of the strengths that a diverse workforce brings is a key factor in why large government organisations such as GCHQ maintain a thriving apprenticeship programme.
Existing knowledge isn’t everything
When it comes to hiring the right people, we’re big believers in aptitude and attitude being just as important as the skills that person brings to the team. This is particularly important in entry-level roles; knowledge and skills aren’t the be all and end all. A large part of a cyber security role is understanding people and how to manage the interface between technical requirements and human nature. This is something that can be difficult to teach in an academic setting.
Mitigating the academic gap
A university has an approvals and review process when it comes to developing their course content, and this can result in a delay between innovation and teaching. Apprentices have the opportunity to be exposed to these as they emerge, resulting in a much more ‘up to date’ resource. This can include the ‘unwritten’ parts of the profession; as often occurs when there is a human factor, rather than technical limitations. (CTO note: Often this is the hard thing to educate technical staff on, not how things should operate, but how humans mess that up!)
Contribution to the profession
This may sound like an old-fashioned value but enhancing and building the pool of talent and skill within the profession, building a skilled workforce and improving the image of those who work such roles is a positive contribution to society. And is your organisation good at what it does? Well, you should aim to share that. There’s a global skills gap and taking on an apprentice is a step towards narrowing it.
You might be paying for them anyway
Lastly, and this is very much not cyber security specific, your organisation will either have apprentices, have a pay bill of under £3 million annually, or be paying an apprentice levy of which you’re not taking advantage. Of course, if you already have apprentices, there’s no need to persuade you on the topic. If you don’t and you’re in the under £3 million group, then 95% funding is available towards the costs and for the remainder, you can take 100% of the costs from the levy! As such, having an apprentice can as a result be extremely cost effective.
Taking on an apprentice…
PGI has partnered with althaus digital to make high-quality cyber security apprenticeships accessible to a wider audience in the UK. We’re excited about playing our part in educating the next generation of cyber security professionals; will you be part of it, too?