The power of apprenticeships

Muhammad Yahya Patel at Check Point describes a powerful way of plugging the cyber-security skills gap 

 

The cyber-security industry faces a critical challenge: a significant skills gap. Organisations struggle to find qualified professionals, while aspiring cyber-security experts find it difficult to break into the field.

 

This paradox is largely due to stringent hiring requirements that often favour experienced candidates, creating a barrier for entry-level professionals and those from non-traditional backgrounds. 

 

While apprenticeships and entry-level roles are emerging, they are still insufficient to meet the ever-growing demand for skilled cyber-security personnel. Worryingly, research has shown the industry lacks around four million cyber-security professionals, with just under half of professionals believing that their organisation does not have the adequate tools and people to respond to cyber-incidents in the next few years.

 

As attacks are becoming more sophisticated and more frequent, something has to change - and soon. 

 

One of the most pressing issues is the difficulty in sourcing skilled resources at reasonable salaries. Experienced cyber-security professionals command high salaries, placing a strain on organisational budgets. This financial hurdle makes it challenging for companies, particularly smaller businesses, to compete for top talent.

 

Apprenticeships offer a compelling alternative. They provide a cost-effective way to cultivate talent internally, offering formal training, hands-on experience, and mentorship. By investing in apprenticeships, organisations can develop their own workforce, tailoring skills to their specific needs, rather than engaging in costly bidding wars for pre-existing talent.

 

The industry’s over-reliance on prior experience presents another significant obstacle. This creates a catch-22: companies desperately need skilled professionals, yet they simultaneously deny newcomers the opportunity to gain the necessary experience.

 

Apprenticeships offer a solution by combining formal education with practical, real-world application. This structured approach allows apprentices to gradually acquire the skills and knowledge required for success. After two or three years in a well-designed apprenticeship programme, individuals should be well-prepared to transition into full-time roles, effectively closing the experience gap.

 

Despite the clear benefits, there remains a lack of awareness at the executive level regarding the strategic integration of apprenticeships into talent acquisition strategies. Many C-level leaders and CISOs still mistakenly associate apprenticeships with traditional trades like construction or engineering, overlooking their immense potential within the IT and cyber-security sectors.

 

This outdated perception needs to change. Apprenticeships offer a structured and highly effective pathway for developing skilled professionals in cyber-security, and this understanding must permeate the highest levels of organisational leadership. A shift in mindset is crucial, moving away from the sole focus on university graduates and recognising the value of alternative career paths. This change needs to be driven from the top down, fostering a culture that embraces diverse talent acquisition strategies.

 

Fortunately, progress is being made. Structured apprenticeship programmes are gaining traction across national and international organisations. These programmes offer training at various levels, from Level 3 to Level 6, enabling individuals to enter the field at a junior level and progress through a clearly defined career path. This represents a significant improvement over previous apprenticeship models, which often lacked comprehensive career development opportunities.

 

However, there is still significant room for improvement. A more strategic and standardised approach is required from industry, government, and academic institutions to ensure the consistent quality and effectiveness of apprenticeship programmes. Currently, some programmes fall short of expectations, leaving apprentices feeling disillusioned and misled about the training and career prospects promised.

 

Establishing clear competency benchmarks and guaranteeing a consistent level of quality across all apprenticeship programmes are essential to maximise their success and ensure they deliver tangible results. This includes robust oversight and regular evaluation to ensure programmes are aligned with industry needs and provide apprentices with the relevant skills and knowledge.

 

Well-structured apprenticeships have the potential to play a pivotal role in bridging the cyber-security skills gap. With proper implementation, support, and a shift in mindset at the executive level, they can provide aspiring cyber-security professionals with the practical experience they need while simultaneously helping organisations build a robust, cost-effective talent pipeline for the future.

 

By investing in apprenticeships, the cyber-security industry can not only address its current skills shortage but also cultivate a diverse and highly skilled workforce for years to come.

 

---

 

Muhammad Yahya Patel is Lead Security Engineer and a member of Check Point’s Office of the CTO

 

Main image courtesy of iStockPhoto.com and LordHenriVoton