Build vs. Buy: Solving the Cyber Talent Shortage, Today
Cybersecurity Ventures says the worldwide deficit of qualified cybersecurity professionals will reach 3.5 million by 2021. Yet, CSO’s Top 5 cybersecurity facts, figures and statistics for 2018 paint a more dire picture:
Since every IT position is responsible for protecting and defending data, apps, devices, infrastructure, and people – every IT position is also, to a degree, a cybersecurity position.
That explains why the cybersecurity unemployment rate today has dropped to zero percent. The actual workforce shortage represents an even greater supply and demand dilemma.
How are employers coping with this critical cyber skills shortage? The ability to attract and retain the best and brightest is a constant, costly battle. Recruitment teams are poaching talent by sweetening salary and benefit packages. But, increasing employment costs is not a sustainable solution. Especially for companies who are losing talent to larger competitors. And, as the talent pool continues to decline, the ability to dip in and not come up empty will become more difficult. No matter how much money you throw at it.
So, one may question: What about new talent in the pipeline? The next generation of cyber talent is almost ready to enter the workplace. Shouldn’t the numbers improve? The answer is: Not likely. We are facing a shortage of skilled labor PLUS a shortage of skilled educators. Most current education, training, and certification programs are not producing qualified, job-ready candidates. Given the growing number and sophistication of attacks, this comes as no surprise. Cyber education requires a deep, hands-on, in the trenches approach to learning to produce qualified cybersecurity professionals.
The cyber industry needs a new recruitment, education, and training strategy. A strategy that can keep pace with the industry’s complex skill requirements. A strategy that can also attract more talent to the field and supply qualified cybersecurity professionals.
Apprenticeships – A Perfect Solution
Apprenticeships offer a perfect solution. In the UK, standards for cyber apprenticeship programs are opening possibilities. The programs broaden entry-level routes into the profession and develop new career pathways. This opens the door to a new genre of talent – individuals who may not have considered cyber as an option. It also opens the talent pool for employers. And, it moves individuals- even those with low or no skills – up to full competency in 12-18 months.
The move in the US towards modern apprenticeship programs is behind other countries. But, initiatives have been underway in both the former and current Administration. Fortunately, apprenticeship programs have managed to maintain ongoing bipartisan support. Last year, President Trump issued an Executive Order for “Expanding Apprenticeships in America.” A special Task Force on Apprenticeship expansion filed their final recommendations. Cybersecurity, of course, was a sector covered in the Task Force report.
A 21st-century apprenticeship approach aligns cyber workforce training and education with employer requirements. It rejuvenates training and recruitment methods. It builds teams of dedicated employees mentored to succeed (among other things). The task force report recommendations offer inspiration and hope for change. But, change takes time.
Do US employers have the luxury of time to wait for our government or educational systems to catch up? US employers who focus today on tomorrow’s workforce can begin to build it, rather than continuing to buy it. After all, the law of supply and demand is not working out in anyone’s favor as it relates to qualified cybersecurity professionals.
“Don’t put off until tomorrow what you can do today.”
― Benjamin Franklin
Interested in learning more about the Franklin Apprenticeship Cybersecurity Apprenticeship Academy, becoming a partner, or starting an apprenticeship program in your company? Contact us.