Today’s fast-paced demands of cybersecurity require a workforce that is both highly skilled and diverse. However, many large and medium enterprises face ongoing challenges in attracting and retaining cyber talent. Economic uncertainties have led to hiring slowdowns and cutbacks, despite the rising need for cybersecurity due to increasing threats. Key skills in demand include programming, threat analysis, and cloud security, with soft skills like communication also being crucial. Upskilling and internal training are highlighted as strategies to address workforce gaps.
Recognizing these challenges, WEI has partnered with CyberTrust Massachusetts while also creating an innovative solution: The Technical Apprenticeship For Diverse Candidates. This apprenticeship service not only addresses the critical need for skilled cybersecurity professionals but also fosters a more inclusive IT environment. Companies are increasingly valuing diversity in IT and cybersecurity teams, recognizing that diverse perspectives enhance problem-solving in the face of evolving digital threats.
Watch: Harnessing A Diverse Talent Pipeline For Cybersecurity Personnel
Why The WEI Apprenticeship Offering Stands Unique
Graduates from the CyberTrust program who enroll in the WEI Technical Apprenticeship benefit from a smoother transition from academia to the corporate world. Our cyber apprenticeship program stands out by prioritizing attitude and aptitude over existing skill sets, ensuring that we equip individuals with the necessary skills through role-specific and tech stack-specific training. Unlike other programs that focus on generic tech stacks, our training aligns directly with the technology actually deployed by the customer.
The program follows an iterative process combining on-the-job training with classwork, allowing apprentices to absorb and apply material in real-world settings, ensuring a deeper understanding and practical application. Additionally, we provide comprehensive mentoring for both apprentices and hiring managers to facilitate early course corrections and maximize program success.
To integrate WEI's apprenticeship service into their existing talent development strategies, clients can leverage it to fill difficult early-career roles in niche or emerging technologies, establish a reliable entry-level technical talent pipeline, and enhance their team's skills by incorporating apprenticeship training into their broader upskilling initiatives. Furthermore, the program can support a targeted Diversity, Equity, and Inclusion (DEI) hiring strategy, helping clients build a more diverse and skilled workforce tailored to their specific technological needs.
WEI’s proven apprenticeship service features a four-step process designed to ensure the successful transition of apprentices into full-time cybersecurity roles. There is zero obligation from the client to hire the apprentice to a full-time position, although that is the case in 99% of our engagements. Here’s how it works:
- Identify Apprenticeship Plan & Expectations: WEI collaborates with the client to develop a role-specific apprenticeship plan, identifying expectations and recruiting individuals with the potential to excel in cybersecurity careers. This step aims to tap into underutilized talent pools, fostering a more inclusive workforce.
- Hire Apprentice: Candidates undergo a job suitability assessment and participate in client interviews. While they may not possess all the required skills initially, their attitude and aptitude are key factors in the hiring decision. WEI then provides essential technical training.
- Deliver Development Plan: Apprentices are paired with experienced cybersecurity professionals who offer guidance, support, and career development opportunities. This mentorship is crucial for shaping the trainees' professional growth and ensuring a smooth transition into the workforce. This phase often lasts 12 months.
- Transfer Apprentice to Full-time Employment: Upon successful completion of the program, apprentices are offered full-time positions with the client. This commitment helps bridge the cybersecurity skills gap and strengthens the regional cybersecurity landscape. As mentioned above, clients are not obligated to hire the apprentices, but WEI does boast a 99% success rate in job placements.
Addressing the Cybersecurity Skills Gap With CyberTrust Massachusetts
At WEI’s recent Cyber Warfare & Beyond roundtable discussion, renowned cyber thought leader Rick Howard said the perception of a cyber staffing shortage actually has more to do with the mismanagement of existing talent within many enterprises.
“In my opinion, we don't have a shortage of new talent coming into the field,” said Howard. “There's lots of training programs for that. When you're a security manager hiring a disposition manager, you're not looking for the new talent, though. They are looking for the person with 25 years of experience and 17 certifications that they can pay them $150 an hour for. That's why when you hear everyone say there's a shortage of cybersecurity professionals, there's not. As a profession, we manage it poorly. We don't bring in new talent and train them up the scale. We try to find the unicorns, the super stars, and we don't pay attention to all that stuff. That's a complete mindset that needs to change in our industry if we are going to fix that problem."
Watch: WEI Cyber Warfare Roundtable Discussion
Identifying and sustainably developing tomorrow’s IT talent is more pertinent than ever. That’s why WEI’s partnership with CyberTrust Massachsuetts comes at a time when many organizations are struggling to retain and upskill IT personnel. WEI is working to help customers alleviate this challenge by offering the apprenticeship.
The collaboration leverages the state-of-the-art Cyber Range at Bridgewater State University (BSU), where students and interns can simulate real-world cyberattacks, test defense strategies, and hone their skills in a controlled environment. CyberTrust is also affiliated with the Center For Cybersecurity Education at MassBay Community College and will also be leveraging an additional cyber range at Springfield Technical Community College later in 2024.
Our leaders at WEI passionately champion diversity by actively fostering inclusive practices and building strategic partnerships. Our DEI initiatives aren’t just about avoiding pitfalls—it's about embedding diversity as a core value that fuels innovation across our business. CyberTrust’s comprehensive approach ensures that students receive both theoretical and practical training, making them well-equipped to handle real-world cybersecurity challenges.
Supporting a Sustainable Talent Pipeline
The sustainability of the cybersecurity talent pipeline is crucial for the long-term success of any enterprise. With WEI and CyberTrust Massachusetts, organizations can:
- Invest in Continuous Learning: Support ongoing training and development to keep pace with the evolving cybersecurity landscape.
- Foster Culture of Inclusivity: Create an environment where diverse talents can thrive and contribute to the organization’s success.
- Strengthen Community Relations: Engage with local educational institutions and community programs to build a robust talent pipeline.
The WEI Technical Apprenticeship for Diverse Candidates focuses on developing a comprehensive set of technical and soft skills that are essential for success in the cybersecurity field. Here’s a proven breakdown of some learned technical skills:
Network Security: Apprentices learn to design, implement, and manage security measures for network infrastructure. This includes configuring firewalls, intrusion detection systems, and other security protocols to protect data and prevent unauthorized access.
Cloud Security: Training covers security practices for various cloud environments, including public, private, and hybrid clouds. Apprentices learn about cloud security frameworks, identity and access management (IAM), and how to secure data in transit and at rest.
Security Operations Center: Apprentices gain hands-on experience in a SOC environment, learning to monitor networks for security breaches, analyze security incidents, and implement response strategies. This includes familiarity with security information and event management (SIEM) tools.
Incident Response: Apprentices are trained in incident detection, response, and recovery processes. They learn to develop and execute incident response plans, conduct forensic investigations, and report on security incidents.
Risk and Compliance Management: Apprentices learn about regulatory requirements and frameworks such as GDPR, HIPAA, and NIST. They are trained to conduct risk assessments, implement compliance controls, and ensure that security practices meet legal and regulatory standards.
Vulnerability Management: This includes identifying, assessing, and mitigating security vulnerabilities in software and hardware. Apprentices learn to use vulnerability scanning tools and develop remediation plans.
Endpoint Security: Training covers the deployment and management of security measures on endpoint devices such as computers, smartphones, and tablets. Apprentices learn to protect these devices from malware, unauthorized access, and other threats.
Penetration Testing: Apprentices are introduced to penetration testing techniques to identify and exploit vulnerabilities in systems and networks. They learn to use tools like Metasploit, Wireshark, and Nmap.
Data Protection: Apprentices learn about data encryption, data loss prevention (DLP) strategies, and secure data handling practices to protect sensitive information.
DevOps Security: Training includes integrating security practices into the DevOps process, ensuring that security is considered at every stage of the software development lifecycle.
Conclusion
The WEI Technical Apprenticeship for Diverse Candidates, in partnership with CyberTrust Massachusetts, provides a comprehensive solution to the ongoing challenges of talent shortages and lack of diversity in cybersecurity. By adopting this program, medium and large enterprises can ensure a steady flow of skilled, diverse cybersecurity professionals who are well-prepared to meet the demands of the industry. This initiative not only benefits the participating companies but also contributes to a more secure and inclusive digital ecosystem.
Next Steps: To learn more, please contact either myself or anyone from the WEI cybersecurity team to learn more on how we can help build you a sustainable IT talent pipeline for cybersecurity-based roles.
In the meantime, please download and read this original WEI white paper, Explaining The Cybersecurity Skills Shortage Downstream Effects And How Enterprises Can Utilize AI. As a SOC leader, you have the option to modernize your security approach by incorporating AI and ML technologies. AI-enabled security solutions are designed to directly address the challenges posed by gaps in knowledge, unfilled expert roles, growing digital footprints, and the rapidly evolving threat landscape, as adversaries also harness AI for nefarious purposes.