The education system always lags a bit behind industry. It’s too difficult, costly and labor intensive to accurately predict where job markets might be going and then retool curricula and change professor hirings/staffing to reflect a prediction. There needs to be a pretty proven need from industry before educational institutions course correct. Schools try to thread that needle so they’re not too far behind, but also aren’t out on a limb that ends up unattached to a tree. For instance, it took years after the rise of internet journalism for schools of communication to catch up and start offering digital-centric reporting classes. It took years more to transition away from a TV broadcast video approach to visual storytelling in favor of a more documentary-style visual aesthetic. But what happens when the field in question is moving so fast, and the need for high-skill labor so great, and there’s a sizable shortage thereof? Predictably, that industry has to find ways to make matters into their own hands. And in the case of one of the most cutting-edge fields in the world, cybersecurity, industry is going old school to recruit and train talent — apprenticeships.
Frost & Sullivan and (ISC)2 released a report detailing how the global cybersecurity workforce will have more than 1.5 million vacant positions by 2020. The security sector is a fast-growing industry, and IDC predicts it could become a $100B+ market by 2020. So why the job surplus/labor deficit?
According to an analysis from the Harvard Business Review, “there are no signs that the bad guys are limiting their talent pool — and cybercrime is now a $445 billion business. The average company handles a bombardment of 200,000 security events per day. Cybercriminals are becoming increasingly more organized and aggressive, while the teams defending against these attacks are struggling to fill their ranks.”
So what’s to be done?
One way companies are responding is by changing their new hire target characteristics. Traditionally, cybersecurity companies have sought to pull from technical undergrad degree ranks — computer science and the like. But with cybersecurity touching so may industries in so many different ways, many companies are seeing increased applicant and productivity returns by targeting workers from different educational backgrounds who instead have specific desirable traits — like, for instance, “unbridled curiosity, passion for problem solving, strong ethics, and an understanding of risks” as HBR put it.
If a candidate presents with those qualities, it can often be easier and more desirable to mold that hire into the employee you want as opposed to getting hung up on whether or not they studied computer science at university.
The other way many firms are attracting and training talent comes from the blue collar mold of old — apprenticeships.
From Inc.: “Cybersecurity companies have embraced apprenticeships in part because the training is especially effective in industries where best practices quickly become outdated. The trainees learn, among other tasks, how to manage and defend a network from various security threats, which are constantly changing… As such, it’s no small investment: a single certified apprentice can run a company $25,000 to $30,000 dollars a year, which includes the college courses and a wage. But companies say the investment is worth it because of the employee loyalty it fosters.”
Even though cybersecurity is one of the hottest and most cutting edge industries out there, an older form of employee recruiting and training is serving them well. We would challenge you to reevaluate how you attract, train and retain talent — there are great strategies, new and old, that can really help you build a workforce of the present and future.