The future of developing the Federal cybersecurity workforce could rely on apprenticeships to fill the talent pipeline and improve retention in cyber roles.
That was the word from Marian Merritt, deputy director of the National Initiative for Cybersecurity Education (NICE) at the National Institute of Standards and Technology (NIST), during MeriTalk’s Cyber Central: Defenders Unite virtual conference on October 28.
“People may not be aware of the breadth of apprenticeship programs in the Federal government,” said Merritt. “We have about 150 different work roles, but they are not in IT and they are not in cybersecurity. So, we’d like to see that change. We think apprenticeships could be a very exciting way to bring in talent.”
When comparing apprenticeships to internships, Merritt said that the apprenticeship route provides better opportunity for on-the-job training and dedicated mentorship. She said it’s more likely that a position will be available for an apprentice, and added the private sector is turning to apprenticeships more often. Beyond that, she said apprenticeships can also help diversify the talent pool.
Merritt explained that many cybersecurity-based jobs focus on the mid-career level – making it challenging for younger people to enter the field, and increasing competition among the mid-career candidates. That can also lead to lower retention levels, and higher costs of talent acquisition, she said.
“There’s a lot of conversation about removing degree requirements for cybersecurity work,” said Merritt. “That’s not to denigrate the value of a cybersecurity or having a degree or the college experience, but rather to reflect on the fact that the vast majority of senior practitioners in cybersecurity do not have a cybersecurity degree.”
She added, “if you’ve got a degree that’s not in a related field, you are still possibly somebody with the aptitude and attitude to qualify for cybersecurity work if you get the right training and acquire the skills and knowledge to qualify.”