Cy Says Blog & Podcast

ST. LOUIS – A little over four years ago a group of community leaders came together and presented an idea on how we can grow the regional workforce. These leaders included organizations like the St. Louis Regional Chamber, the Leadership Council of Southwestern Illinois, and Scott Air Force Base. The base was seeking a solution to their growing skills gap and a way to overcome hiring cleared personnel.

There wasn’t an easy solution, but with the creation of CyberUp and a little bit of tenacity, collaboration, and community support we have a solution. With support from Boeing and the Scott Air Force Base Airman and Family Readiness Center, CyberUp has developed a pathway to help transitioning veterans begin a high-paying career in cybersecurity.

On October 5th, CyberUp started training 15 veterans and military spouses for our Veteran LevelUp Program. The program targeted veterans transitioning from active duty with 6 – 12 months left to their military commitment or active National Guard and Reservists. Participants received 6 months of free, virtual supported training by CyberUp. Their training will ramp up their technical and cybersecurity skills to CompTIA Security+. Upon completion of their training, veterans are eligible for apprenticeship placement services from CyberUp. Through placement at an employer partner of CyberUp, veterans will complete 2,000 hours as paid apprentices and continue their technical skills training.

To build on the success of the previous 3 cohorts, Boeing has invested in CyberUp to train 30 more veterans and military spouses in 2022. We will team up and support Scott Air Force Base who forecasted to have approximately 4,000 service members transition in 2022. This is the first step to attracting and training veterans in cybersecurity to stay in the St. Louis region. Veterans are highly sought after by local companies because of their commitment to mission and core values. “We have a tremendous amount of talent transitioning each year from our partners at the base. The more we can do to incentivize them to stay in our region will help fill our growing skills gap. I would like to personally grow this program to account for a minimum of 10% of the veterans transitioning each year. When we do this right, we can help other military communities through apprenticeship and training. The opportunities for both the veteran and the region,” Tony Bryan, Executive Director at CyberUp explains.

To learn more about the Veteran LevelUp Program, please visit CyberUp’s website at www.wecyberup.org/levelup-veterans. Information about the program, how to apply, and additional upcoming class details can be found there.

ABOUT CYBERUP:

CyberUp is a 501c3 nonprofit with a mission is to cultivate the cybersecurity talent pipeline for today and tomorrow. They accomplish this through their nationally recognized LevelUp: Apprenticeship Program and their youth-focused PowerUp Cyber Games. To learn more, visit wecyberup.org, or contact Tony Bryan at tony@wecyberup.org or 314-764-5419.

ABOUT THE BOEING COMPANY:

Through purposeful investments, employee engagement, and thoughtful advocacy efforts, Boeing and its employees support innovative partnerships and programs that align with the company’s strategic objectives, create value and help build better communities worldwide. Boeing’s efforts are focused on improving access to globally competitive learning, contributing to workforce and skills development, and supporting our military and veteran communities. Chicago-based Boeing is the world’s largest aerospace company and leading manufacturer of commercial jetliners and defense, space, and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in more than 150 countries.

I just returned from the 2022 NICE Conference in Atlanta, GA. It was amazing to meet up with colleagues we have worked with for the past 6 years face-to-face. It was also energizing to connect with new people who are all working to help “Demystifying Cybersecurity,” the theme of the conference. Over the course of 3-days, we convened on topics like degrees, apprenticeships, DEI, frameworks, pedagogy, curriculum, dashboards, and much more. I heard a ton of buzzwords and approaches but there was one particular talk that stood out to me.

On day 2 during the lunch keynote, we all had the pleasure of hearing from Paul Bingham from Western Governors University. Being fully transparent, they were a main sponsor of the event so I expected to hear just how great they are and all the ways they are educating and filling the “skills gap.” For the record, I am a big fan of their program and we did get some of that, but he took it in a very different direction than I expected.

He shared multiple headlines from I believe an NSF publication. Maybe I should’ve taken better notes but not the point today. What those headlines represented were articles written 10, 7, and 5 years ago about the challenges we are and will face in the realm of cybersecurity. He talked about advancements in technology, diversity and inclusion efforts, and much more. The bottom line, all of those stories are 100% still accurate and true today. In many aspects, like the talent pool, we are actually worse.

They announced the updated numbers for the Cyberseek website on day 1 of the conference. The new total that will be shown a million times by all of us increased to 714,548 job postings. This represents a 43% increase in the 12-month period compared to only 18% across the entire employment market. The other statistic that startled me was the number of employed cybersecurity workforce. The number is now 1,091,575 which represents an increase from the last update of about 40,000 workers. This indicates that the number of role growth was around 3X the number of employed workers. In essence, we are still losing the talent battle.

We have added more degrees, boot camps, apprenticeships, certifications, and automation yet we are still losing. Interest in the field has never been higher and pathways into them continue to grow. We continue to throw money and solutions at it but we are still where we were at 10-years ago as outlined in the stories shared by Mr. Bingham. What are we missing?

I firmly believe there isn’t a silver bullet solution but I am also curious to how we slow down the 3X gap in job openings and candidates we are experiencing every time the data updates. The time is now to change the narrative and our approach. We have to stop talking about solutions and delivering results. It is easy to forget each of these roles represents a missing link for our government or a company. They represent vulnerabilities, ransomware, IP loss, and most frightening of all, national security.

The point of my rant is to open up a discussion. Comment, share, argue, agree, or whatever you feel you need to do but I can confidently say that what we have done and continue to do isn’t working.

New members will enhance the board’s focus to grow the cybersecurity workforce through high-quality LevelUp Apprenticeships, and engage students through PowerUp Cyber Games.

St. LOUIS, MO– CyberUp, a national nonprofit organization today announced four new board members who will each help support the nonprofit’s work to cultivate the cybersecurity talent pipeline for today and tomorrow.

“We’re excited to expand our board with four new members who will bring diverse expertise and insight to our work,” said CyberUp Board Secretary Doug Menendez. “We have worked diligently to ensure CyberUp’s board and leadership represents a variety of experts from various industries and is a better reflection of the world we live in, and the newest board members are no exception.”

The four new board members are:

• Renita Rhodes, Principal Auditor – Information Security, Wells Fargo
• Suda Suvarna, Deputy Chief Information Officer/Managing Director, Deloitte
• Eddie Williams, Strategy, Governance and Management, PwC
• Chris Hogan, Vice President, Corporate Security Architecture and Engineering, MasterCard

To learn more about the CyberUp board and read member bios, click here.

                                                            # # #

CyberUp is a 501c3 created to cultivate the cybersecurity talent pipeline for today and tomorrow. CyberUp launched in February 2016 as a regional effort to expand the availability of cybersecurity talent but aspires to reach a national audience. In a short time, the organization and the organization’s leadership has grown to be a nationally recognized team that has the solution to shrinking the forecasted 2.5 million job openings by 2022. CyberUp develops the cybersecurity talent pipeline both short and long-term. Our short-term solution of apprenticeship develops and prepares a skilled workforce for companies to hire. Our long-term approach connects youth with a gamified, virtual cybersecurity competition to gain cybersecurity skills and piques their interest in pursuing STEM-related careers. https://www.wecyberup.org

CyberUp recently celebrated its five-year anniversary and I can’t help but think back on how action-packed these last five-years have been. Take a walk down memory lane with me if you will as I reminisce on my last four and a half years with CyberUp through the lens of our core values.

Tenacious

As with any young organization, you can’t make it to the five-year mark without being tenacious. Five years ago, we had a group of thought leaders come together to identify a solution to a critical need of growing the cybersecurity talent in our region. CyberUp was born as the Midwest Cyber Center of Excellence. We rebranded in 2019 to CyberUp to better represent our mission and the geographical reach of our programs.

We’ve spent the last five-years fine-tuning how we were going to develop and grow the cybersecurity talent pipeline. Our mission has remained the same the whole time, but the “how” has been an ongoing work of love. In 2017, we were approached by the Department of Labor to create a cybersecurity-related registered apprenticeship. It sounded like a great idea, but honestly, we weren’t quite sure what we were getting into.  Over the last three years, we’re continually asking for feedback from companies, industry professionals, and even our candidates on how we can make our apprenticeship program better. We’ve continued to educate companies about how apprenticeships work and how our apprenticeship program can solve their workforce storage. We’ve made a commitment to cultivating the cybersecurity talent pipeline and we’re not going to let anything stand in our way from accomplishing that mission.

Veracious

We are probably more truthful about where we’ve come from and where we’re going than people expect. We’ve been extremely honest about our growing pains with the apprenticeship program or even our youth program during any of the collaborative working groups we’re apart of. We’re more than honest letting our peers know what’s worked and what hasn’t worked. It’s great being the first cybersecurity apprenticeship program in our region, but that notoriety also comes with growing pains we get to work through.

We’ve had some tough conversations of tough love with some of our candidates polishing up their workforce readiness skills because no one had the courage to provide the candidate feedback before. This tough love was never mean-spirited, but it helped them develop them and land their next job.

We’re probably most honest with ourselves. After each event we complete an after-action report to go over what did and didn’t work so we’ll know how to make the event or program better the next time we do it. It’s never anything personal. Being this honest with ourselves has kept up nimble and able to quickly adjust to the challenges we face like a global pandemic for example. We’re not afraid to try something to see if that’s going to connect with our audience better.

Hungry

When we say hungry we don’t mean physical hunger as in pass the snacky-poos so my tummy stops growing. We mean that we’re not going to give up. We’re going to keep brainstorming, researching, asking questions, finding mentors, and working together to develop the cybersecurity talent pipeline. We will continue to root for our candidates who have so much potential but aren’t given the opportunity to prove themselves because they don’t happen to have a college diploma. We’re hungry to provide the best training and take time developing relationships with companies to hire our apprentices. We’re also hungry to continue to work with our youth partners to develop a fun, gamification way for middle and high school students to learn cybersecurity.

Adaptive

Being adaptive honestly feels like my 2020 motto. Adapt and overcome. CyberUp and the rest of the world went into 2020 very optimistic. Although we’ve still done a great job hitting our goals, it wasn’t how we envisioned it would happen at the beginning of the year. We started off the year with a Military Spouse IT Fundamentals in-person class, but a couple of weeks in had to completely convert the class 100% online. Our instructor and students quickly adapted to the new class, but it provided an opportunity to quickly pivot to run the class in a new environment that’s now scalable nationwide. We also started our PowerUp: Cyber Games pilot at the beginning of the year, but once the world shut down, it helped us realize the importance of us making sure we made our cybersecurity challenges able to be completed on a Chromebook. It made us extremely aware of the potential barriers some students might face if they don’t have access to Wi-Fi or a Chromebook. The pandemic made us adapt to our new reality and learn how to quickly engage candidates and students remotely. It helped push us to create our own resources and content for our candidates and students to explore on their own time.

Collaborative

This is one that comes naturally for us. We truly want to see the region and nation do better. We want to see the people who have been laid off transition into cybersecurity. We want to help the military veteran transitioning out of the military transition into a booming career field. We want to see youth explore cybersecurity now so they know all their options to get into the career field to make a difference and potentially change their trajectory in life. Because we genuinely want to lift everyone up and help secure our nation, we value all our partnerships and collaborative working groups that help us achieve these goals.

Although the road has been challenging, we’ve still been able to celebrate our success and the impact we’ve made so far. I look forward to what the next five years are going to look like for CyberUp and how much more of an impact we’ll be able to make.

A little over four years ago a group of community leaders came together and presented an idea on how we can grow the regional workforce. These leaders included organizations like St. Louis Regional Chamber, Leadership Council of Southwestern Illinois, and Scott Air Force Base. The base was seeking a solution to their growing skills gap and a way to overcome hiring cleared personnel. There wasn’t an easy solution, but with the creation of CyberUp and a little bit of tenacity, collaboration, and community support we have a solution. With support from Boeing and the Scott Air Force Base Airman and Family Readiness Center, CyberUp has developed a pathway to help transitioning veterans begin a high paying career in cybersecurity.

On November 10th, CyberUp graduated 17 veterans and military spouses from our inaugural Veteran LevelUp Program. The program targeted veterans transitioning from active duty with 6 – 12 months left to their military commitment or active National Guard and Reservists. Participants received 6 months of free, virtual supported training by CyberUp. Their training will ramp up their technical and cybersecurity skills to CompTIA Security+. Upon completion of their training, veterans are eligible for apprenticeship placement services from CyberUp. Through placement at an employer partner of CyberUp, veterans will complete 2,000 hours as a paid apprentice and continue their technical skills training.

To build on the success of the first cohort, Boeing has invested in CyberUp again in 2020 to train 25 more veterans and military spouses in 2021. We will team up and support Scott Air Force Base who forecasted to have approximately 850 service members transition in 2020. This is the first step to attracting and training veterans in cybersecurity to stay in the St. Louis region. Veterans are highly sought after by local companies because of their commitment to mission and core values. “We have a tremendous amount of talent transitioning each year from our partners at the base. The more we can do to incentivize them to stay in our region will help fill our growing skills gap. I would like to personally grow this program to account for a minimum of 10% of the veterans transitioning each year. When we do this right, we can help other military communities through apprenticeship and training. The opportunities for both the veteran and the region,” Tony Bryan, Executive Director at CyberUp explains.

To learn more about the Veteran LevelUp Program, please visit CyberUp’s website at www.wecyberup.org/levelup-veterans. Information about the program, how to apply, and additional upcoming class details can be found there.

Hands down, the number one question we are asked is, “what is the difference between an internship and an apprenticeship?”

Both internships and apprenticeships both have their place in recruiting and growing your team. And, there is incredible value in having both programs running concurrently to maximize entry-level talent development.

For starters, internships are a proven way to bring some of the brightest minds into your company while providing an invaluable experience for the students. The typically short-term engagements also allow companies to get to know the potential future hires and, something often overlooked, are an opportunity for your team to gain management experience.

However, there are also drawbacks to internships. Let’s discuss.

• Not here for a long time but to have a good time – A typical internship is around three months. Let’s be honest, for the first 30 days, a student is learning the lay of the land. If this is their first time in a work environment they are simply learning how to work. What does it mean to come to work every day and contribute? By the second month, they probably have a project in place they have started and are being a productive-ish member of the team. As they speed into the third month, priorities shift. They prepare to brief on their project and hand it over to someone who will be there full-time. Rinse and repeat summer after summer.
VS. A long-term staffing solution – Apprenticeships are 12 months long with the intention of the apprentice joining your team for the foreseeable future, i.e. retention! 95% of CyberUp apprentices retain employment after completing their apprenticeship. Plus, apprentices can be added throughout the year to meet your staffing needs.

• What do I want to be when I grow up? – How many of us truly knew what we wanted to do when we were in college? Many have a general understanding of Corporate America but likely aren’t aware of all of the opportunities that are available. Students leverage internships as a way to discover jobs and companies. It’s a time for discovery. They’re trying roles out as much as companies are trying them out, if not more.
VS. I know what I want – Seasoned workers have made a very conscious decision to pursue a specific career. Not a job, a career. Career transitioners know what they’re looking for in their next role and bring a wealth of knowledge from previous professional and life experiences. Apprenticeships quickly and easily connect companies with these tenacious job seekers. And companies that give career transitioners the opportunity to prove themselves and grow within their target industry are likely to stay at the organization for several years. Again, retention.

• How does this thing work? – Creating a structured environment is essential to the success of the program but not every company has the time, money, and resources to properly build an internship program out. And the goal is to foster collaboration, innovation, and teamwork, but it’s also really hard to commit time and resources to an already stretched-thin staff. And, who takes the lead in planning, recruiting, and executing? To do it right, it’s going to take a team of people and a lot of manhours.
VS. Structure with flexibility – Every job seeker and every employer can benefit from the structure of a registered apprenticeship. Apprentices benefit from on-the-job training, mentorship, and continued learning (related training instruction). Companies can either build their own apprenticeship or partner with an intermediary, like CyberUp, to deliver the three aspects of the program. Working with an intermediary allows the employer to focus on the OJT and the person holistically, without distractions. Also, each of the three aspects of an apprenticeship can be customized to meet the needs of the employer and the skill level of their apprentice.

• Limited reach – Many companies recruit from the same colleges and universities year after year, which can lead to a workforce with uniform experiences, education, and thinking. Sameness is not something an ever-evolving industry like cybersecurity needs.
VS. A talent pool that’s a reflection of the world we live in – CyberUp surpasses all diversity goals in our recruitment process while also considering more than race, gender, or sexual orientation. Diversity is also about how someone was raised. Studies show increased productivity, cultural awareness, positive reputation, and much more. We have seen time and time again (even with our own team) that it takes different perspectives and approaches to be successful. Why not build a program that promotes and enables that?

Both internships and apprenticeships can play an important part in how you grow your workforce. Instead of an either/or approach, consider how both programs can help solve your staffing needs. Employers should consider their annual hiring strategy, looking at when the best times will be to onboard throughout the year.

Why should you jump into apprenticeship now?

We have all seen the numbers – 700,000+ open roles with anticipated growth in the millions over the next several years. What is the saying? The definition of insanity is doing the same thing over and over expecting different results. Has your organization continued to rely on traditional hiring methods? Are you exploring apprenticeship? If not, why?

Apprenticeship has been around for centuries. Generally associated with the trades with the core concept remaining the same, earn while you learn, but now evolving into various new sectors. Technology career and apprenticeship opportunities will continue to grow as companies embrace less degree-dependency and more skill-based hiring practices.

This past week a major announcement was pushed down from the White House, Department of Labor, Department of Commerce and supported by our friends at the National Initiative for Cybersecurity Education (NICE) about a cybersecurity apprenticeship sprint. They hope to inspire individuals, companies, and programs like ours to rally together and have an impact on the aforementioned open roles. CyberUp is honored to be a participant in the sprint, bringing our expertise and sharing our success stories with others on the importance of apprenticeship.

That being said, if you have been on the sidelines or fence about how apprenticeship could work for you, jump on this opportunity NOW.

Don’t know where to start? The CyberUp Apprenticeship Team can help you build an apprenticeship model that works for you. Contact us today or simply fill out this form and we will reach out for a quick 30-minute apprenticeship consult. Onward and upward!

Our last several blogs have been super specific to topics that have been relevant to things happening right now. Never a bad thing but sometimes it is good to stick to the basics. CyberUp has tons of folks who reach out to us with this very question, "How do I get into cybersecurity?" Although there isn't a simple answer to the question we thought it would be worthwhile to lay out the questions we are asked during the conversation and the advice we give.  

Each conversation generally starts with three simple questions:

1. What is your timeline/need to break into cybersecurity?
2. What is your budget to get the training/skills you will need?
3. What type of training do you think you will need?

Let's explain why these questions are important. 

What is your timeline? 

Given the recent global pandemic and even before, we had a lot of people reach out to us out of necessity. They found themselves out of work and exploring ways that they can support a family. The cybersecurity industry has done a fantastic job of marketing the demand for talent and the possibilities of earning a good income. All facts but it isn't as easy as it is made out to be. It is going to take some amount of time to go through a training or education program. Depending on the person's situation there are options. The longest option is a traditional college education. Both 4-year and community colleges provide good curricula but can take a bit longer for someone looking to transition quickly. The quickest option available is a pay-to-play bootcamp or stacking some certifications. There are several options out there like our partners at Fullstack Academy  and they provide proven and short-term training options. Not as quick or long as the previous two options are programs like ours that provide pre-apprenticeship training. All three skill paths provide you with a foundational set of knowledge that should provide you with a baseline of skills necessary to obtain that first role.

What is your budget?

Let us start out by saying, CyberUp is committed to providing access to free and high-quality cybersecurity training so this isn't an endorsement to pay us for what we do, but a way to highlight that we are not the only option available. All three listed above are viable options and each have unique advantages over the other. There are efforts all across the country by companies who are reimagining how they are hiring and reducing the need for college degrees but let's be honest....we aren't fully there yet. A college degree still remains critical to someone's long-term success and upward mobility. If there isn't a time crunch and a person has availability to resources needed to pay for school, choosing one of the incredible cybersecurity programs created is always a solid option for someone. A bootcamp is going to require a larger upfront cost but the pace, curriculum, and time to the end goal, employment, can be much faster. Many of them are full-time programs that can end in just a few months. If the resources are there and the time-to-goal is important the cost may be worth it for an individual. Lastly, programs like ours also provide training and credentials required to obtain a job. However, we simply are not as fast as a bootcamp and we do not provide a degree. What we do provide is a part-time option suitable for folks that have full-time jobs and flexibility to learn at your own pace. There isn't a cost associated with the program but there is a rigor to the curriculum and demand that can be difficult if things are not prioritized right.

What type of training do you need?

This may be a strange question for most but we all learn in different ways and have different needs when it comes to education. If you are a person who needs due dates, homework, and accountability college or a bootcamp may be the best fit. Let's be clear, we require our candidates to put in the work and set high standards for someone to complete the program. We ask each person to commit to the program and put their best effort into completing their training. We have seen firsthand when someone makes an investment into themselves they bring a different attitude to the program. We have all heard the saying, "you get what you pay for," and this applies to programs like ours. 

Ultimately, there isn't a "one-size fits all" option for any of this. That is why we start with these three simple questions. If you find yourself exploring a career in cybersecurity and not sure where to start...we recommend taking a few moments to think through these questions and make the right choice for you. Also, we are always happy to help advise so don't hesitate to reach out!