Driving an effective cybersecurity apprentice program (Part 1)

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

A California program is using a large grant to train cybersecurity apprentices.Forecasting success carries a responsibility of providing future proof, and some obvious risk. I take the responsibility of being a wise custodian of a program that involves use of taxpayer funding seriously, with specific goals in mind. Those goals involve producing excellent taxpayers, charged with safeguarding digital resources from attack.

Defining a successful project begins with identifying a need. The specific need is filling the existing shortage of qualified cybersecurity professionals. That task became much easier as the result of the efforts of those involved in the NIST grant funded CyberSeek website that went live in November 2016.[1] The site graphically identifies the shortage of cybersecurity professionals and provides specific labor market information at the National, state, and regional levels.

In September of 2016, the California Community College Chancellor’s Office announced the availability of grant funding for apprenticeship programs.[2] Having researched the general unavailability of apprentice programs in the ICT field for an article I wrote in May of 2014,[3] this announcement served as an opportunity to see if we could develop an apprenticeship program here in California.

To facilitate the chances for project success, I reached out to Coastline Community College in Southern California, to serve as the host college.[4] Having taught cybersecurity courses at my own college for the past 18 years, I was aware of what Coastline’s hosting brings to project success. It is the only California community college that currently holds the “Center of Academic Excellence in Information Assurance and Cyber Defense – 2 Year” Federal designation issued by the National Security Agency and Department of Homeland Security (NSA/DHS).[5]

The 1$ million grant was awarded in mid-January. The application that was submitted details how the grant is going to be administered.[6] In general terms, the plan it to utilize a cohort approach, with approximately 25 students per cohort. Admission to the program requires that potential apprentices have previously obtained their CompTIA A+ certification.

Students will take what are defined as four “core courses” that include courses that are aligned with the exam objectives for the CompTIA Network+ and Security+ certifications, along with the Microsoft MTA certification relating to its server product. Additionally they will take a basic programming course.

From there they will be given the opportunity to select either a Cisco track (focused on CCNA certification), or a cybersecurity track (that focuses on the EC-Council CEHv9 and the new CompTIA CSA+ certification). Costs associated with course fees, textbooks, and certification exams will be paid by the grant.

Students are required during the term of the grant to participate in “on-the-job” training for a total of 2,000 hours. The program is designed to provide a living wage for this “learn and earn” period. While industry recognized industry certifications are important, the inclusion of this work based learning component is a key element in the Project’s success, given  the “in order to get a job you need experience, and in order to get experience you need a job” conundrum.

We recognize challenges we face is identifying employment slots for apprentices to meet this work based learning requirement. Employer monetary incentives, while available through grant funding, are probably not a sufficient carrot to have employers waiting in line to participate in the Project. Much of our efforts will be directed at the cybersecurity professional community, seeking support from local chapters of professional organizations like ISACA, ISSA, and (ISC)2.

We are contacting members of the existing workforce in the Region and asking them to serve as mentors for the students, helping them find “earn and learn” employment opportunities. To support this effort, I’m reaching out to my fellow CISSPs, reminding them that one of our ethics cannons is to “advance and protect the profession.”[7] I believe advancing the profession includes taking steps to insure that we have an adequate cybersecurity workforce to meet the needs of our society.

This article was purposely labeled “Part 1.” We believe it important to detail our successes (and failures), as we move forward with this effort, hopeful that it will encourage other colleges to consider this approach to cybersecurity training. Our goal is to create a sustainable model designed to continue once the grant funding runs out.


NOTES

[1] CyberSeek.org

[2] California Apprenticeship Initiative

[3] See “Formal ICT apprenticeship programs: Why not in the USA?”

[4] Coastline Community College (Fountain Valley, Calif.)

[5] Information Assurance Directorate, NSA

[6] California Cybersecurity Apprenticeship Project (CCAP)

[7] (ISC)² Code Of Ethics

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
Steve Linthicum

ABOUT THE AUTHOR

Steve Linthicum has been teaching information technology courses at Sierra College since 1999. He holds a variety of industry certifications that include CISSP, CASP, VCP-DCV, and MCSE: Private Cloud. See his LinkedIn profile for additional certifications. He also serves in a California Community College Chancellor’s Office role as the Deputy Sector Navigator for the Information and Communications Technology / Digital Media Sector. Steve can be reached at slinthicum@sierracollege.edu.

Posted in News|

Comment:

3 thoughts on “Driving an effective cybersecurity apprentice program (Part 1)”

  1. Hi Steve,

    I facilitate A+ and Network+ courses at LAUSD. I would like to get in your program in preparation for a future expansion of your Apprenticeship training program inside LAUSD.

    I have A+, Network+ and Security+. I am also qualified to teach Cisco courses (I am currently facilitating Introduction to Networks at NVOC.
    Do you think I can be part your students?

    I really appreciate your time to evaluate my request.

    Thank you,

    Dan

  2. @BT Wilkes,

    >>list of prerequisites?

    I attended the Apprenticeship Informational session last January 2017 so I know. The main one would be:
    – must be A+ Certified by the start of the Apprenticeship training.
    – there are other smaller ones, I apologize I don’t have the brochure to extract that information.

    >>What are the methods of delivery for the course(s)

    Fully online via School’s Online Learning Management System (LMS).

Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>