HomeCase StudiesHow BT’s cybersecurity boot camp is bolstering a technology talent crisis

How BT’s cybersecurity boot camp is bolstering a technology talent crisis

by HRD Connect | Case Studies

Research from the UK government shows that nearly 700,000 businesses lack the skills they need to carry out basic tasks like setting up firewalls, storing personal data, and detecting malware. Like many other industries struggling with a skills shortage, there is a cybersecurity talent crisis, concentrated in the UK.

New research from IBM shows that British companies have been the target of 43% of all hacks in Europe over the last twelve months, with London’s financial sector as one of the prime targets. The UK urgently needs to stiffen its cyber-security defenses to meet this challenge, but the cyber skills talent crisis has become a chasm after years of under-investment. The UK’s biggest fixed and communications company is determined to fill this gap. BT, which traces its lineage back to the invention of the telegraph in the 1840s, is determined to mobilize its huge workforce to help Britain meet the challenges of web3 and digital. Oonagh Ryden, BT’s HR Director for Global Cybersecurity and Finance, takes up the story.

Was this article helpful?

How BT is cooling the cybersecurity talent crisis

Last March, BT launched a retraining program in partnership with CAPSLOCK, an accredited cybersecurity boot camp. An initial cohort of 30 employees was reskilled over the course of 17 weeks, in a scheme which, as Oonagh Ryden, points out, is designed to break down the invisible barriers that prevent many from venturing into this field.

“We targeted CAPSLOCK at those looking to learn cyber skills but unsure how to begin doing so. Demystifying the world of cyber was a key objective of the program. We wanted to make clear that you don’t need a degree in computer science or a background in security to break into the industry.

“The program was driven by our desire to create high-value career paths within BT Group and to build a pipeline of talent to help keep BT and our customers safe online. There’s a well-documented cyber skills shortage worldwide… [and] all organizations are facing a very competitive labor market as a result. BT is no exception.

“We see this program as an investment in our people that will reap significant rewards in a high-priority business area for BT. But each individual also invested massive time, energy, and enthusiasm to make their training a success.”

image

Identifying applicants for reskilling

None of the program’s graduates had any cybersecurity experience before they started. Most came from call centers, non-technical and non-managerial roles.

Oonagh and her team did, however, seek out individuals who were capable of training on.

Each of the 200 applicants was invited to complete a pre-learning form and assessments, set via the skills evaluation platform Immersive Labs. Interviews revolved around scenario-based questioning. Applicants rated their PC and IT literacy, both to ensure competence and focus training on the right skills gaps.

“We did look for synergies in [applicants’] existing experience and skillsets that could transfer well into cyber roles,” Oonagh explains. “But the most important characteristic we looked for was a desire to learn and embrace a new career.”

Instead of imposing fixed targets for diversity, equality, inclusion, and belonging (DEIB), “we had a core commitment that we wanted to have a diverse mix of people within the program.

“We achieved this naturally rather than through a formal process. But as supporting and increasing social mobility was also a key focus in our selection process, this also encouraged broader diversity. This resulted in an over 40% gender/ethnicity split, and strong age diversity too. We had applicants with a prior length of service ranging from 1 to 25 years.”

image

Training in a digital classroom

Despite all the advances in remote communication achieved since the outbreak of Covid-19, distance learning courses remain blighted by problems. Students, trainers, and commentators often report problems such as ineffective communication, late and insufficient feedback, and a lack of clarity over tasks and expectations.

To head off these potential issues, CAPSLOCK has created a digital classroom in which it divides learners into small groups. It provides classes via Teams and personal communication via Zoom and Slack.

The program is based on both interactive content and lab-based activities. CAPSLOCK delivers practical training, simulating the kind of challenges that cyber-security consultants face every day, rather than bombarding learners with complex theories.

“Real industry problems are solved by learners working in teams,” Oonagh says. “They start from day 1 as a consultant… and work towards creating innovative solutions to cyber problems.

“An example might include creating a new cyber information policy or joiners, movers, and leavers process, conducting a risk assessment or reviewing a penetration test report and creating a remediation plan.”

BT and CAPSLOCK assessed participants every week at individual, group, and project levels, working towards accreditation from the Chartered Institute of Information Security (CISSeC). Along the way, they received mentoring from BT’s team, both from security operation center managers and staff who had experience with the company’s other talent entry programs.

A growing body of research supports the use of mentors in e-learning. Jonathan Muir, of Leeds University Business School, has written that mentoring “can prove useful in helping colleagues develop the required skills and competencies while providing personal support, encouragement, and empathy.” Oonagh is equally positive, saying that her mentors “could provide direct, real-world knowledge of what it’s like to work in cyber” while providing “as broad a range of insights and perspectives as possible.”

100% completion: The outstanding results of BT’s boot camp

Indeed, all the metrics suggest that the program has been a resounding success.

All 30 members of the cohort have successfully completed both the CAPSLOCK Cyber CE-CSP accreditation and the ISO20K requirement certification, having achieved an average score of 86% across all assessments (completion required 70%). Ten of the initial intake have chosen to take on additional courses, assisted by mentors. CAPSLOCK’s evaluation of technical aptitude found that three learners were average, 12 were good, nine were very good, and five were excellent.

Eight months on from graduation, all learners are now working in cyber roles at BT, tailored to their specific achievements within the course. BT gave allocated roles in governance and assurance to those that scored well on the governance topics. Meanwhile, those who performed more strongly on technical modules are working in fields such as DDoS, security architecture and design, and forensics.

To aid their assimilation, BT will evaluate graduates from the CAPSLOCK program alongside their peers in ‘standard’ annual and ongoing performance assessments. It will also tailor quarterly coaching sessions to each graduate’s new role.

Anecdotal feedback suggests several graduates are already leading customer meetings and making recommendations. And the feedback from the learners themselves is even more telling.

The course has been tough, no doubt; one learner has admitted to suffering imposter syndrome during the course, while another said they were “mentally and physically exhausted.” However, the graduates have been quick to praise CAPSLOCK’s “amazing team-based approach” and “detailed structure learning path.”

What’s more, the course has unlocked a huge amount of potential which might otherwise have remained untapped. As one team member put it, “to come from where I was when I was growing up to now is such a strong achievement. If I can do it, anyone can.”

Continuing CAPSLOCK: Further plans for solving the cybersecurity talent crisis

It is little wonder, then, that Oonagh and her colleagues are looking to run the program in the Autumn. Over 1,000 colleagues have already expressed their interest in future cohorts; Oonagh says that recognition inside the company “is definitely not an issue.”

What’s more, other companies are now looking to follow suit.

“Other organizations have spoken to us about our experiences of reskilling via the CAPSLOCK program,” Oonagh says. “We’re happy to share learnings and experience with other companies.

“Tackling the cyber skills gap can’t be achieved by any one company in isolation. It requires a collaborative effort across the industry.”

BT’s work to solve the cybersecurity talent crisis is not just a pioneering step forward to shape the future of cybersecurity in the UK. It also serves as an excellent example for those organizations in any industry that aim to address talent shortages through careful training, reskilling, and inclusivity.

Subscribe to get your daily business insights

Related Articles

How can businesses encourage their Gen Z employees back to the office to get ahead in their careers?

Departing PWC boss, Kevin Ellis CBE, recently made headlines by claiming younger ‘Gen Z’ employees should work from the office more to...

  • David Banaghan
  • 2w

The new rules of workplace excellence: Balancing culture, accountability, and human potential   

In this engaging Q&A, Robin Daniels, Chief Business Officer at Zensai, shares his unique perspectives on workplace excellence. With a wealth of...

Over 55s are being locked out of workplace skills training opportunities

One in three UK employees in the UK are over the age of 50, but a large proportion of this generation are being overlooked for workplace...

Who provides better career advice? Managers vs. ChatGPT

Shifting gears in career advice Technology's rapid change and evolving career goals are forcing a rethink on how we give career advice....

The impact of regular 1:1 meetings on team performance

1:1 meetings can be the secret weapon for strong employee-manager relationships. These chats, often squeezed between tasks, are more than just...

AI and automation are redefining skill longevity

Remember those days when a skill could stay relevant for a decade? Those days are gone. Technological advancements are happening so quickly that the...

Career development culture - your key to a flourishing workforce

The job market is on fast forward, and companies are transforming to keep pace. They're making career development a central pillar of their culture....

A HR leader's guide to using talent assessments more strategically by Aon

30-second summary The concept of the 'workforce of the future' is becoming increasingly important in the post-pandemic world, and companies need...

  • Aon
  • 11m
Sign up to our Newsletter