The cyber skills gap in the UK has been getting wider. So many jobs, so few suitably qualified candidates. While there are apprenticeships and degree courses, these are long-term measures and are not producing enough candidates for the ever expanding jobs market.
Enter CAPSLOCK, a company that has a different approach that suits adults looking for a career change. The bootcamp is intense 16 weeks full time. Shared Income Agreements ensure learners can take the course without paying up-front. Instead, they pay in instalments once they have secured a job earning more than £25,000 pa. Best of all, it gives learners hands-on experience of solving real world cyber security problems that makes its alumni very attractive to employers.
CAPSLOCK uses a flipped classroom approach. Instead of lecture theatres and PowerPoints, learners are given real cybersecurity problems faced by companies and learn the skills they need on the job. This puts their trainees ahead of the game when it comes to interviews as they can draw on their experience and show examples of practical work they have completed.
‘There is a place for absolutely everybody in cyber, whether you’re technically minded or not’
Emma was a hairdresser and makeup artist, running her own business for ten years. When Covid hit, her income nosedived and she cast around for alternative employment: ‘I used to be into web design and coding when I was younger. I heard about CAPSLOCK and worked my way through the pre-course pretty quickly because everything was just so interesting. You have to complete the pre-course to be accepted onto the main course. It’s to make sure that you can put in the hours and can process the information.
They split you into teams of four to six people and you work with them for the whole course. You are working for a fictitious company that has different security issues. The good thing about CAPSLOCK is that It gives you experience rather than just a paper qualification. You start with a problem and work to solve it, building your skills, knowledge and experience so you have evidence to show a prospective employer. For example, we had to help a junior member of staff to do an internal audit on a department, so we had to create a flow chart showing the steps that this person would take.
To begin with I thought I was interested in a technical role, checking alerts, keeping an eye out for malware and different attacks and I had quite a keen interest in threat intelligence. But in week six or seven we covered GRC, which is governance, risk and compliance. I found it tough but now I find it interesting to see how policies are created, how they fit in with different legislation.
When you’re on the course, it’s so intense. You learn everything so quickly that you are not aware of how much you know. But when you start going into meetings in your new job, you remember things from your training. This is why it has such an appeal to employers. They have been offering candidates jobs before the end of the course.’
Emma was delighted to find she didn’t have to pay any fees upfront. It will take Emma three years to repay the cost of her course. She is currently working as an Information Security Governance Analyst for abrdn, a financial services company, Even after repayments, she is earning far more than she ever did in hairdressing.
‘It has taken me out of my comfort zone but I am learning every day’
Laura worked as a medical researcher for over ten years, coordinating trials for clinical research until she realised that she needed to establish a better work life balance:
‘I did the CAPSLOCK pre-course and quite enjoyed it and thought maybe I did have skills that I could bring to the sector. The boot camp was intense. The course runs 16 weeks full-time from 9.30 to 2.30 and some days we worked later on an assignment based on the topic. I don’t think we realised at the time how hard it was. Also we needed to learn so many different skills, from drawing flow charts to using Photoshop. It’s good training because they teach you about finding information for yourself and you need to do this a lot when you get a job.
Now I work office hours and can work from home. I work on policies, processes, education. It is strange to be the junior person on the team and I have to keep looking up things or asking more experienced team members for help. Part of my role is to look at analytics, identify shortcomings and develop suitable training. At the minute, I see that we’ve got an issue with shadow IT, so I’m looking at how to get the information across to people. This can include anything from simulations to messages on screen savers such as: Have you got a strong password? Have you remembered to lock your screen? The course taught me that I have transferable skills that are of value to other industries.’
The CAPSLOCK boot camp opened many doors
Nicole has a Masters degree and worked for 10 years as a biomedical scientist within the NHS. When she had her children, she discovered that childcare costs made it uneconomical to return to work, so she became an ‘at home mum’, learnt how to make gold and silver jewellery and set up a business.
‘When COVID hit, it showed me just how fragile my business was, so I looked for an alternative. I was on the first ever part-time boot camp. I studied Monday to Thursday, 6:00 pm till 9:00 pm and I did that for six months. My biggest struggle was to trying to get my head round who would want to employ a mum of three who lived in the countryside, who was new to this sector and who would need a bit of flexibility while still making money? But I needn’t have worried.
The boot camp gave me confidence. We were in teams from the beginning and everyone was understanding because we were all in the same position, trying to improve our lives. I couldn’t have asked for a more supportive bunch of people, and I still talk to some of them all the time, even though I graduated 18 months ago.
The course was very varied. We learnt about Pentesting which is is short for Penetration Testing, a type of ethical hacking that tests the security and vulnerabilities of a computer system. We also covered audits and how to do different types of risk assessment. We even looked at physical security, looking at a Google map image and trying to work out if the terrain was suitable for electric scooters or there was a river nearby or a main road, or if the route was blocked by a fence.
We learnt different ways to communicate information. It wasn’t just formal talking, speaking, writing, or PowerPoint. This is one of the most important aspects of the job – knowing how to talk to people, how to relay a message to a senior stakeholder or to a junior intern or a member of the cleaning staff. That skill is in short supply in security: people get bombarded with technical words and they switch off, so having that ability to translate things in a meaningful way is really important.
I now work for PwC, one of the big four consulting companies. I have to come into London once a month and in some jobs not at all. My role at the moment is to make security accessible, to make it something that teams think about when they’re developing applications for clients. I love the flexibility of my job. I can still pick my children up from school every day, I can still take them to swimming lessons or karate lessons as long as my work is done.
My starting salary in this industry was more than I would earn as a senior scientist in the NHS. I can be a good mum and a good employee and I don’t think many careers out there allow for that. If
The company perspective
One company that has benefited is Capgemini, a tech consultancy that works with companies worldwide in fields as diverse as retail, transport, government and defence.
Mollie Chard is Early & Emerging Talent Lead. Her job is to attract graduates fresh out of university, apprentices and degree apprentices and identifying and partnering with organisations such as CAPSLOCK that find a fresh pool of applicants from other sectors and provide them high quality retraining.
‘The boot camp idea is breaking down the barriers,’ said Mollie. ‘Organisations such CAPSLOCK are offering an alternative route and what we’re seeing now in the industry is a shift away from the traditional view that everybody needs a degree to come into this line of work.’
Those who finish the CAPSLOCK bootcamp have other advantages. All learners receive the CAPSLOCK Ce-CSP (Certified Cyber Security Practitioner) certificate, accredited by the Chartered Institute of Information Security), when they successfully complete the course and there are four optional external certificates:
- Security+ from CompTIA
- Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance
- ISO 27001 Requirements from the British Standards Institute
- CISMP from the British Computer Society
This is a key advantage because companies need to keep an eye on learning and development costs.
Mollie believes that other companies could benefit: ‘The key is to diversify your hiring routes. By all means, continue to attract traditional groups such as graduates and school leavers who are also valuable, but also open your mind to alternative hiring routes such as CAPSLOCK, who offer talented individuals with a wealth of transferable skills.’
CAPSLOCK won ‘Best Online Distance Learning Programme’ at the Learning Technologies Awards in November 2022 https://capslock.ac/
Register for free
No Credit Card required
- Register for free
- Free TeachingTimes Report every month