With National Apprenticeship Week taking place this month, there’s no better time to reflect on the importance of apprenticeships for the cybersecurity sector.
One of the biggest – and most unifying – challenges across the industry is the resource gap and lack of skilled security professionals. It’s a significant problem that organisations are constantly grappling with in their quest to source and retain talent.

Kevin Curran, IEEE Senior Member and Professor of Cybersecurity at Ulster University, highlighted: “A recent government report indicated that around half (44%) of all businesses have skills gaps in basic technical areas. This is driving up wages for the most sought-after roles – a trend that will likely continue into the foreseeable future, and one that should motivate any young person considering a career in this field.”
Muhammad Yahya Patel, Global Security Evangelist and Advisor, Office of the CTO at Check Point Software, highlighted that many organisations have stringent hiring requirements, which often create barriers for entry-level candidates who lack industry experience.
“This gatekeeping makes it nearly impossible for junior professionals or those with limited backgrounds to secure jobs in the field,” he said. “While we are seeing a rise in apprenticeships and entry-level roles, these opportunities remain scarce compared to the demand for skilled cybersecurity professionals.”

Iain Jackson, Academy Hive Leader at CovertSwarm, added that, with data suggesting that 3.5% of the cybersecurity industry are leaving the sector each year, it is clear that CISOs must ‘work harder to attract and retain new talent’.
It’s key that new entrants to the industry must be empowered through creative tasks to motivate and grow skills, he said.
“Far too often, HR departments in apprenticeship recruitment often limit entry-level employees to routine tasks and grunt work in red team operations, rather than giving them opportunities to engage in more imaginative and creative opportunities,” he said.
“As a result, those completing apprenticeships can often be discouraged from progressing throughout the sector, effectively limiting a candidate’s growth and long-term development.”
Closing the cybersecurity skills gap and attracting new, diverse talent through apprenticeships begins with nurturing the passion and ambition of candidates, fostering imaginative problem solving while empowering them to develop a wider skillset, such as performing cybersecurity assessment activities against complex networks, according to Jackson.
“A more effective approach to fostering a strong cybersecurity apprenticeship culture stems from companies adopting a multi-dimensional perspective that goes beyond specific qualifications, considering candidates through a more holistic lens,” he said.
“For example, throughout the interview process, delving into whether a candidate exudes passion and self-motivation, or is a cultural fit are just as equally important factors alongside qualifications that CISOs should consider.”
Unfortunately, many employment opportunities in the cybersecurity sector struggle with structures whereby entry-level workers are too often treated as just a form of cheap labour, rather than being empowered to think creatively about the evolving nature of cybercrime,” he added.
“Key to engaging cybersecurity apprentices in 2025, CISOs need to overcome barriers within these current task delegation frameworks.”
He highlighted the success of Covertswarm’s academy programme which does not require any previous qualifications to enroll.
“Instead, we engage prospective learners by prioritising an ambition to learn how to be creative in tackling cybersecurity challenges through comprehensive training in red team operations, covering ethical hacking, social engineering and physical compromise,” he said.
“The programme not only focuses on technical acumen but also emphasises essential soft skills such as communication, teamwork and problem-solving in the cybersecurity realm. As a result, we’ve recruited staff from a range of different backgrounds – such as electricians, builders and ex-military personnel.”
Muhammad Yahya Patel, Global Security Evangelist and Advisor, Office of the CTO at Check Point Software, added that another major challenge within the industry is the difficulty in finding skilled resources at reasonable salaries – and apprenticeships offer a viable solution to this problem.
“They offer a lower-cost way to bring in new talent while providing formal training, hands-on learning and mentorship. By investing in apprenticeships, companies can develop their workforce in-house rather than competing for expensive, fully trained professionals in the job market,” he said.
In addition, one of the biggest barriers to hiring in cybersecurity is the industry’s insistence on prior experience.
“This creates a paradox – companies need skilled professionals, yet they aren’t giving newcomers the chance to gain the required experience. Apprenticeships help solve this issue by combining formal education with real-world experience, allowing apprentices to build the necessary skills over time. Ideally, after two or three years in an apprenticeship, these individuals will be well-equipped to transition into full-time roles within the industry,” he said.
“However, there is still a lack of awareness at the executive level about how apprenticeships can be integrated into talent acquisition strategies. Many C-level leaders and CISOs still associate apprenticeships with traditional trades like construction or engineering rather than considering their relevance in IT and cybersecurity. This perception needs to change, as apprenticeships can provide a structured and effective pathway for developing skilled professionals in the sector.”
He highlighted that, on the positive side, there has been progress with the establishment of structured apprenticeship programmes across national and international organisations. These programmes offer training at various levels – ranging from Level 3 to Level 6 – allowing individuals to start as juniors and progress within the industry. Unlike in previous years, today’s apprenticeships provide a more comprehensive career development path.
“That said, there is still room for improvement. The industry, government and academic institutions must take a more strategic, standardised approach to ensure that apprenticeship programmes consistently deliver on their promises. Some programmes fail to meet expectations, leaving apprentices feeling misled about the training and career prospects they were promised. Establishing clear competency benchmarks and ensuring a consistent level of quality across apprenticeship programmes would help maximise their success,” he said.
“C-level executives need to drive a cultural shift in hiring practices by recognising that cybersecurity talent can come from diverse backgrounds – not just traditional degree programmes. The mindset of only hiring graduates needs to change, and this shift must be led from the top down.
“Organisations should actively consider candidates who have taken alternative career paths, such as self-taught professionals, those with industry certifications, or individuals transitioning from other fields. Embracing this broader approach will help bridge the cybersecurity skills gap and build stronger, more resilient teams.”
He added that, if structured correctly, apprenticeships can play a crucial role in bridging the skills gap in cybersecurity.
“With proper implementation and support, they can provide aspiring professionals with the experience they need while helping organisations build a strong, cost-effective talent pipeline for the future,” he said.
Kevin Curran, IEEE Senior Member and Professor of Cybersecurity at Ulster university, highlighted how technology shifts impact the skills requirements.
“Cloud security experts are in high demand right now. However, it will soon be difficult to find professionals with the necessary skills to secure a cloud infrastructure, especially as the platform grows in complexity. Even now, it is hard to find cybersecurity staff with good experience in this area. As the technology evolves, new challenges will arise resulting in even more high paying specialist jobs in this area,” he said.
AI is also likely to have a major impact on the cyberskills landscape so it’s crucial the industry maintains a steady supply of diverse, highly skilled and adaptable professionals to meet the needs of our growing digital economy, he said.
“While university degrees are currently the preferred mode of training, apprenticeships may be the solution here as they have been in many engineering disciplines in the past. This would require further investment and greater collaboration between government and industry leaders,” he added.
“Businesses need to plan ahead by providing plenty of opportunities for staff and young people to learn and take charge of their careers. At the same time, the education sector has a responsibility to address the talent shortage and make students more aware of the career opportunities available in the cybersecurity labour market. It’s a challenging but incredibly rewarding career.”