Accessible approach helps companies train ‘homegrown’ security champions, ready to defend against hackers and data breaches
An innovative cyber security training course designed and developed by the BIT Group (BluescreenIT), in collaboration with the East London Institute of Technology and the CyberHub Trust, is boosting essential cyber security capabilities in businesses within the region. The Information Security Analyst – Foundation course is designed to give IT professionals who are already in work a thorough grounding in cyber security skills, equipping them to protect their organisations and customers against costly and damaging cyberattacks and data breaches.
The BIT Group – a specialist in bespoke IT and cyber security training for commercial and further education organisations – teamed up with the East London IoT and the CyberHub Trust as part of a Department for Education (DfE) In Work Skills Pilot, to design the training programme. The BIT Group is also delivering the course on-site.
The course has been created to help address the 10,000-person shortfall in the UK’s cyber security recruitment pool, identified in a 2021 government study. The approach enables employers to build information security resources internally, without needing to hire new people or invest in external support. Aimed at making cyber security skills more accessible, the training provides a broad insight into ‘everything cyber’, running on alternate weeks to fit around participants’ day jobs. The skills they learn also give their employer a starting point to work towards the government-backed Cyber Essentials scheme, developed to help organisations defend themselves against online threats.
Participants are trained within the CyberHub Security Operations Centre (SOC) at the East London IoT on Barking & Dagenham College’s Rush Green Campus; a fully-functional security operations environment. This makes the East London IoT one of only three Further Education Providers in the UK – and the very first CyberHub – to have its own on-site SOC, giving professionals a unique opportunity to learn in a hands-on way in a realistic environment.
The 10-day course has attracted participants from a number of high-profile global companies including HSBC, HMRC, TikTok and Amazon.
Muhammed Khan, an Open-Source Software Risk and Compliance Specialist, said after completing the course: “I’ve always had an interest in cyber security, and wanted to upskill myself to hopefully help me land a role in this industry. The most valuable thing was the mixture of theory and practical based learning, which is crucial as the industry values this. I’ve recently accepted a new job offer and I’m certain the skills, knowledge and experience will help me on a day-to-day basis in my role.”
Ben Franklin, CTO of the BIT Group, says: “There’s a nationwide shortage in cyber security skills, and we want to play a role in driving capabilities up at a UK wide level – particularly in areas where this is currently underfunded. The course we’re delivering with ELIoT helps companies address the skills gap by educating professionals who already understand IT in how to secure it. This also helps stimulate a culture of security across these organisations – many of which don’t have a dedicated security department – by developing ‘homegrown’ security champions who can create and sustain momentum internally.”
The courseware has been accredited by the NCSC and the AMPG Security Foundation. Participants take back to their organisations the knowledge and competencies necessary to safeguard their network, customers and communities against rising security threats, including ransomware.
The syllabus of the Information Security Analyst – Foundation course covers a comprehensive range of topics, to enable teams to understand their organisation’s security baseline, and cast light on vulnerabilities so these can be proactively addressed. These include:
· Methodology of security – and the defence in depth approach
· Vulnerabilities and risks, and what these mean to the business
· Service management
· Working within the security operations centre (SOC) environment
· Effective incident response
· Security of industrial control systems and CNI (critical national infrastructure)
· Risk management – including national and global frameworks and standards.
The BIT Group now plans to roll out similar bespoke courses in partnership with further education establishments in other areas of the UK. It will also offer to develop similar courses in partnership with organisations and enterprises that wish to offer it in-house.
Shafaat Shah, Curriculum Manager – Business, Professional & IT, ELIoT/Barking & Dagenham College comments: “The College and its partners play a vital role in upskilling people who are already in jobs, to help develop their careers and provide the talent that businesses need for the future. This pilot training course provided a more accessible way to access cyber security training for SMEs, enabling their existing staff to upskill, gaining in-house expertise in this crucial area.”
Michael Klonowski, CEO of the CyberHub Trust, said: “The digital landscape is expanding exponentially and, as a result, cybercrime and the need for cyber security solutions is also growing, meaning there are some incredibly exciting career opportunities on offer. Our unique CyberHubs allow us to work together with government, law enforcement, educators and digital experts to develop and deliver pioneering Cyber, Cloud and Digital courses, work experience and, ultimately, careers.”
Comments