2023: ACTIVITY REPORT OF THE CYBER SECURITY COALITION

Today, the biggest challenge in the area of cyber security is an atypical skills gap. The sector does not simply suffer from vacancies. “The aggravator is that the cyber sector and the threat landscape are evolving so fast that the people already working in the sector and their skills cannot evolve as quickly as needed. Combining these two, the vacancies and the need for up- and reskilling, makes the sector, the cyber employees and the skills gap very unsteady”, Despina Spanou explains. 

The first challenge is to retain and evolve the current workforces. “The current cyber security professionals are suffering from fatigue, stress and sometimes even burn-outs due to a high workload and crisis management. We need to retain the workforces we have today and keep them relevant. For example, we need to invest in the people already working in the sector to deal with artificial intelligence, which has brought new elements in the threat landscape.” 

Challenge within the challenge 

Next to the challenge of retaining workforces, the sector also needs to attract new talent. “Not enough new people start working in this field of expertise. I have met a lot of young, talented people in international cyber security championships. When I ask them if they want to do this as a job, they politely decline. We need to promote the appeal of the sector, to attract talented people and to convince young graduates who start their education or professional career to orientate themselves towards the cyber sector.” 

As a founding member of the Women4Cyber initiative, Despina also addresses a third challenge, namely not having enough women in the sector. “Cyber security is not the only area that shows this deficit, it occurs in all technical fields and STEM oriented areas. We need to encourage young girls and convince them that this is not a field exclusive to men.” These are the challenges within the challenge for the cyber security sector. 

Beneficial to all 

In April 2023, the European Commission launched the EU Cybersecurity Skills Academy, a platform created to address in a coordinated manner the many challenges related to the cybersecurity skills gap. “A lot of Member States are already trying to unite forces. In Belgium, the Cyber Security Coalition is a great example of the solid cyber ecosystem that has already been built. Members learn from each other and support each other. The Coalition will benefit from using our Academy as an opportunity to offer trainings, education, (re)skilling and to look for work forces that find refuge in this Academy.” 

The Cyber Security Skills Academy was built with the aim of housing all levels of skills education. “It is a one-stop-shop for cyber security training offers, funding opportunities, syllabuses for schools and universities ... Whether you are a young professional seeking to get new skills to enter the field of cyber security, or you are an organisation providing trainings, you can find or pledge training or reskilling opportunities. By bringing everything together, we provide solutions that reduce the skills gap in the short term, the medium term and eventually the long term.” 

Evaluate and improve 

The Academy is currently hosted on the EU Digital Skills and Jobs Platform of the European Commission. “The Commission’s role is temporary. We continue to be part of the management of the Academy, but we involve other actors such as ENISA, the EU Agency for Cybersecurity, and the EU Cybersecurity Competence Centre. It should quickly become a sustainable European infrastructure hosted by EU Member States.” 

Since the launch in April 2023, the initiative received 12 pledges from private companies, training and certifying organisations, and academia that offer training and up- and re-skilling opportunities, etc. All pledges, which have to meet specific criteria to be housed under the Academy, have to be assessed after 6 months in operation, in order to be able to measure their impact and success. “Since most pledges started around the summer, we will know very soon how many people have already engaged in them. We certainly aim to (re)skill thousands of people all over Europe given our current needs”, Despina Spanou concludes. 

There is no doubt that awareness of cyber risks has grown over the past years. But the actual impact of a cyberattack has risen sharply, as well. And thus more action is needed. There is still a lot of room for improvement, including amongst SMEs. Joyce Proot, director of Technofutur TIC and Technocité, two Hainaut-based competence centres that have set up an extensive cybersecurity training offer: “The need to raise awareness remains enormous. Many SMEs still consider cybersecurity to be a matter of password selection and a firewall; they remain unaware that protection should involve every employee.” 

Training tailored to every need 

Reflecting this reality, there have been a number of new training modules created within Technofutur TIC over the past year. “For example, we have developed training webinars for local administrations,” Proot explains. “We also organise a more advanced hybrid training programme for people with IT-related functions in companies. We address both the technical and the governance sides of cybersecurity. Among other things, the aim is to teach participants how to carry out a thorough risk analysis. And we familiarise them with legislative initiatives such as NIS2, etc." 

Because the need in the field remains acute, Joyce Proot wants the training offerings to reach even more people in the coming years. “We will, for instance, offer free seminars. By making them aware of the existing risks and potential impact, we hope to convince more people to sign up for one of our advanced training courses, which are given by a diverse group of experts. At Technocité, we also have a training course that goes a step further, and aims to train people to become a real reference for cybersecurity within their company. This course also applies to jobseekers.” 

The need for a Disaster Recovery Plan 

Alongside these training courses, both competence centres try to engage in awareness-raising through specially designed games. “For instance, we have an escape game that aims to teach participants how to deal with the different cyber threats. We especially want to show how much more than traditional phishing is involved. Our so-called cryptoparties have a similar goal. These are actually coaching workshops. Here, participants learn how to set up a security system.” 

An important common factor in these initiatives is to demonstrate the potential damage from a successful cyber attack. Joyce Proot: “The reality today is that, when an IT system goes down, the entire business stops. So cybersecurity is indispensable for your company. We must make it clear to SMEs who still think they are not an interesting target, that this is a totally wrong reading of reality. They too need to work on a Disaster Recovery Plan, which a lot of large companies already have in place today.”  

“By focusing on raising awareness and getting more people to our training sessions, we want to achieve a shift among SMEs. As an important part of the ecosystem, the Cyber Security Coalition offers significant added value to this,” Proot concludes.   

"In 2017, we were the first University college in Wallonia to launch a fully-fledged cybersecurity course," opens Fabian Restiaux, Director of Engineering Sciences and Technology at Hénallux (Haute École Namur-Liège-Luxembourg). "At the time, we responded to an existing demand in society for training, which was palpable in the media and politics. This was also evident in the field. In the first year, for instance, we immediately had 185 enrolments for the bachelor's degree in cybersecurity." 

Responding to trends and screenings  

That trend continued in subsequent years. "Over the past few years, around a hundred students have graduated with us each year. Due to the high demand on the labour market, almost all of these profiles also find work in the sector," says Fabian Restiaux, who at the same time also clearly emphasises that the programme is subject to constant evolution. "We try as much as possible to work on cross-fertilisation between cybersecurity, robotics and AI. Three courses that are inextricably linked in terms of content." 

Furthermore, the results of screenings and analyses of its own operation are also taken into account as much as possible. Since this year, for example, Hénallux has installed a new structure for first-year students. "From now on, all students within the field of computer science receive the same curriculum for the first four months and only after that have to choose which specialisation they want to continue in," explains Restiaux. "After all, we want students  to choose a particular specialisation more consciously. Cybersecurity is obviously one of them.   

This reality of rapid change can obviously only be realised in practice thanks to a well-informed and committed group of instructors. "We have to admit that in reality, keeping them on board is not always easy. After all, they are very desirable profiles on the labour market and therefore often receive very interesting offers from private players," it sounds. 

Network and knowledge sharing  

Additionally, educational facilities themselves need to be extra alert to cyber risks. "Due to the fact that we train students to deal with all kinds of attacks, in reality many of these systems are also set up within our own environment. Therefore, we ourselves must always be extra vigilant and develop an architecture capable of dealing with this increased risk. Being able to rely on membership of the Cyber Security Coalition and the knowledge sharing it provides is a big advantage in this respect," Restiaux explains.  

This also immediately accounts for why Hénallux puts a lot of time and energy into strengthening its own network. "For example, we have established a partnership with Sweden, which allows us to offer our cybersecurity students an exchange programme. Talks are also ongoing with institutions in Finland and Malta. In parallel, we are also major advocates of European initiatives set up to achieve a more widely supported standardisation of cybersecurity courses," Restiaux clarifies. 

This, he says, is also a key concern for 2024. "The number of cyber training courses has boomed in recent years. For example, a lot of technology players today also offer their own training programmes. This makes it increasingly difficult for interested parties to find their way around. That is why a clearer system of benchmarking is needed. Certification from Europe is probably the most appropriate way of doing this," concludes Restiaux. 

Cyber security has quickly become a necessity for organisations all over the world. Schools and universities are adapting their offerings to address this need, and there are numerous initiatives for facilitating employee reskilling or upskilling. BeCode is a social impact school with four campuses in Belgium; it provides technical training on web development, artificial intelligence and cyber security, for people who are vulnerable on the job market. “Our school is bridging the digital divide, and delivering a solution to the talent scarcity at the same time," CEO Béatrice de Mahieu explains. 

BeCode offers a step up from unemployment, to fill the need for tech talent. “As a social impact school, we can be compared with the VDAB, Actiris or FOREM. Younger people who are disconnected from work or studies, people who have been unemployed for a longer period, refugees, etc., can enrol in a course," Beatrice continues. “Anyone who is on unemployment benefits can join, as long as they are motivated and willing to learn.” 

Hands-on bootcamp 

Ludovic Patho is in his sixth year of work at BeCode. Starting out as a coach in web development, he now conducts trainings and creates curricula for the cyber security courses. "I noticed during my web development coaching sessions that there is a lack of knowledge about security in general, and cyber security in particular. Conversely, there are many job opportunities in that niche. That is why I created the cyber security bootcamp," Ludovic says. 

After months of brainstorming and content gathering, the first bootcamp was organised in Charleroi in 2022. “The first edition had 28 participants. The bootcamp takes place on weekdays from 9 to 5, and lasts a total of seven months. After four months spent learning the basics, the students get to choose the field of cyber security in which they want to operate: attack or defence. Over the next three months, our career coach fully prepares them for their internship at an enterprise. They learn how to write a CV, apply for a job, etc.," Ludovic continues. 

Successful initiative 

This year, 55 participants have already signed up in Brussels, Ghent and Charleroi; the bootcamp will also be held in Liège starting this autumn. Béatrice de Mahieu: “All of last year’s participants quickly found a company for their internship, and were hired afterwards. A lot of companies are recruiting cyber security profiles on a regular basis. We feared the pool of candidates would become too big, but the demand is extremely high. All of this year’s 55 students, who are eager to start, will be able to find a job in no time.” 

These figures confirm the demand for these profiles on the market, although diversity remains an issue. “The low representation of women in the cyber security bootcamp - only 12% so far - concerns us. We are trying to inspire and show girls that there are a lot of jobs in cyber, not only technical ones.” 
 
Joining forces 

As one of the structural partners for cyber security at BeCode, Microsoft recommended that Béatrice get in contact with the Cyber Security Coalition. “When we started our cyber security bootcamps, the Coalition opened doors for us, introducing us to their partners, and putting us in contact with companies recruiting cyber security talent. Our final aim is that companies will come to BeCode to find cyber talents, and support us with various kinds of financing or partnerships,” Béatrice says. 

To achieve its goals, BeCode needs to attract participants and raise funds. “BeCode’s offering is completely free for the participants. Our financing comes partly from subsidies, partly from donations by companies or individuals; we also rely on the companies who support us through contracting for vacancies. In future, we hope to raise enough money to increase our offerings and train more students to reinforce the work field.” 

Cyber Award 

BeCode has submitted two candidates for the Cyber Security Personality of the Year award. Béatrice nominated Ludovic, while Ludovic nominated one of the participants from the first bootcamp. “Maria Silva is a young, female professional who was recruited by Orange Cyber Defense immediately after the bootcamp,” Ludovic explains. “The awards are a good way to shine a light on the different kinds of profiles needed in cyber security,” Béatrice de Mahieu concludes. 

Based on the input from its members, the Cyber Security Coalition is well-aware of the continuing massive shortage of cyber security experts. A range of initiatives will be needed to close the gap: Passwerk is one of them. “People on the autism spectrum can have the right competences for technical jobs that need a lot of precision. We want to use their talents to test and develop software, follow up support processes, etc. Since last year, we have also been focusing on cyber security; more specifically on the profiles of security operations centre (SOC) analysts,” Guillaume Dewyn, Customer Relationship Manager at Passwerk, explains. 

Passwerk was founded 15 years ago, and during that time, the organisation has won the trust of more than 250 customers who rely on the organisation to find the right match. “We have about 185 consultants. Passwerk's great strength is the expertise of our job coaches, who guide both consultants and clients. The job coach team consists of colleagues with an ortho pedagogical and psychological background, who understand our consultants through and through. 80% of assignments are long-term, and 95% of consultants follow the client's work regime,” Guillaume says proudly. 

Perfect match 

To match the right consultant to the right assignment and the right company, Passwerk has set up an extensive matching process. “Our consultants are our main priority. We want to know them thoroughly before assigning them to a position. It is equally important to get a good view of our client's corporate culture, environment and expectations, which is why we do an on-site survey. When we think we have found the right match, both parties are prepared by our job coach. The job coach, on the one hand, explains to the consultant what they will be doing, where they will work, and what the company’s practices are. On the other hand, they also inform the customer about autism and which aspects apply to our consultant.” 

There is no denying that employing someone with autism requires specific effort. “We work with very diverse profiles, which is why matching is so extremely important. Our consultants mainly have mild to moderate diagnoses. Some are very stimulus-sensitive, others need communication support, and some need to know clearly who to contact for which problem,” Guillaume clarifies. “Every two weeks, there is a check-in with the job coach, the consultant and the client to follow up that everyone is feeling comfortable with the cooperation.” 

Win-win-win 

According to Passwerk, there is no context in which someone diagnosed with autism spectrum disorder would not be able to participate. “It is a conscious choice to keep our client portfolio as broad as possible: the federal and Flemish government, financial institutions, industry, pharma, retail, etc.,” Guillaume lists. “Our consultants are passionate, conscientious and have a very good eye for detail. Employing their qualities and making the best use of their talents means a win for society, a win for our client, and a win for our consultant. It is incredible to see how they gain self-confidence and blossom thanks to these professional opportunities.” 

If the job context changes, for example, if the consultant outgrows the company or vice versa, the search for the right match restarts. Guillaume Dewyn: “At Passwerk, our consultants have job security without the stress of applying for a new job every time. If they find themselves temporarily without an assignment, or they want to go in a different direction, they can follow trainings in our Academy.” 

Reskilling Academy 

The Passwerk Academy gives new and seasoned consultants the chance to reskill. “Since September 2022, together with partners such as Sébastien Deleernsyder of Toreon (Cyber Security Personality of the Year), we have been offering a SOC level 1 analyst training course. 50% of the training consists of learning how to analyse and monitor networks and systems for suspicious actions. The other 50% is learning to properly draft written reports. This isn’t entry-level training: participants need a CCNA certificate, which is the minimum basic knowledge of networks,” Guillaume explains. 

Six intensive weeks of online lessons are followed by two weeks of internship, often resulting in a first assignment. “We have trained 10 people in one year, one of whom has already progressed to SOC level 3. We often see that even in their spare time, the consultants continue to work on the subject matter, through passion and interest. This allows them to strongly grow their expertise in a short time. In our opinion, the training offers a new way to engage a larger population of people on the autism spectrum in the cyber security labour market,” Guillaume Dewyn concludes. 

As the youngest of eight siblings, Ibrahim Ouassari grew up with plenty of well-educated role models. Yet, he himself left school at the age of 13. “Even with role models and academic support at home, the educational system is just not for everyone,” explains Ibrahim, recounting the personal journey that led him to the field of technology. 

His first encounter with it involved secretly trying to download music from the internet; an experience that eventually ignited a fervour for technology. Years later, he oversaw four companies.

“Technology and entrepreneurship were quite accessible for me. However, when I spoke with young people from my neighbourhood, it became clear that they didn’t see any opportunity or perspective in the sector. This motivated me to start MolenGeek, to prove that technology is accessible to all, even without an academic background,” Ibrahim continues. 

Strong business model 

MolenGeek is built on three main pillars. “We offer a coworking space, both long- and short-term training programs, and dynamic events such as Hackathons, Geektalks, workshops and more. Our goal is to provide employment prospects based on motivation alone, without prerequisites or certifications,” Ibrahim says. “We remove all other types of barriers. We overcome the mental barrier - that they are not cut out for a job in tech – with our welcoming environment. We eliminate the financial barrier by offering everything for free. You don’t have the right material to join a course? We can lend you a computer. In other words, we take away their excuses for not starting a career in technology. The only criteria are to be at least 18 years old, unemployed, and proficient in one of Belgium’s national languages.” 

The project was warmly welcomed by the technology sector. Partnerships with major companies such as Google, Microsoft, Meta, Amazon, Proximus and PwC bolster the organisation financially. At the same time, Ibrahim has designed a self-sustaining business model: “We are proving to companies that individuals without a formal academic background, yet with the right skills, can contribute substantial value. Enterprises willingly engage us to find and train their workforce. With this funding, we sustain our growth.” 

Adapting to demand 

MolenGeek is constantly evolving, including national and international incubators, and adapting to the ongoing development of technologies. The digital sector is booming and MolenGeek is riding the wave. “MolenGeek now has eight incubators: three in Belgium, three in the Netherlands, one in Italy and one in Morocco. Last year, we trained 400 people in Belgium alone. Six months post-training, 85% of them had secured careers in the sector. We believe this percentage will have risen even more a year later.”  

In partnership with Microsoft, MolenGeek introduced a specialised Cyber Security training. “Microsoft connected us with several companies seeking talent in cyber security, particularly for the role of SOC analyst. Given our students’ non-technical backgrounds, we created a training with content adapted to their capacities. For example, we use a lot of metaphors to make it easier for them to understand. The goal is to learn what a SOC analyst does, and to obtain three related Microsoft certifications.” 

Collaborative work 

Companies are finally recognising the need to regain control over their cyber security, which is why they are counting on Ibrahim and his team to provide them with the necessary experts. “This cyber security training is just the beginning. We hope to develop more trainings on other cyber security topics, such as pen testing. In this way, we aim to provide companies in Europe with a maximum talent pool for crucial jobs such as cyber expert.” 

To find and attract students, MolenGeek uses its social networks. To engage with companies, Ibrahim explains, “Initiatives like the Cyber Security Coalition play a pivotal role in spreading MolenGeek’s message. Companies need to know that they can rely on us to solve the talent shortage. With their input, we can also develop our trainings to match market demand. In other words, we all benefit from communicating and collaborating.”