When IT Meets Politics

June 13, 2016  3:49 PM

Is there really a Digital Skills Crisis?

Philip Virgo Profile: Philip Virgo
Apprenticeship, apprenticeships, BIS, Digital skills, European Commission, Pitcom, Trailblazer

This morning the House of Commons Science and Technology Select Committee released its report on the “Digital Skills Crisis”  This afternoon the House of Lords debated the government response  to its “Make or Break” report last year . Last week the European Commission published a proposal for a Skills Guarantee . Meanwhile BIS is ploughing ahead with byzantine routines for a return to the type of training grant and levy scheme that was  scrapped (for good reason) in 1980s.  Unfortunately though dead, the idea of grants and levies, job creation schemes for bureaucrats, will not stay buried. In 1992 I helped kill an attempt to revive it with a Bow Group Paper on the theme of “Training for jobs not just jobs for trainers”.  The processes proposed by BIS to fund “approved “training organisations to deliver apprenticeships which meet criteria dictated by officials not employers, make the average European “initiative” look like a model of efficiency.

I therefore applaud the recommendations by the Select Committee that

  • Government needs to work with closely with employers, higher education institutions and schools to understand the apprenticeship marketplace, to ensure that education aligns with industry’s requirements, and that apprenticeships are delivered in a flexible way to adjust to future changes in the digital sector”  (Para 54)
  • Government should emphasise the need for more digital skills components in all apprenticeships … ” (Para 55)
  • should review its Trailblazer initiative, making it more streamlined and accessible … simplifying the scheme’s processes” (Para 56) and
  • … make it easier for industry to partner with universities and colleges to support student teaching … work placements … allow the cost to be written off against the Apprenticeship Levy contributions” (Para 57)

I am less happy with the recommendation that  “The Government should review the qualifying requirements for the new IT roles added to the Tier 2 visa “shortage occupation list” , making it easier and more flexible for SMEs to recruit top talent from outside the EU” (Para 30).  The European Commission proposal for a “Skills Guarantee” to help adults stuck in low paid jobs is more forward looking but the Committee’s recommendation is perhaps inevitable,  given the 50 years of policy failure summarised in my evidence to the House of Lords report (see pages 1057 – 70) and referred to in my blog entry, describing the need to break out of groundhog day, when that report was first published.

The crisis is over. The patient is dead” .

We failed to use the past “crises” as a catalyst for change. Things came to a head during the run up to Y2K and the “false start” of the transition to mass-market, Internet-based on-line systems. My 2001 IT Skills Trends report was about surviving the bursting of the dotcom bubble and preparing for the skills that would be in shortest supply when recovery came – in 2005 – 6. But that recovery did not come. By 2006 demand and salaries for those jobs which could easily be moved off-shore had stagnated. Much of the software and support industry had come to be staffed by a mix of overseas systems development and imported contract labour. We were facing the consequences of our inability to retrain our existing workforce, let alone our failure to educate and train our children.  I stopped writing the reports. They had become too depressing and the only ones taking action were those who helped write them.

An Apprentice Levy without a credible, let alone efficient, Grant process

Today we have a curate’s egg  wth unemployed computer science graduates in parallel with unprecedented shortages of competent and trustworthy recruits for Fintech and Security roles and another exercise to dig up the dodo of levies and grants – this time with the grants ring-fenced to meet the costs of “approved providers”, officials trying to dictate the requirements that employers are allowed to have and different processes for England, Wales, Scotland and Northern Ireland. Last week I attended a briefing session for employers. Those serious about training their future employees with the skills they will need were already looking at how to bypass the system, writing off the levy as a payroll tax on those jobs they could not realistically subcontract or move out of the UK. It was, as the Commons Select Committee has pointed out, not only unfit for purpose when it comes to the needs of SMEs (Para 30), it looks unlikely to meet the evolving needs of those large firms who already train their own and/or those in their supply chains.

But markets do not stand still. The Commons Select Committee call for the annual “dynamic mapping” of initiatives against demand so as to create a long term mechanism for adjusting the strategy (Para 29) is therefore particularly welcome.

The recommendation that Government should commit “to work with the Tech Partnership to develop industry-led, vocationally focused careers advice …” (Para 43) is also most welcome, but this should be extended to cover school-leavers. We can no longer afford to peddle the immoral fantasy that the majority of our children will benefit from starting their working lives saddled with student debt after spending three years to become less employable than if they had been paid to do a graduate level apprenticeship. In 1982, in “Learning for Change” I attacked both

  • “the examination treadmill to which we chain our adolescent youth in a set of puberty rites crueler than those of primitive Africa, At least in Africa they do not label any of the participants as failures” and
  • our confusion of “education” with taxpayer subsidy for the middle class ritual of kicking the fledglings from the nest.

The many recommendations of the Select Committee with regard to computing schools in schools are worthy but the most important boring is  Paragraph 83 where it recommends working with the Tech Partnership “to raise the ambition for, and coverage of, industry led digital training, and to make it easier for business of all sizes to get involved“.

The need to “break open the educational ghettos” has been a key message since  1982, when PITCOM organised for relays of school-children (from 30 schools) to man an exhibition in the Upper Waiting Room of the House of Commons (26 computer systems, up to 14 running at any one time running off three power points, at a time when Parliament had no facilities for schools visits!). That exhibition was attended by 120 MPs: one returning six times to get a group doing Economics A Level to run variations on the Treasury Economic Model – hence my long-standing support for Donald Michie’s idea that MPs should be able to simulate the effect of the legislation, including amendments, which they are expected to approve.

That was over 30 years ago. It is therefore particularly sad that the same messages have to be repeated as though they are new. The reason is linked to the prevalence, evident in paragraphs 70 – 76, that teachers (whether in School, College, University or Industrial Training Centre) have to be expert in IT in order to educate their pupils/students.  If that is correct then there is no solution – other than to rely on those (in other parts of the world) who use their limited supply of skilled educators to supervise the delivery of blended learning (mix of packaged learning materials, personal contact and supervised work experience) by mixed teams of assistants and subject experts: which is what successful digital “informal learning” groups (para 70 – 77) as well as enlightened employers, have been doing since before school computing curricula or computer science degrees were invented.  Hence some of the recommendations in my own submission to the Select Committee

June 7, 2019  5:15 PM

A hospice for a dying HE/FE funding regime – A review of the Augar Report

Philip Virgo Profile: Philip Virgo
apprenticeships, Open University

The report of the Independent Panel to the Review into the funding of Further and Higher Education was not just about Student loans and University Funding . But most of the 370 submissions came from Universities and their acolytes. There were only 9 from Further Education providers. “Businesses” and “Employer bodies” were a subset of “Others” alongside academic experts, institutes and organisations representing the arts and science. See Page 14 of the Annex on the Call For Evidence for details.

Those who complain that, like the recent review of Apprenticeship Standards, the report only addresses part of the problem have themselves to blame. Most employer organisations were (and still are) more concerned to be able to import talent than to help grow our own. Hence once of the reasons for the Brexit revolt of the have-nots against the Establishment.

Despite that constraint it is a thoughtful report . It makes serious and detailed proposals to reform the current system. Read carefully. But also think about the political and economic context as you do. Philip Augar is a former equities broker. He was a non-executive board member at the Department for Education while he was writing (he had a History PhD) about the cultural changes  that led to the 2008 banking crisis. Now think about the current challenges to the way the century old UK FE/HE funding regime has been evolving over recent decades. Perhaps the best than can be done really is to buy time for constructive evolution as opposed to destructive change akin to the banking crisis and that which followed.

The Tectonic Plates are shifting – the 1917 Consensus is under threat

The authors of the report have done a good job in drily assessing the signs of movement in the tectonic plates that underlie the UK education system and its values. The Haldane Principle has been the basis of Government funding for HE (with FE as an increasingly poor relation) since 1917. It is now under serious threat. Even were the sixty or so recommendations in the report to be implemented in full they would probably not preserve the current system against change. They might, however, reduce the threat that the baby will be thrown out with the bathwater.

The idea that HE/FE funding and policy should be determined by councils of experts with a vested interest in the out-comes, trumping the views of employers, students or the public, will not survive exposure to the scrutiny of the Internet Age. But reaching consensus on a new and more balanced and sustainable approach will not be easy. Nor will transitioning from the present set of hierarchical processes.

That is why it is so important to read the report and the analyses on which it is built. The submissions to the review omit the views of employers or public. Those who submitted may not recognise the way the global English language education and training content and qualification industries now dwarf the UK academic world. They may be ignorant of the way commercial and/or international  providers are eating the lunch of those who have not already partnered with them. But the submissions do represent the thoughts of those who dominate our current policy and funding frameworks  on how best to respond to the challenges that they see. You ignore them at your peril.

The current structures cannot handle the accelerating pace of change

The evidence submitted pays little or no attention to the way libraries of on-line materials transform the dynamics and economics of global education and training markets. These enable the assembly of customised, modular, blended learning programmes which cut the time to master content or acquire new skills from years to months, months to weeks and weeks to days or even hours.

Those used to a four to five year cycle to approve a new course cannot compete.

The processes the report is attempting to reform will never be capable of handling the pace of change necessary to do more than educate students in the basic disciplines they need for their first career. But a world of accelerating career change and life-long learning will still need academic cadres trained in those disciplines and research methodologies. The issue is to reach a new consensus on the balance of priorities when it comes to using public funds.  

How should the recommendations be judged?

The report begins with eight principles:

1. Post-18 education benefits society, the economy, and individuals.
2. Everyone should have the opportunity to be educated after the age of 18.
3. The decline in numbers of those getting post-18 education needs to be reversed.
4. The cost of post-18 education should be shared between taxpayers, employers and learners.
5. Organisations providing education and training must be accountable for the public subsidy they receive.
6. Government has a responsibility to ensure that its investment in tertiary education is appropriately spent and directed.
7. Post-18 education cannot be left entirely to market forces.
8. Post-18 education needs to be forward looking.

There are then nine headline proposals to address the “core problem”of the unfair and wasteful split between the 50% who supposedly benefit from HE/FE and the 50% who do not.

1. Strengthening technical education
2. Increasing opportunities for everyone
3. Reforming and refunding the FE college network
4. Bearing down on low value HE
5. Addressing higher education funding
6. Increasing flexibility and lifetime learning
7. Supporting disadvantaged students
8. Ensuring those who benefit from higher education contribute fairly
9. Improving the apprenticeship offer

We should judge the detailed recommendations against the principles and the headline recommendations.

They are not prioritised. Most of the publicity to date is for proposals 5 and 8, addressing principle 4. That is because most of the submissions were from those seeking to preserve the current funding regime, with modifications in their favour.

To quote the Annex on the call for evidence:
Across all groups, responses focused overwhelmingly on university education, with fewer responses on the other aspects of post-18 education, including technical education or apprenticeships.

• Further Education (FE) providers considered that higher education works best for well-qualified 18- to 30-year olds and that FE needs further investment in technical education facilities.
• Higher Education (HE) providers emphasised their view that HE is not a business but provides a society-wide benefit. On funding they felt that the review should not just consider fees in isolation.
• Students, graduates and the public were mainly concerned with financial issues, with costs of HE being too high and flexibility of provision limited.
• Employees working at educational organisations particularly noted a decline in part-time, mature students and Level 4/5 course take-up, and commented that the fragmentation of post-18 policy and funding across HE, FE and apprenticeships is restrictive and prevents a joined-up approach.
• Public bodies and others emphasised value for money, choices to meet skill needs of the UK, wider participation in Level 4/5 qualifications and generally better communication with learners.”

The Augar recommendations help open the way to a new consensus.

The press cover to date is almost all on the recommendations on student fees .

The changes proposed are unlikely to change the erosion of public belief in value of incurring debts that will never be repaid in order to spend three years away from home acquiring a qualification that employers do not value. There is no mention of  the most serious barriers to widening access for the most  disadvantaged: e.g. the way DWP processes penalise a family on benefits when one of its members accepts a place on an apprenticeship programme.

If the core objective are “fairness” and economic value then the first recommendation in the Augar report is the most profound in its potential impact:

The government should introduce a single lifelong learning loan allowance for tuition loans at Levels 4, 5 and 6, available for adults aged 18 or over, without a publicly funded degree. This should be set, as it is now, as a financial amount equivalent to four years’ full-time undergraduate degree funding.

Combine this with the 11th ,

• The careers strategy should be rolled out nationally so that every secondary school is able to be part of a careers hub, that training is available to all careers leaders and that more young people have access to meaningful careers,

and the effect could be dramatic. But only if the careers advice neutral. It must not be skewed by the way schools are penalised if they allow their brightest and best to be tempted by apprenticeships – even those which are degree-linked and offer privileged entry into world-class careers. That neutrality will only be achieved if schools earn as much from supporting apprenticeships (e.g. in parallel with T levels) as they do from keeping hold of their academically competent pupils to do A levels – whether or not the latter improve their lifestyle choices or employability.

Given such neutrality we can expect the implosion of those FE/HE courses which do not give economic value. This is likely to be the most effective way of addressing recommendation 4.

Handing over the baton of bringing education and training policy into the Internet Age

In May 1968 I accepted a job offer from STC Microwave and Line as a graduate Engineer 1st Class, alias apprentice computer programmer. I then graduated with a degree in History and within two years was a guest lecturer on one of the first Computer Science courses. I have since watched half a century of  attempts to define the content of courses and qualifications intended to help students acquire the intellectual disciplines and applications skills to research and exploit digital technologies before they change.

My career, let alone thoughts on how to handle digital skills, on which I have blogged for more than a decade, would have been very different without the habits of mind that I acquired at the Devils Flamethrower  The THES article with that title is now behind a pay wall. Ross Anderson’s “Alternative History of Cambridge” and my review are not.  In 1971 my reward for a successful decimalisation was two years at London Business School. My education on “manpower planning” began with listening to Denis Pym and Charles Handy. The class included Peter Lampl (Sutton Trust) and David Davis MP  (who has also written a review of the Augar Report).  One of my MSc projects was on the economics of the commercial training market. The aim was to help ICL decide on the future of a course on business for IT professionals which was not selling. I analysed the database of UK management courses then maintained by the British Institute of Management to find out which courses were regularly repeated, over weeks, months or years. And what was different about them. In the 1980s, after the publication of Learning for Change (see here for original text ) I had responsibility for the NCC Microsystems Centre. My staff maintained similar files. I advised the High Tech Unit of Barclays Bank on requests for finance from several commercial training operations. I also had responsibility for turning found that which I inherited at the NCC as well as advising succession of  ministers – although the minds of most of their officials were firmly closed to evidence that did not fit departmental policy.

Earlier this year I pulled together my most recent material in a discussion paper  to help set the scene for wider discussion after the Augar review was expected to report. That time is now.

On May 8th a very impressive team at the Open University took over support for the Digital Policy Alliance Skills Group. Much of the discussion was about how to extend the OU tradition of open access to academic excellence to lifelong learning as a whole, keeping pace with the evolution of digital disciplines and the accelerating pace of change in cross-boundary research and applications skills. In other words how to deliver the wider Augar principles and headline recommendations. I was also very happy in the quality of thinking among those to who would be taking over where I left off. I am confident they will do a much better job of bringing the relevant players together across all boundaries – not just intra-UK.

The Augar report is the start of a debate.

At best the recommendations on Student Loans may buy time for sufficient students to vote with their feet to enable a more politically acceptable solution to become affordable.

You should read the analysis and the other recommendations – bearing in mind that this is the “insider” view. Then e-mail dpa@dpalliance.org.uk or DPA-Open-University@open.ac.uk to be kept in touch with (or better still join and help) the plans of those taking over from me to widen the debate and home in on the actions needed to deliver constructive change.

May 31, 2019  8:12 PM

Passing the baton on Cybersecurity Skills

Philip Virgo Profile: Philip Virgo
CompTIA, cybersecurity, DPA, ISACA, Skills

This year will be the first time I visit Infosec with no agenda. Or to be more precise I will have a Community Safety rather than a Cybersecurity Skills Agenda. This has caused me to take a cool look at what has happened and what has not over the past decade. It has also caused me to consider what has changed over the past year as the pace of change has accelerated.

What has changed over the past couple of years

The main change has been the rise of the virtual CISO as all but the very largest users outsource their security operations. Unfortunately most of the providers target the 10,000 or so organisations who employ more than 250 staff. The other 1.5 million, who employ between 2 and 250 staff, are commonly left bereft of meaningful support, whether or not they are willing to pay. The Digital Policy Alliance recently held a meeting on the role of Cyber Insurance in setting the standards necessary for a business to be insurable, beginning with an externally assessed version of Cyber Essentials and a support contract. But far too few organisations are addressing this market. And who trains and updates technicians and professionals with the skills necessary? A recent ISSA survey (global but in practice mainly US) identified that training Virtual CISOs and maintaining their skills is a global need. But few employers help maintain the skills of those they have, let alone train new ones.

Who is addressing the skills standards  for Virtual CISOs to support large numbers of SMEs, other than Comptia?

Meanwhile, as the recent  Institute for Apprenticeship standards review identified, pen testing is not enough.

But who, other than ISACA, is looking at the skills standards to do holistic audits of security processes, including for applications which use ever more complex and vulnerable networks of IoT devices? We need to cross fertilise the work on intelligent weapons systems and integrated warfare systems with than on, for example, autonomous vehicles and mobile phones. Hence a new dimension on the way that the US – China electronics “arms race” has over-taken global co-operation.

Both CompTIA and ISACA helped the Cybersecurity Skills pilot, led by Bluescreen IT on the Plymouth University Science Park.

This showed the viability of a local Cybersecurity Skills partnership, using a shared skills incubator to bring together education and training programmes (from schools to post graduate) in providing work experience running a world class security operations centre with globally recognised qualifications as part of the apprenticeship programmes. The centre is coming up for its second anniversary. In February Bluescreen IT received funding from DCMS  to package its methodology for harnessing the skills of “over inquisitive” teenagers to enable others to replicate that success . Perhaps more important is that it has demonstrated the viability of an unsubsidised shared skills incubator providing virtual CISO services to the local community at affordable prices. Put this model alongside COMPTIA Cyber Ready and the growing market for boot camps and apprenticeships and there is the potential to transform the supply of the skills to secure the 99% of British businesses (employing half the private sector workforce) whose needs are left out of the current mainstream cybersecurity skills strategy. The 99% are not greatly helped by a central government strategy which subordinates their needs to those of GCHQ and MoD for cyberwarriors and of major consultancies to secure those businesses large enough to afford their fees. But we now have a viable alternative way forward.

This therefore seemed to be a good time to for me to retire (for the fourth time). On the morning of May 8th I met the team at the Open University who have taken over from me in co-ordinating the work of the Digital Policy Alliance skills group . The group’s portfolio includes the Cybersecurity Skills partnership. I very much hope that one result will be the replication of that approach wherever the Open University has a sufficient footprint. E-mail DPA  for details.

My new role brings a new perspective

My new role, as an independent member of the Lambeth Safer Neighbourhood Board, “convening” a pilot Community Safety Partnership, has given me a rather different perspective of the need. The closure of the last bank in West Norwood (population 34,000 and several hundred businesses) has brought home how little the banks, for example, appreciate that as they close branches (rural or urban) they are opening their customers, including small businesses and pensioners (who control half the nation’s disposable wealth) up to on-line fraud [herding the sheep on-line to be fleeced].

The latter need a human, not a help desk, to get them get back on-line. Meanwhile local law enforcement needs a lot more than a couple of skilled investigators per force. Hence the need for many more police forces to exploit the changes made in 2011 to enable security professionals to become police service volunteers, whether warranted as special constables or not.

Meanwhile the failure of major players to act on evidence of criminal abuse using their social media and on-line marketing networks, means that a growing proportion of society (particularly those whose children, elderly relatives or vulnerable neighbours have been victimised) strongly supports holding them to account in ways that may, or may not, be rational – but will certainly destroy shareholder value.

I therefore intend to remain active in campaigning for effective change to meet the needs of users, while leaving those younger than me to do the heavy lifting of making it happen in ways that enable responsible suppliers to develop more sustainable and ethical business models.

Time has, however, run out.

Trust in the cyber security industry has been eroded by the failure to remove decades old vulnerabilities because they are still being used in the three track (AI, Big Data and Cyber) and three way (United States, China and Organised Crime) arms race.  There are, of course, other players but result leaves the rest of us (from children and vulnerable adults through SMEs to big business and the critical national infrastructure) unnecessarily open to on-line abuse, attack, fraud and harm.

The focus on “awareness”, without credible action plans, is increasingly counterproductive.

Back in 2008  I had the task of doing the warm up act for Lord Errol as opening speaker for an event on the use of encryption to better secure the on-line world . The fashion of the day was for Privacy Enhancing Technologies. I referred to the industry promoting e-immodium (when the need was to identify the causes of data diarrhoea) and PETS (privacy enhancing technologies) when the need was for bloodhounds and wolf packs to hunt down those causing the mayhem.

Having failed to secure action it is time to pass the baton to those who I hope will do rather better.

But the world is changing.

On the afternoon of May 8th I attended the third annual Global Cybersecurity Alliance  briefing in the Mansion House. I am a big fan of their approach, using the proceeds of crime to remove common vulnerabilities. We learned, inter alia, of their new small firms tool kit  to help the 99% improve their security. We also had a very interesting briefing on how Intel has carried its end-point security offerings to the next level  . What a pity our Computer Science and engineering graduates are still not routinely educated to use the hardware security facilities that have been embedded in most common chip sets for over twenty years. One might even call it criminal negligence – akin to the attitudes of those who place adult rights to privacy above children’s rights to be protected and block the use of anonymised age checking.

Afterwards I learned of Cybersmart  which automates the process of compliance with Cyber Essentials. On May 9th I sat in on a global webinar with the President of ISSA on their latest survey on cybersecurity skills and careers. One of the key priorities of respondents was the need for access to training to keep up with the tools now available to remove vulnerabilities, automate response and dramatically improve security. This is particularly so since many more businesses, especially in the US, are now protected by a virtual CISO than have one in-house.

Or is it?

That week I read the Europol press cover  for the latest success of an NCTFA  led international investigation. We had press cover for the discovery of one of the tools  used by intelligence agencies (and others) to spy on supposedly secure social media communications. We had a bout of publicity for the vulnerability of the submarine cables that carry the Internet . I first blogged on this in 2008  . Readers should, however, be aware that their local internet connection is more vulnerable and that regulatory pressures for duct sharing with BT mean it will remain so.

City centres and business parks need multiple routing to meet critical infrastructure standards. Building these will run into the construction skills shortages that I highlighted at the end of last year. I am pleased to say the DPA sub group created in February to address the problem is now under way, chaired by the CEO of the Highways Electrical Association, and has identified the points of leverage that need to be addressed. I plan to blog separately on this, which is also part of the skills partnerships portfolio for the main DPA Skills Group.

Meanwhile Ofcom is talking about setting up a group to forecast future trends so that it can regulate them. This is the very approach that was rejected when its predecessor, Oftel, was created – because it would constrain the future. Instead Ofcom should be looking at how to handle the long overdue job of regulating telecoms as a critical infrastructure utility – with multiple inter-operable routings and mutual hot standby between competitors, maintained by technicians whose competence is individually accredited.

Time to move on

Anyway time for me to move on and leave it to others to make the on-line world a safer, more secure and resilient place as I spend more time off-line – where life is safer … or is it?

The whole of society increasingly depends on the industry living up to customer expectations, not best efforts and blame avoidance. I therefore have a vested interest in ensuring that the next generation make less of hash of skills policy that the current one.

May 29, 2019  12:22 PM

IT in the Tory Candidates’ Manifestos

Philip Virgo Profile: Philip Virgo
apprenticeships, Broadband, Leadership

I added a comment on Dominic Rabb’s inclusion of degree apprenticeships in his call for Fairness and Choice to my recent blog on the IfA apprenticeship review.  In his opening campaign letter Rory Stewart call for “the vocational training and apprenticeships that equip people for the jobs of an ever-changing economy”.  He is also “enraged that our broadband speeds in the UK are slower than Madagascar”. Back in 2010 Computer Weekly reported on the event organised by Rory Stewart that led to the BDUK programme. Rory’s Reivers are still showing the rest of the UK how local enterprise can build better, as well as far cheaper, than Central Government or the incumbent.

Shortly after he was elected Kit Malthouse chaired  “Towards a post Brexit Strategy for Gigabit Britain – Building the infrastructure for a Smart Society” at the Conservative party Conference in 2016. That was the conference at which Matt Hancock, having read his way in at DCMS, came down firmly, at a series of meetings, in favour of full fibre – to the surprise and consternation of many lobbyists.

I will update and extend this blog as other candidates raise IT issues in their battles for the votes of first their fellow MPs and then the party faithful.

Their fellow MPs are a sophisticated (to use the polite term) electorate and will be looking to some-one who can not only deliver Brexit (whatever that means) but can rebuild an election winning party around issues that matter to voters in their own constituencies.

Their comments on matters IT, and responses to questions on matters IT, will therefore reflect what they think are the priorities of the future.

Given that the forthcoming NSPCC report on a world-wide review of “On-line Harms” will be launched between two of the main “hustings” meetings I will be interested to see how they reconcile the need to expedite effective action on child safety with improving the protection of personal privacy

May 25, 2019  5:16 PM

5/10 for the IfA Digital Apprenticeships Standards Review

Philip Virgo Profile: Philip Virgo
Apprenticeship, CompTIA, Skills

The Statutory Review of the Digital Apprenticeship standards  inherited by the Institute for Apprenticeships answers less than half the question. Much of the question (e.g. allowable costs) is outside its remit and the resources available for the review were limited. A low score should, therefore, not be unexpected but the conclusion that IT Support skills are be covered elsewhere was surprising, to say the least.

An Insiders’ Review

The inputs to the review were limited to those employers, apprentice and training providers with “direct experience of the apprenticeship standards”. Those unable to make the standards process work, not interested in the standards agreed or unable to participate for other reasons were not asked to comment. The positive responses:

  • 85% of apprentices said the apprenticeship met their expectations.
  • 95% of respondents said the title of the standard reflected the content.

from those involved were therefore to be expected.

However, “41% of respondents (employers and training providers) encountered difficulties training apprentices”. Unfortunately these are not described in any detail.
89% of respondents said that off the job training on the standards was between 20% and 39%. Those with experience of mainstream industry training programmes would regard this as surprising high for programmes expected to last more than year. The use of supervised, hands-on blended learning, home study modules, interspersed with the occasional group workshop or residential modules means 5% or less would be more common. Such a training programme would not qualify as an apprenticeship for levy purposes. Meanwhile employers with large numbers to train to common standards appear to prefer 10 – 12 week digital boot camps to 12 – 18 month digital apprenticeships, even though the latter can be offset against the apprenticeship levy.

The review looks at a subset of the market. Great care should be taken in extrapolating the results

Sensible updates mixed with unrealistic ambitions

Most, but not all (see below) of the recommendations as to which the inherited standards should be retained and revised and which should be withdrawn, with “some of the content incorporated into revised standards, broadening and enhancing the content” are uncontroversial. The plans to align apprenticeships, T levels and Level 4 and 5 qualifications with common occupational maps are welcome.. So too are plans to link reviews of Level 3 standards and content.

But the idea that the IfA map will cover “the whole of technical education” is over ambitious. The standards for which the IfA has responsibility cover but a subset of the English subset of a digital education market in which most of the standards recognised by industry are international. The IfA is right to focus its efforts on establishing a reputation for quality and relevance but this will not be helped by over ambition as to what it can achieve by itself. It needs to partner with reputable players, local, national or global.

Specific Comments

  • “Digital and Technology Solutions Professional (Level 6): will be retained on the basis that each of the individual options are reviewed in detail to ensure they each meet the requirements of an occupation.”

Each of the “occupations” cross boundaries and overlap with technologies and applications which are evolving at an accelerating rate. Reviewing the cross disciplinary intellectual frameworks necessary to cope with change is more important than the reviewing transient detail. That will entail looking at how those running industry and commercial certification and accreditation programme handle the pace of change. When the IfA was created I attended a meeting (organised at the request of the Minister) at which members of Digital Policy Alliance Skills Group offered to brief IfA staff on the processes they used to keep abreast of change. At the time there were no staff in post to brief. Perhaps the time has come for the IfA to take up that offer.

  • IS Business Analyst (Level 4) will be revised and broadened in scope to become Digital Product Analyst/Digital Business Analyst (Level 4). The occupation should apply to a broader range of sectors rather than just Information Systems to better serve the needs of employers.”

This is particularly important given that there is no separate standard for “systems engineering” where the “system” is an evolving mix of networked hardware, software and wetware (people processes) with shifting boundaries between the three. Thus the AI-based “system” may be hardware (inference  and authentication  chips) and software in support of people processes (because complete autonomy without human oversight is uninsurable).

Including systems engineering in “Digital Network and Infrastructure Engineer” implies a narrow definition of the range of roles where the disciplines and techniques are required. I speak as one who was trained in the in the 1970s before systems engineering became confused with digital systems engineering.

The problem with removing knowledge units and mandatory qualifications as opposed to the need for robust, rapid and efficient change processes

The report identifies the problems with using “knowledge units” from existing qualifications to enable “future proofing” by building on the review and update processes of those maintaining them. However, requiring the “trailblazer groups” to “bring all relevant information into a standard as they are redeveloped” gives them a difficult choice. Do they attempt to bring the update processes in-house (a massive task) or to negotiate compromises which have the support of those for whom enabling their trainees to acquire the skills currently recognised by their suppliers, customers and peers is more important than recovering their levy. The latter will be essential for the digital apprenticeship market to achieve its potential.

Digital (both information and control systems) is not, however, the only skills market dominated by requirements for internationally recognised qualifications, some generic but many vendor maintained (e.g. to install, use and maintain specific product ranges). Aerospace, automotive and critical infrastructure utilities and many branches of engineering have similar needs.
The solution to the problem of maintaining lists of relevant qualifications coving “the full range of software and approaches required for full occupational competence” is not to wish this onto the existing trailblazer groups. It is to allow them to work with the qualifications bodies, professional bodies, trade associations and training providers who are already in the process of developing semi-automated, networked, routines, linked to on-line libraries of course planning, content and assessment materials. The IfA should look at the potential for working with those seeking to create a neutral “hub“ for such routines in order to transform the position of the UK as market-leader.

This happens to be one of the projects I have just passed to the team at the Open University which has taken over from me in running the DPA Skills Group https://dpalliance.org.uk/about-21st-century-skills-group/. The aim is to package and publicise the existing inter-operability and exchange processes of JISC, the Grids for Learning, the various STEM, Coding and Content initiatives and the main global content libraries. It could also be used to provide a much more practical solution than that proposed.

Supporting Small Businesses

The basic idea of meeting the needs of small businesses, whether suppliers or users, by directly involving sample SMEs in setting digital standards is impractical. According to the ONS Business Survey 2018  there are

  • 7, 500 employers with more than 250 staff, i.e. large enough to have the in-house expertise to help specify training needs.
  • 35,000 with between 50 and 249 employees i.e. large enough to employ more than a handful of apprentices.
  • 210,000 with between 10 and 49 (who might employ one or two)
  • 1,1 million with 1 to 9.
  • 4 million sole traders

Meaningful inputs on the needs of all but the top 7,500 employers will only come via the relevant trade associations or professional bodies.

The decision to require the IfA to work direct with employers, cutting out intermediaries (like the sector skills councils), without providing the necessary resources and budgets, means the standards processes are unable to reflect the needs of over 95% of employers and half the workforce. To remedy the situation it has to allow the trailblazer standards groups to re-create processes for working with those intermediaries who genuinely represent the collective needs of their members, the 1.3 million SMEs who collectively employ as many as the top 7,500.

The good news is that we can see that happening with former “intermediaries” providing the secretariat for many of the more effective standards. But the lack of such input to the review process may explain the most puzzling recommendation in the report: that to remove ”IT Support, as the occupation was judged to be covered elsewhere”. Apart from suppliers of IT products, services and support, only 7,500 businesses are likely to have more than one or two full time digital technicians or professionals. The other 1.3 million are reliant on external support. Hence the reason for qualifications like those from COMPTIA  (a not for profit trade association created to provide vendor neutral training for the employees of the IT support market).

There is a need to explain where “elsewhere” is – since it covers most of the digital skills market. .

Promoting Diversity

Changing the language in job adverts can be surprisingly effective but there is also a need to address the academic or other pre-requisites for apprenticeship programmes. Many of these merely serve to filter out those excluded from mainstream education for reasons not relevant to their employability. The bigger issue with promoting diversity is, however, allowable costs – including for socially inclusive recruitment and pastoral care for vulnerable apprentices in SMEs with no in-house processes. This is outside the scope of the review.

Establishing principles for future approval

Most of these look sensible, albeit THEY ARE much harder to implement than to agree.

One of the hardest is: “Naming conventions – occupational standards should adhere to consistent naming conventions across the Digital Route to promote consistency and understanding”. It reads well and similar phrases are repeated regularly in report on skills and professionalism.

Over the fifty years since I became a graduate apprentice programmer (before there were computer science courses) I have seen countless attempts to produce common taxonomies. None achieved traction.

There is, however, an alternative way of achieving the objective.

In the 1980s I ran the NCC Microsystems Centre (the flagship awareness programme of the day). We needed a taxonomy for indexing our monthly-updated “Directories on Disc”, covering the hardware, software and training on the UK market. We used what would now be called AI to help collate those already available. We quickly determined that many definitions overlapped and rarely matched the claims of the suppliers. We decided to instead embed a synonym finder. This was also updated monthly with the aid of the journalists and product reviewers for whom we held open house after I scrapped the PR budget. The result turned the Directories into a must-have industry index and turned round the finances of the operation.

The situation with digital definitions (whether of hardware or software techniques, products and services or the skills to develop and use them) has become even muddier over the decades since.

None of the many subsequent attempts to produce skills taxonomies has been successful outside specialist areas where certificates to practice are mandatory or big budgets (as with some of the US DoD contracts for NIST) are available. That has not stopped players (UK, EU or US) from trying, whenever they can find a sponsor with deep enough pockets. Einstein’s supposed definition of madness  is apposite . A synonym finder updated by those who want to use the results for their own purposes is much easier and more useful, especially if it has on-line cross references to the work of others.

The reference to the cross-cutting nature of digital skills and the “Essential Digital Skills Framework” is apposite but that framework is itself overdue for review. The reference to “Handling information and content” needs to include reference to recording and/or checking the provenance of the information. Security for that which is false or misleading, not just misleading, is not enough. This is commonly omitted. The consequent risks are profound. When I did my “digital apprenticeship” in 1968/9 it was core part of my training, alongside the GIGO (“garbage in = garbage out”) principle. I had to find out when, where and how the data was collected and the motivation (if any) of the staff collecting it, correcting it and entering it to the system.

Occupational Maps and the removal of the IT Support path

The removal of “IT Support” without alternative pathways will severely limit the relevance of digital apprenticeships to those who support the 99% of businesses with no full-time digital expertise. One can understand the reasoning that led that conclusion only in the context of confining the review to those who have been able to make the current standards system work. But the consequences it makes my headline score of 5/10 appear generous in the eyes of those whose needs are left out.

In the 1980s the NCC Threshold Programme, the Microsystems Centres and ITECs provided apprenticeship-like programmes and hands-on skills incubators to train tens of thousands of support technicians (with City Guilds 726 providing the framework for customisation to meet the needs of clusters of employers). But their success in putting socially excluded teenagers into well-paid jobs threatened the status of academic computing. Funding and support was diverted into “computer literacy” programmes (to feed students onto the academic courses). The UK supply of digital support technician skills imploded (save for the Millennium Bugbusters programme) until the Americans came to the rescue with vendor neutral programmes (like those of COMPTIA) to complement the vendor Academy programmes (like those of CISCO and Microsoft).

The success of local skills incubators in organising digital and engineering apprenticeships (and other training programmes) to meet the needs of geographic clusters shows what can be achieved. But it appears that those conducting this review decided, possibly correctly, that they have neither the resources nor terms of reference to provide digital support apprenticeship frameworks for use by the Borchester  or Causton  skills incubators or to help the digital supply chain copy the approach of the Builders Merchants. The latter have apparently organised a network of 200 local training agents to handle the organisation of apprenticeships on behalf of those in the supply chains of their 800 members.

Future Statutory Reviews

The report tells us what we can expect from future reviews. They will “again start with the content of the occupational standard” but “will have an enhanced focus on the quality of each EPA [end point assessment]. They will also “ benefit from even more targeted communications and engagement activity with employers, apprentices, provides and other stakeholders such as EPAOs [end point assessment organisations].

In others words they will again be conducted by those who stayed the trailblazer course and have been able to make the existing system work to meet their needs.
It is unclear how “public” the future consultations on “Occupational Maps” for other sectors will be but it is well worth looking at the IfA Occupational Map for Digital
and comparing this with the maps produced by the various professional bodies, trade associations, training providers and advice services trying to attract people into digital careers


I have awarded half marks because the report covers only half the question. It addresses the concerns of those who have been able to make the standards system work. It does not address the concerns of those who have not. And there are far more of the latter.

Given the resources available to the IfA for this review it might be unreasonable to expect more. But if the Government wants to use a successful start to rebuilding the UK apprenticeship system as part of its platform for the next General Election (whenever that comes) it will need to provide the IfA with the resources and terms of reference to ask, and answer, the whole question.

Comments received:

Jon Hall (Open University) has commented as below

  1. Digital and Technology Solutions Professional (Level 6): will be retained on the basis that each of the individual options are reviewed in detail to ensure they each meet the requirements of an occupation. occupation as opposed to a profession?

The choice of words is revealing: occupation applies to the practitioner as part of a profession, perhaps, but what is an apprenticeship if not the expression of the sustainability of the profession over the individual? Are we to assume that the correct criteria for review are those of the individual, in that case? If so, what hope for those critical skills a degree teaches?

2. Future proofing

This isn’t necessarily achieved by removing anything from a syllabus, but from thinking more carefully about its conceptual core, something that universities (should be) good at, but that trainers can miss. From that conceptual core come the notions of, what I call, a ‘sand topic: something that moves (sand dunes drift) but sufficiently slowly as to be captured in a long term syllabus, and a ’sky’ topic which, like the clouds, moves too fast to capture once and for all. Trainers do the latter better than universities under the traditional models of both, but some unis, including mine, have techniques for keeping up with the leading edge and providing self-updating skills at the same time.

3. Promoting diversity

You’re right, of course. The work of Rachel Acraft is also pertinent (thesis available on demand from me) in which she identified the ‘drama’ model of computing: (paraphrasing) we need set designers, musicians, lighting engineers, producers, directors and myriad others to have something of dramatic value, not just authors. Producing a solution with computation embedded is similarly team based, requiring skills from all over the place. So diversity or role provides for a broader skill base. Digital apprenticeships mould recognise this sort of diversity too.

It has also been pointed out to that the first video manifesto for a Conservative party leadership candidate uses degree-linked apprenticeships as an example of “Fairness” and “Choice”. At least three of the other declared candidates are know to be strong supporters of apprenticeships. Will they also use them as a plank in their campaigns?

May 10, 2019  1:48 PM

Brexit: golden rules and taboo questions

Philip Virgo Profile: Philip Virgo
Brexit, fake news

The Brexit debate sees the endless repetition of mendacious claims, meaningless slogans and fake news. But key questions appear off limits – because no-one wants to discuss the possible answers.  They reveal that what is a stake is not a simple matter of “in” or “out”. It is what is allowed to happen afterwards – and who really wants what.

Now that the manifestos of the European Reform parties in other members states have been published can we begin to read some of the arguments that no one wants us to hear.

I therefore feel a need to throw a rock into the stinky pool to see what emerges.

But first the Golden Rules for interpreting the answers.

  1. Nothing is quite what it seems.
  2. Everyone has a vested interest, alias valid point of view and they all have good reasons for them.
  3. Those accusing others of ignorance or stupidity should take a look in the mirror and then think a little harder.

Please bear these rules in mind when asking taboo questions and listening to the answers.

I summarise my top three below, I also summarise some of the answers. I would very much wish to hear yours.

1 What is the difference between “the” Customs Union, “a” Customs Union and Swiss style frictionless borders?

  • “The” Customs Union means that US multinationals can continue to pay VAT and Corporation Tax on UK earnings in Dublin or Luxembourg.
  • “A” Customs Union means that US multinationals may be able to continue to pay VAT and Corporation Tax on UK earnings in Dublin or Luxembourg.
  • Swiss style frictionless borders mean VAT and Corporation Tax on domestic earnings are collected (and retained) locally while goods from, for example, Italy can transit a non-member to France (and vice versa) with no need to stop. Pre-cleared Swiss imports and exports can transit equally rapidly. The TIR processes predate the EU and are international. The Mayor of Calais (which stands to lose most from border delays, Calais also owns the port of Dover) has promised equally rapid processes. The risk is that he may have problems with striking customs officials (fearful for their jobs) or fisherman (if they are not squared after Brexit).

2 What is the Irish Backstop?

The Irish backstop is  a McGuffin . The aim is to delay decisions that could lead, inter alia, to a 10% (or more) cut in the budget for running the Commission before the current incumbents have left.  Such a cut could necessitate halting sessions of the European parliament in Strasbourg. This is already being called for by reform candidates in other member states.  It would be a severe embarrassment to President Macron – but not to anyone else.

3 What difference would No Deal and reverting to WTO rules make?

It depends which rules you invoke:

  • A two year period of no change while agreement is reached?
  • No change until agreement is reached?
  • Independent arbitration (various formulae) when agreement cannot be reached?

None of these is the nirvana or the existential threat claimed – according to which side you are on. All, however, end the ability of the EU (or EU Court) to impose a solution in the event of dispute. They also end the potential for imposing changes that have not been agreed by the UK.

So what other questions do you think need to be asked? 

Having spent twenty five years of my life trying to make a reality of the mythical digital single market, with its tangle of geographic software and content licenses and differential pricing, I can think of plenty more questions. Then there are questions about the various “licence to practice” barriers to the free movement of professional and technical staff – except when they are in short supply and will not undercut the natives. The depressed after-tax earnings of freelance IT staff in the UK should, of course, be blamed on IR35 and Tier 2 visas for non-EU immigrants. The EU has had little impact. It has its own shortages and many of our freelances have done better by working in, for example, Germany.


February 23, 2019  9:42 PM

Will Advertisers and Insurers hold Social Media Platforms to Account after Governments fail

Philip Virgo Profile: Philip Virgo
Governance, Internet, Internet safety

The Shareholder Backlash

Most digerati appear to be in a state of denial over the scale and nature of the damage being done by the abuse of social media. It is fuelling family breakdown, mental problems and violence, particularly in our inner cities. They may, however, be correct in saying that current political and regulatory efforts to address the problem will not achieve their objectives.  The delay in implementing UK legislation on Age Checking, in the face of opposition from those whose business models are based on intrusive mass data collection as well as those promoting anonymous access services, shows how easy it is to mislead officials and politicians over the impact of proposals that help enhance, not invade, the privacy of the vast majority of users, particularly the most vulnerable.

Advertisers and, more importantly shareholders, are not so easily fooled.

The dips in share price last year, when luxury brands began pulling adverts which might appear alongside ISIS videos and risk their Middle Eastern sales, were short lived. So too were the dips which accompanied the original revelations of scale and nature of the fake news/click bait “industry”. In both cases assurances of the “technical” measures being introduced appear to have been sufficient.

Not so the 20% fall in Facebook share price as complaints grew that family friendly content and adverts were being used to promote child abuse and drug gang messages and not “just” fake news about politicians and celebrities. Assurances of action have, so far, proved insufficient – in the face of evidence of practical ineffectiveness, particularly with regard to addressing abuse over its platforms for teenagers, such as Instagram and Whatsapp.

The arguments received a very public twist when the DCMS Select Committee used forgotten powers  to seize evidence of “intra-US misbehaviour” for use in its report on Disinformation and Fake News . This report refers to the Ledger of Harms  produced by the Centre for Humane Technology: “loss of attention, mental health issues, confusions over personal relationships, risks to our democracies and issues affecting children” but focussed on the harms supposedly caused by targeted misinformation in support of political campaigning. Hence the committee’s proposal for a new regulatory category for organisations that are neither “Platforms” nor “Publishers”. But can organisations which claim ownership of the content placed on them (including records of usage and location) and analyse this, sometimes in real time, to target advertising, really claim “Innocent carrier” status at all, let alone avoid responsibility under common law and tort for failing to take rapid action to enforce their terms and conditions when warned that abuse is leading to harm, suffering and death, whether on the streets or in the bedroom.

The Twitter share price has been hit harder, now down over 30%, as it becomes a medium of choice for some of more prolific abusers, whether of truth or of the vulnerable. It has yet to find a way of reassuring advertisers that their brands are not at risk.

The Google (Alphabet) share price has been more resilient, down barely 10%. So far its efforts to monitor abuse have seemed more credible to Advertisers. But it remains to be seen how it will respond to the loss of well- known clients for You Tube advertising. In particular will it be able to reassure AT&T. We can expect it to step up efforts to use technology to identify and remove abusers. Will it feel a need to go further and take a lead in helping drain the swamp, including by organising systematic co-operation to help advertisers prevent their images from being contaminated by indiscriminating pay-per-click automated adtech placement algorithms? Will it feel the need to go further, in co-operation with AT&T and Verizon, to restore faith in the safety and security of the on-line world. If so, where will that leave the current “division of labour” between the Internet Community and the ITU.

The Public Backlash

Meanwhile parents, teachers, picking up on what they know about the hidden fears of their children and pupils,  are now well aware that the on-line world needs at least as much supervision as physical playgrounds and streets. We have long had anecdotal evidence of the scale of parental concerns over some of the apps being used to stalk their children . We are now seeing evidence on the fears felt by children and what they would like to see in response.

We can also see the debate over on-line harms spilling over into the way social media are being used to create a climate of violence and fear on our the street. We are also beginning to see constructive thought on how the processes actually work and what we might do in response.

Last Saturday I attended a meeting for local residents on violence reduction. It was attended by the constituency MP, the GLA member and three cabinet members from the Council (in this case Lambeth) . It was standing room only.I had expected some of what I heard. I did not, however, expect the extent to which social media were blamed for contributing to the problems and the anger at their ongoing failure to use their profits to become part of the solution. Perhaps the saddest contribution came from a teacher who was describing the effect on family life. She mentioned a contribution to an early years discussion on what “what do you want to be when you grow up”: – “I want to be an I-Phone, so my Mummy will speak to me.

At the teenage level the use of social media to video and brag about violence and/or issue challenges is said to be a major factor in the escalation of a local dispute into open warfare. It is also said to be impossible to get rapid and effective action taken by those operating the relevant “platforms”. The resultant bitterness against those who make so much profit while driving local shops out of business and denying responsibility for their actions has to be seen to be believed.

I had not previously appreciated how much of this bitterness is linked directly to the systematic use of social media by drug gangs (not just ISIS or pederast rings) to groom their audiences with the mix of fear and exhilaration that will promote their product at eh same time as helping them control their neighbourhoods and supply chains.

In the physical world you can call Crimestoppers and report where and when the action is happening. What happens when you try to report abusive content to Facebook, Google or Twitter?
The social media giants claim they are innocent carriers but their claims to own the data posted by their users and analyse transmissions to facilitate precisely targeted advertising indicate clearly that they are publishers (and more) – with all the duties entailed.

It appears to be only a matter of time before crowd-funded class actions on behalf of the victims of bullying, abuse and violence cause them to change their business models.

So what could/should be done by those who wish to expedite that process without destroying the undoubted benefits from advertising funded open internet access?

Pre-empting the damage the backlash could cause

1) Implement Age Verification to PAS 1296

The first and most obvious action is to expedite implementation of the UK Age Verification legislation passed two years ago . The members of the new Age Verification Providers Association  spent £millions to get effective systems operational in time for the original deadline. More-over the technologies they had in mind to help with enforcement (based on those already used by Hollywood and the Music Industry for copyright enforcement) could also be used to address other forms of on-line harm.

The reasons for delay do not stand up to examination and are doing serious harm to UK-based business. They are in part based on misinformation by those who do not want to see the spread of effective, low cost, anonymised access technologies. The access provider or retailer need only ever know the name and id number and/or biometric of the individual. In some cases even the service provider knows only the age or other relevant attributes (e.g. a membership or security clearance). Everything else is stored behind further layers of one-way encryption on the files of the third parties e.g. health, education or financial services providers who provide only extracts. Such a privacy-centric capproach fits, however, neither mass surveillance nor big data agendas. Hence the publicity for misinformation based on services which do not use data minimised implementations of PAS 1296  (on its way to becoming a global standard).

Early, well publicised, adoption of such implementations, audited against the PAS, without waiting for the legislation to be implemented, is not only a good way of demonstrating family friendly credentials, it can also greatly reduce your potential liabilities under GDPR if allied to an overall data minimisation strategy.

2) Work with Law Enforcement, Crimestoppers and Child/Mental Health/Victim Support and Welfare Charities on expedited and/or automated/collated reporting and response processes

The current confusopoly of victim-hostile, labour-intensive reporting processes is unfit for the internet age. Those involved have neither the expertise nor the resources to sort the situation. That will require action by those who want the rest of society to have confidence in the safety of themselves, their children and their grandparents in the on-line world. More-over, until we have created  processes for effective co-operation between industry and law enforcement, the responses will have to come from industry under a mix of civil and contract law.

That raises the questions of whether the organisation is more concerned over avoiding legal liability or enhancing consumer confidence (and profitability). That will divide industry between those whose “conscience” and/or “appetite for risk” are driven by the legal department or the finance director.

3) Find ways of using your expertise and resources to plug the gaps of those in Law Enforcement.

It is now over a decade since the EURIM-IPPR study  into Partnership Policing for the Information Society identified that law enforcement would never have more than a fraction of the resources and expertise necessary to policing the on-line world. The need was for processes to enable the police to draw on those of industry – including (but not just) as warranted special constables.
Since then there has been little, if any, progress in implementing the recommendations. We may actually have gone backwards. The current Metropolitan Police criteria for Special Constables  appear to preclude almost all those professionally involved with Information Security.

It is unclear whether change requires primary or secondary legislation or this a local requirement but action should be a core part of the National Cybersecurity Skills Strategy
as well as of any strategy to address the on-line safety of the rest of society.

February 18, 2019  8:34 AM

Fit for whose purpose? Submit your views on the Initial National Cybersecurity Skills Strategy

Philip Virgo Profile: Philip Virgo

I re-read the “Initial National Cyber Security Skills Strategy: increasing the UK’s Cyber Security Capability” after attending the first of their discussion meetings. The meeting illustrated the difficulty of the task the DCMS team will have reconciling the need of MoD and GCHQ for patriotic cyberwarriors and the need of the rest of us for the skills to protect ourselves and our customers at the same time as working with law enforcement to identify on-line predators and use a mix of civil and criminal law to remove and/or deter them, wherever they may be.

The skill sets do overlap.

But do they overlap sufficiently for a single professional body?

Almost certainly not.

Hence the reason the creation of a Cybersecurity Council makes such good sense.

But the Council will not meet the needs of UK plc if Government support is constrained to fit the undoubted needs to grow our own indigenous cybersecurity skills base while neglecting the need for the City of London, as the world’s premier financial services and global trading hub, to have the cross-cultural and jurisdictional skills base needed by a global hub for security audit and investigatory co-operation. And what about the need to protect the rest of society from script-kiddies, on-line bullies, pederasts and those using social media to promote, for example, a gang-driven, drug-fuelled teenage subculture.

The strategy also neglects the skills needed to build and maintain a resilient and secure digital infrastructure for a society that is critically dependent on 24 by 7 on-line service. The failure to regulate UK telecoms (including internet services) as part of the critical national infrastructure, with all that implies (including for the relevant skills), appear to undermine the rest of the strategy.

I strongly recommend reading the strategy and thinking long and hard before answering the questions.  And remember the deadline – March 1st.

Below I summarise the points I am thinking of making in my own submission.

Perhaps most controversial for many readers is that the number of genuine cybersecurity professionals, capable of a UK eyes only security clearance, needed is probably only about 10% of the numbers being bandied about by those making business plans for new professional bodies. Instead we need are very much larger numbers of competent technicians with skills that cross professional boundaries.

Moreover, if we really do want to a world leader, we should look at how to be at the heart of setting and auditing global skills standards and co-operating wholeheartedly with non-Nato countries educating and training those who will help secure the on-line world against all-comers (including nation state actors, “ours” as well as “theirs”). The latter also entails fixing the vulnerabilities that are there because nation state actors want them to be there.

Hence my sympathy for DCMS officials expected to reconcile the irreconcilable – or rather produce a globally acceptable and evolving fudge machine. I am mindful of how, nearly a decade ago, office also from across Whitehall came together to block the joined-up Home Office e-Crime strategy on which I and others had spend so much time and money.

My points below follow the structure of the Consultation paper.

The Strategic Context – Page 15
I found the analysis of the size of the cybersecurity skills gap (page 12) very odd. I then looked at the background report “Understanding the UK Cybersecurity skills labour market” and understood why. It repeats an error common to almost all reports on UK IT skills and demand. It fails to appreciate that 95% of the 1.4m UK businesses with employees have fewer than 50 staff, none of them full time on IT support, let alone cybersecurity. The responses to the survey come from those remaining other 5%, plus the Cyber consultancy community. The statement that 710,000 business and 107,000 charities have a “technical skills” gap is then used to produce numbers requiring differing different types of skill. The UK has barely 250,000 businesses with more than 10 staff and only 42,000 with more than 50. It has barely 34,000 charities with more than £100,000 of income and only 11,600 with more than £500,000. Most businesses with under 50 staff use packaged and/or outsourced IT products, services and support. They have no-one with serious in-house IT, let alone cybersecurity expertise. Only businesses with more than 250 staff (7,500) and charities with more than £5 million turnover (2,200) are likely to have any in-house cybersecurity expertise, as opposed to providing one of more members of staff with the training to know when to call in an “expert” and, hopefully, a call off contract with a reputable “expert.

There is then the question of how many of the “experts” merit the term “professional” and how many are best described as “technicians”, competent to use the semi-automated tools which can be mastered in the 3 – 4 month modular training programmes which produce “consultants” capable of being billed to HMG at £2-300 per day. To the numbers quoted should be added those not on degree courses or IfA “approved” apprenticeships. One commercial training provider appears to have a throughput of over 3,000 students a year (counting up the numbers of the courses it is contracted to run for major aerospace and defence contractors and/or cloud computing suppliers). Meanwhile the big four accounting firms are believed to each be training several hundred a year via the “cyber-academies” they run with the help of well-known Universities. BT has claimed that it has 3,000 in its cybersecurity operations and has said it is training 300 “apprentices” a year and looking to recruit a further 300 a year from outside to replace turnover.

Meanwhile the financial services industry has largely outsourced/co-sourced technical cybersecurity while embedding cybersecurity modules within mainstream disciplines from risk management to identity and access control (including know your customer), fraud prevention and asset recovery. ISACA (over 150,000 members world-wide, over 15,000 in the UK) is probably the main professional bodies for those “auditing” cybersecurity in the financial services sector. Its “body of knowledge” appears to be far wider than that envisaged, because its members already have to audit IoT devices integral to on-line, interactive payment, shipping and maintenance services around the world

The main gap in the analysis is, however, the skills to build and maintain the nations digital communications infrastructure. There is talk of societies increasing dependency on connected devices and services but not on the need to treat digital communication as part of the critical national infrastructure – with the implications that would have for regulated standards for quality of service, resilience and response times and for independent certification of the competence of those maintaining the necessary inter-operable networks with mutual standby.

That leads to the question of the skills to address the responsibilities of Internet Service Providers, including “Over the Top” providers, given that their use of algorithms to fine tune service provision of behalf of advertisers means that “innocent carrier” status no longer applies. They look set to face a perfect storm of class actions under civil and/or common law for the consequences (suicide and murder let alone lesser injuries and suffering) of their failure to take “reasonable action” to enforce their terms and conditions

The National Response – Our Mission

There is a need to unpack the needs for UK or NATO “eyes only” skills for national defence and cyberwarfare purposes from those of the financial services sector where UK-based organisations may be part of the critical national infrastructures (including payment services and sovereign wealth management) of Governments around the world.

One of the best ways of ensuring that the UK has world class skills is to maintain and foster the position of City of London as the neutral base for auditing and quality controlling the cybersecurity of the rest of the world – even if that means operating, at least in some respects, at arms-length from the City of Westminster. That relationship needs to open and honest, including the means for handling the inevitable conflicts, for it to be open trusted and trustworthy.

A Structured and Trusted Profession

Trust is earned. Much will depend on the nature of the “delivery lead”. It needs to be a mutual, jointly owned by a balanced mixed of UK and International professional bodies and trade association with Government contributing as a major user/employer of skills. It also need to move rapidly towards the creation of a de facto “certificate to practice” regime, with members maintaining inter-operable (common formats/definitions) log books of training, updating and performance, validated by course/assessment providers, employers and customers.

A Vibrant Education and Training Ecosystem

The “demystification” of cybersecurity careers is much easier said than done, given that these are probably evolving faster than the attempts to describe them.

It is probably easier to:
• describe the various roles,
• the attitudes, aptitudes, knowledge and experience they might draw on and
• how these might be demonstrated and/or acquired

It is probably that in future, as in the past, the majority of those working in cybersecurity will have transferred in from other career paths and a spell in cybersecurity may well be a stepping stone to another career path.

We need to make it much easier to assemble courses and training and assessment programmes from evolving modules which are internationally recognised,
How successful the Cybersecurity Council is crating the necessary frameworks will help determine its overall it overall success/failure.

Government (DfE as well as DCMS on Cyber)  should support (both funding and information on its own activities) clearing houses for work experience, apprenticeship and training opportunities (both local and national) and guidance on pastoral care, particularly for the neuro-diverse and returners.

Broader Cybersecurity Capability

The Government should work with the Information Commissioner and others to implement the outstanding recommendation of the Culture Media and Sport Select Committee report “Cyber Security – the protection of personal data on-line”.

“All relevant companies should provide well-publicised guidance to existing and new customers on how they will contact customers and how to make contact to verify that communications from the company are genuine. This verification mechanism should be clearly signposted and readily accessible, as with existing customer contact and complaints mechanisms.” (Para 14)

“security by design should be a core principle for new system and apps development and a mandatory part of developer training, with existing development staff retrained as necessary.” (Para 18)

“where the risks of attack are significant, the person responsible for cyber security should be fully supported in organising realistic incident management plans and exercises, including planned communications with customers and those who might be affected, whether or not there has an actual breach.” (Para 20)

“it should be easier for consumers to claim compensation if they have been the victim of a data breach. There are a number of entities (for example the Citizens Advice Bureau, ICO and police victim support units) that could in principle provide further advice to consumers on seeking redress through the small claims process. It would be useful for the Law Society to provide guidance to its members on assisting individuals to seek compensation following a data breach. The ICO should assess if adequate redress is being provided by the small claims process.” (Para 25)

“All telecommunications companies and on-line retailers, and other cyber-vulnerable organisations, should take steps to ensure that compliance with data protection rules and Cyber Essentials are key criteria when selecting third party suppliers.” (Para 26).

“Cyber Essentials should be regularly updated to take account of more recent attacks, including the need for security, incident management and recovery plans and processes for responding to cyber ransom demands.” (Para 30)

“The ICO and Cyber Essentials should publish further guidance on informing the relevant authorities and include best-practice examples of how to inform in an appropriate way those affected, in order to strike the best possible balance between protecting information that is sensitive to police investigations, whilst recognising consumer/customer requirements to be made aware of a breach that may affect them. This is particularly relevant as the EU GDPR will extend the obligation to inform consumers to all companies and organisations, not just telecommunications companies and ISPs.” (Para 33)

“escalating fines, based on the lack of attention to threats and vulnerabilities which have led to previous breaches.”. Para 18 … escalating fines for delays in reporting a breach.” and “scope to levy higher fines if the organisation has not already provided guidance to all customers on how to verify communications.” Para 34

“the attention of individuals within the organisation may be better engaged by the threat of a custodial sentence, rather than a fine for their employer.” (Para 36) “bring into force Sections 77 and 78 of the Criminal Justice and Immigration Act 2008, which would allow a maximum custodial sentence of two years for those convicted of unlawfully obtaining and selling personal data.” (Para 37)

“Companies and other organisations need to demonstrate not just how much they are spending to improve their security but that they are spending it effectively. We therefore recommend that organisations holding large amounts of personal data (on staff, customers, patients, taxpayers etc.) should report annually to the ICO on:

• Staff cyber awareness training;
• When their security processes were last audited, by whom and to what standard(s);
• Whether they have an incident management plan in place and when it was last tested;
• What guidance and channels they provide to current and prospective customers and suppliers on how to check that communications from them are genuine;
• The number of enquiries they process from customers to verify authenticity of communications;
• The number of attacks of which they are aware and whether any were successful (i.e. actual breaches).

Such reporting should be designed to help ensure more proactive monitoring of security processes (both people and cyber) at Board level, rather than reporting breaches after they have happened. Those submitting reports should also be encouraged to include such data in their own annual accounts to help give confidence to customers, shareholders and suppliers that they take security seriously and have effective processes in place. (Para 38)

“The vulnerability of additional pooled data is an important concern that needs to be addressed urgently by the Government. Part of the response could be to require enhanced security requirements and background checks for those with access to large pools of personal data.” Para 41 .

My guidance on the DCMS Report recommendations for the Main Board Directors of Computer Weekly readers is available here. DCMS and the ICO have yet to provide a substantive response but they are even more apposite now that the GDPR has come into force.

February 6, 2019  10:38 AM

A Skills Policy for the Fourth Industrial Revolution

Philip Virgo Profile: Philip Virgo
Artificial intelligence, Robotics, Skills

The pace of change in the skills in demand (as machine intelligence, now called AI, matures) is matched only by the pace of change in educational technology (using machine intelligence to transform the learning experience) and the ways we can use to acquire the new skills.

Both have overtaken the ability of our national education and training frameworks to respond and the main political parties have recognised this.

Last year the Conservatives called for inputs on Skills and Training for the 21st Century . Labour similarly called for responses to their “Learning society” discussion paper . Meanwhile an army of education “industry” lobbyists have been seeking to influence the Prime Ministers FE/HE funding review  due for publication later this month.  The Open University has just joined the Digital Policy Alliance with the aim of building on the work of the 21CN Skills Group of the Digital Policy Alliance and its allies. Last week we began the hand-over of the work I have been doing over the past couple of years to bring about change.  The “public” programme will include a high level, all-party round table to discuss the policy challenges.

I have just completed editing the first draft of a paper to help inform that discussion. The paper is very much “draft for discussion only” and is being placed in the members areas of the DPA website for comment. Given that this is not yet a DPA discussion paper and we want balanced input, I have also been given clearance to circulate copies to wider audiences. The purpose of this blog is therefore to invite feedback from a wider audience and identify those interested in helping look at the implications.

Below are some of the headlines and a summary of the key points and contents. Please contact DPA if you would like to register interest in joining to help review the draft and organise the necessary follow up studies.  Alternatively you can contact me direct.  I particularly look forward to comment on errors and omissions and, of course, from those who completely disagree with the analysis and regard me as a heretic who should be burned at the stake for not understanding academic values or business drivers.  That will be a nice change from those who say that I am really an academic at heart or a cold-blooded capitalist.

The headline recommendations for Government include:

1) Apply industry-strength market research and simulation techniques to all education and training policy initiatives to help assess the relevance of the objectives and likelihood of success.

2) Change the “target” from 50% “to go to University” to over half (including most public sector employees) to be engaged in life-long learning at graduate/post graduate level.

3) All academically or professionally accredited education, training (including recruitment) and assessment to be allowable against tax (personal and/or corporate), whether or not relevant to current employment.

4) Apprentice grant and levy scheme and other tax allowances/incentives to be extended to cover all professionally accredited training or technical/professional skills acquisition or development costs, including talent attraction, assessment, pastoral care, supervision, schools support etc.

Extracts from the preface

In 1982 I said (at a seminar on AI and Robotics for the UK Technical Press) “a single career change may not be enough in an age of fundamental structural evolution”. Today we can see the spread of annually updated professional and technician “certificates to practice” from medical consultants and aerospace engineers to other areas where proof of current competence is essential. Meanwhile digital marketing or security practitioners can become seriously out of date within months unless they spend time each week keeping up to date. A more profound problem than the supposed threat to jobs is the challenge posed by artificial intelligence to the status of academic values and the knowledge-based professions.

We have, today, a wealth of globally networked on-line materials and assessment tools (many using AI, from the simple to the sophisticated) that can enable teachers and learners to keep abreast of change, including of personal competence, motivation and performance. But our consultation and planning mechanism for setting skills definitions and standards, let alone forecasting volumes, cannot keep pace. We need to look again at policy and funding frameworks and processes that have changed little in a hundred years. We need to allow schools, colleges and universities to give teachers and pupils/students the freedom to follow good practice as it evolves, without waiting for semi-mandatory national “guidance” and funding.

Key Points

1) Analyses of the reasons for the voting patterns in the 2016 referendum and 2017 General Election indicate that, whatever the outcome of Brexit, it is no longer politically acceptable for the UK to rely on imported talent for the skills needed by employers while saddling so many voters and their children with debts they may never repay. It is little wonder that the study into FE and HE funding launched by the Prime Minister last year is taking so long. The issues go well beyond funding. The pace of change with regard to the skills in demand and our ability to use technology to help assess, educate and train raw talent have outstripped the ability of public sector policy, funding and accreditation processes to respond to the resultant challenges and opportunities.

2) At the same time the mass deployment of on-line learning, expert systems and artificial intelligence means memory and logic are losing status, as did the ability to read and write when literacy became commonplace. Basic digital disciplines (such as coding and systems thinking) change slowly, if at all, but the application skills in demand change faster than we can agree a curriculum, let alone agree academically acceptable accreditation of the knowledge and competence expected by employers and specify and deliver publicly funded courses and qualifications. The pressures pose an existential challenge to traditional educational hierarchies and academic structures, not just planning and funding processes.

3) There has been a dramatic shortening (from years to months) of the time necessary to assemble mass market or customized on-line learning programmes, many using “AI” and gamification to enable personalised motivation, delivery, practice and assessment. Skills which took months or years to master can then be acquired within days or weeks by those with the necessary attitude and aptitude. But the gap between the expected delivery standards and timescales of industry and commerce and those of academic accreditation bodies are widening, equally dramatically.

4) There are also tensions between processes (from “T” levels through Apprenticeship or Degree Standards) intended to meet the needs of specific sectors, trades or professions and the growing use of “intelligent systems” (accessing whatever body of knowledge is needed) to enable digital users to cross disciplinary boundaries. The current focus on national “standards” needs to embrace processes to facilitate customized cross-boundary skills development, mixing pre-existing and/or shared modules from an evolving variety of sources, national and international.

5) The falling proportion of the population who can now expect one career (let alone job) for life brings into question the mandatory, “league table enforced”, focus of schools on “national” curricula and examination hierarchies designed to filter pupils for “suitable” full-time University degree courses. The availability of reliable of schools broadband should be used to empower teachers to “educate” all with the basic skill and motivation for a world of modular, flexible, graduate level, lifelong “earn while you learn”, with time out to “enjoy learning for its own sake”, changing career, occupation and vocation as aspirations and the employment on offer evolve.

6) There are growing pressures on Universities and College to improve teaching and pastoral care as they compete for the student loans and apprentice funding of a shrinking pool of school-leavers. The long-term winners will be those who also work with employers (local, national and international) and sports, leisure, cultural and travel operations to offer and exploit lifelong learning activities which support freedom of choice with regard to work-life balance – from career development, through family responsibilities to post retirement “learning for pleasure”.

7) We can also see some of the older Public Schools and Oxbridge Colleges, masters of survival, involving their alumni with careers events which offer world-class globe-trotting apprenticeships, with residential periods in best of breed research centres around the world. At the other end of society, far-sighted councils are looking at the provision of full fibre broadband to social housing estates – to provide affordable access for the excluded (whatever reason) to world class education and training programmes supported by teachers based on their local school/college.


1) Turning the pace of change from a challenge to an opportunity
1.1 Tomorrow came yesterday
1.2. The pieces are in place for a world class industrial strategy for educational technology
1.3. We also need a joined-up strategy for vocational skills and employment
1.4 Both require cross-boundary co-operation
1.5 It presents challenges to traditional academic structures not just processes
1.6 Variety is the spice of life – One size will not fit all

2) Predicting the skills of the future in ways that aid meaningful decisions
2.1 Planning Consortia, Consultation and Market Research
2.2 Segmentation: from expert, through professional, technician and application to user
2.3 The shape-shifting of skills boundaries across trades, professions and disciplines
2.4 Basic attitudes, aptitudes and disciplines change slowly, if at all
2.5 Coding , robotics, systems thinking and data analytics (the basis of AI) are core
2.6 The rate of change in technician and applications skills is accelerating
2.7 Growing the talent pool
2.8 Is “digital literacy” still needed, as opposed to literacy, numeracy and social skills?

3 A national strategy based on local access to global planning and delivery partnerships
3.1 Facilitate rapid, flexible, local response within national planning/funding frameworks
3.2 Enable local access to international programmes and globally recognized qualifications
3.3 The Linage and interoperability of learning and competence modules is critical
3.4 So too is building on the bet of what already works
3.5 Enabling local access to international programmes and globally recognized qualitications
3.6 Support faster UK response cycles to emerging/changing demand
3.7 “Liberate” Universities, Colleges and Schools to serve as local, national or global support and delivery hubs in world class life-long learning, quality control and/or research networks
3.8 Change the Apprentice Levy and Grant into an Accredited Skills Levy and Rebate

4 Empowering Informed Choice
4.1 The growing range of choices
4.2 Help pupils, parents, adults and employers understand the alternatives

5 Removing the obstacles to painless change
5.1 Facilitating response to changing the economics of retrain versus recruit
5.2 Prioritise tax-free training over the “prevention of abuse”
5.3 Replace “challenges” by “funded experiments” and publicise success
5.4 Raise the status of apprentices
5.5 Link skills policy to immigration policy

6 The Action Plan
6.1 Recommendations for Employers and Recruiters
6.2 Recommendations for Education and Training Providers
6.3 Recommendations for Trade Unions and Professional Bodies
6.4 Recommendations for Central Government
6.5 Recommendations for Local Government
6.6 Recommendations for Voters

1 Turning the pace of change from a challenge to an opportunity

Accelerating technology change presents serious challenges to those seeking to plan courses and curricula in advance to meet predicted skills needs – examples include the new “T” levels. But advances in educational technology also transform our ability to develop and distribute new courses and materials to meet new needs within months, not years.

1.1 Tomorrow came yesterday
We can now see the reality of the future envisaged in the early 1980s when the Micros in Schools programme was launched and “Training for multi-career lives” was commissioned as part of project to look at the implications for society (including education) of the adoption of “Knowledge based reasoning systems” over “The Next Ten Years”. The seminar was for the UK technical press on the economic and social implications of Artificial Intelligence and Robotics for Education. This was the paper than introduced the concept that education should be the introduction to a world of life-long learning rather than a career for life and that. “status will pass to the man doing the job that no mere machine can do”.

The forecast was that:
The impact of technology on the personal service jobs, from street cleaning to street walking, will be negligible. Gardeners, window cleaners, plumbers, cooks and so on will be needed just as now.
At the other end of society, however, the changes may well be traumatic as expert systems render obsolete the book-learning and machine-like logical skills of most lawyers, accountants and consultants … the complex diagnoses that elevate the Harley Street consultant above the local general practitioner, can already be done faster and more accurately by computer. In twenty years … the general practitioner will no longer refer you to the hospital for analyses and diagnoses but will do them himself with the aid of his surgery expert systems backed by links to national epidemiological and other databases … the simple application of memory and logic which any properly programmed computer can do.

The consequent argument was both re-assuring and challenging. To quote the abstract:

Most of the basic skills needed over the next hundred years can be predicted with reasonable certainty but many of the precise trades and professions cannot. “Age related careers” is an employment strategy which can handle such uncertainty. Fundamental changes to the education system are necessary. Information technology makes these possible at economic cost. Encouragement and favourable publicity are more effective weapons of persuasion than coercion but many actions at all levels are needed if the inability of our education system to cope with change is not to deny us the benefits which the new technology is bringing to other societies.

Since then millions of jobs have been lost and millions more created as the pace of change accelerates. Today a wealth of globally networked on-line materials and assessment tools (many using AI, from the simple to the sophisticated) enables teachers and learners to transform the processes of acquiring and demonstrating both knowledge competence in new skills. These are used by employers around the world to cut the time from “learning to earning” from years to weeks.

Schools with access to full fibre broadband can transform the delivery of STEM education and careers advice, using the wealth of material already available. They are also being used to open the potential for lifelong learning in the skills of future.

Example include the commoditization of both Artificial Intelligence (many definitions and variations as the human intelligence copies/extends) and training in how to apply it. In May 2018 the University of Helsinki and a design consultancy launched an app to promote a free online “Elements of AI course. By December 2018 this had been adopted by 250 Finnish companies as part of their response to the business case for the Finnish industrial strategy to lead the world in the application of AI and over 10,000 students, 6,300 from Finland, had already graduated using the English language version).

To see more please register your interest in joining the 21CN Skills Group with the DPA  or contact me with you details.

February 1, 2019  12:55 PM

Digital Britain Needs You

Philip Virgo Profile: Philip Virgo

BT has announced plans to train another 3,000 apprentices  on top of 3,500 engineers, including apprentices, hired last year.

The announcement included an update on BT’s plans for new and upgraded training centres to train Openreach staff (announced in March last year) when the Secretary of state for Work and Pensions opened the second of the new centres, in Peterborough. The first, near Bradford, became operation before Christmas. Yarnfield (near Stoke-on-Trent) was an upgrade and expansion of an existing centre. The other new centres are Bolton, Crawley, Exeter, Livingston, Newport, Nursling (Southampton), Romford (Essex), Thornaby (Tees-side) and a centre in Northern Ireland. Three of these are due to open over the next three months. By March BT will have doubled the learning days it deliver annually to 160,000.

It expects, however, to have no capacity available to sell to others.

BT has yet to fully recover from the 50% cut in both infrastructure investment and preventive maintenance budgets in 2008. A side effect of PIA access has been a need to train thousands of engineers to, for example, inspect poles, ducts and cabling that have not been checked in years and to retrain thousands of others to handle GFast, let alone Fibre to the Premises: Openreach also announced 11 new locations where it will be building new FTTP networks during 2019 – including Bury, Barking & Dagenham, Bexley, Croydon, Greater Glasgow region, Harrow, Merton, Redbridge, Richmond upon Thames, Sutton Coldfield, and Salford. This brings the total number of towns, cities and boroughs that Openreach will be building in to 25. Those already announced are: Birmingham, Bristol, Cardiff, Edinburgh, Leeds, Liverpool, London, Manchester, Exeter, The Wirral, Coventry, Nottingham, Belfast, Swansea.

Successful applicants in England and Wales who complete 12 months at Openreach will receive a BTEC Level 2 Diploma in professional Competence for IT & Telecoms Professionals. Scottish joiners will receive a Diploma for IT and Telecommunications Professionals at SCQF Level. BT is looking for partners to help it get the programme agreed as a level 2 Apprenticeships so that it can claim its levy back!

The expansion of the BT in-house engineering workforce over the year ahead, net of “wastage” (e.g. retirement) will be about 1,600. It will remain heavily dependent on external contractors.

Meanwhile the estimated shortfall of those competent to help build in contractors, and those of its competitors, to build full fibre networks is about 15,000.

To that should be added the shortage of those competent to construct hybrid networks (cable and wireless) networks to serve multiple dwelling units and smart building complexes (from office block through to airports, business parks, football stadiums and shopping malls to Universities science parks).

The Digital Policy Alliance meeting on 21st January to address the shortage of Digital  Infrastructure Construction Skills to which I referred in my previous blog  was fully booked, action packed and off-the-record. By the end February I expect the participants to ready for a formal announcement of the actions that were agreed and their implementation plans. In the meantime I have been asked not to steal their thunder.

The plans cover most, but not yet all of the actions identified on November 26th. The main exception is co-operation on talent acquisition programmes. For example – how do we get the message to physically fit youngsters who balk at the idea of £50 – 60,000 of debt and no job in prospect, but are willing to get out of bed early in the morning, whatever the weather, to train for their chosen sport and also willing and able to get a driving license (if they do not already have one) that they can be earning £40,000 within the year. More-over they can be on the bottom rung of a hybrid career path (via degree-linked apprenticeships and other training programmes) towards building, maintaining and exploiting the digital infrastructure of the future. And they are likely to be paid, at each stage of that career rather more than those who began with £50 – 60,000 of debt.

That message will not go down well with schools dependent on the funding that goes with 6th formers. It will not go down well with those Universities who are not already making the transition to working with employers on degree-linked apprenticeship. But is a reflection of the changes of status that go with the 4th Industrial Revolution

Please contact the Digital Policy Alliance  if you would like to join the group to co-operate on talent acquisition programmes (from teenagers, through armed forces veterans and the under-employed to those returning to work force) and the organisation of local skills partnerships and training facilities to meet you own needs.

Also make contact if you would like details of what was agreed on the 21st January and the implementation plans as soon as these are agreed for announcement.

December 29, 2018  8:39 PM

Addressing the shortages of construction skills that threaten Broadband Roll-out

Philip Virgo Profile: Philip Virgo
BDUK, Carillion, DSS, Gigaclear, Hyperoptic, idea, Liberty Global, Uncategorized, Virgin Media

Problems with quality, not just quantity threaten to derail full fibre roll out as they did cable TV roll out 25 years ago.

Over the past couple of years broadband roll-out projects (BT, Virgin, City Fibre etc.) have become increasingly delayed because of shortages of relevant construction skills. The current excuse for these is Brexit but the current problems began when BT restarted investment after receiving BDUK funding. They are similar to the quality problems which derailed the roll-out of Cable TV in the 1990s and lost the shareholders’ investments as the industry “consolidated” and NTL and Telewest went into Chapter 11. Sub-contractors, many from Eastern Europe, did not have the competence they claim. They damaged other utilities, destroyed gardens, killed trees, failed to correctly reinstate roads and pavements and angered local residents and potential customers. The consequent hostility led to delays in getting approvals for construction and the cable companies ran out of funds before achieving critical mass. But for local loop unbundling the rump of the industry would probably have been bought by Sky for £1 instead of salvaged for the US Bondholders by Virgin Media and sold on to Liberty Global.

The UK skills base imploded after Local Loop Unbundling.

Then local loop unbundling destroyed the business case for the BT 21CN programme. This led to the decimation of BT’s in-house engineering teams, to savage cuts in spend on outside contractors and to a decade long standstill in external infrastructure investment. By the time the BDUK funds began to flow the skills had emigrated to build networks around the world leaving behind neither a pool of new generation telecoms construction skills nor a talent pipeline.

And the collapse of Carillion compounded the problems

Then, at the point demand for network construction skills began to recover, the collapse of Carrillion  delivered a double whammy. BT and its network construction suppliers (like Fujitsu) had contracted much of the civil engineering work to Carrillion – which had, in turn, hoovered up much of the UK construction industry and dominated its supply chains. The latter imploded in chaos at that same that those with dual source contracts with its competitors, like Telent  wanted to use them to plug the gaps left by Carillion. The BT response included plans to recruit and train 3,000 new “engineers” to meet the needs of Openreach but, in the period before setting up the ten new training centres announced three months later, work on BDUK contracts inevitably slowed.  The delays with the Gigaclear full-fibre roll-out across Devon and Somerset also began with the collapse of Carillion. A take-over of the next contractor delayed matters further and Gigaclear had to be refinanced to cover further cash flow delays while expanding its in-house workforce and training programmes.  About this time Virgin Business Media began planning its apprenticeship programmes and City Fibre had to refinance its expansion plans on less generous terms than those expected by shareholders at the time of its most recent rights issue .  Meanwhile those serving multiple dwelling units, like Hyperoptic and Community Fibre were also setting up their own training operations. Those planning to rely on existing civil engineering sub-contract supply chains face increasing problems as competition for suitable trainees, let alone experienced contractors, increases.

There is a view that Brexit will make matters worse but the use of supposedly skilled Eastern Europeans has been part of the problem. The skills to build robust full fibre, wireless or hybrid networks are in short supply across the EU as the roll out of 4-5G infrastructures accelerate. Those genuinely competent can earn more in, for example, Germany. Those not competent bring their employers into disrepute – compounding problems with agreeing timely access, wayleave and streetworks and causing expensive remedial work. Their streetworks IDs can be based on certifications from centres where no-one who paid the fee failed the course. We have demonstrable free movement of the incompetent because the blacklisting of those demonstrably incompetent is no longer legal and there are no common processes for registering employer-validated log books of past performance.

Current plans to rebuild the UK skills base do not yet address the inherited quality problems, let alone the changes in skills for building new converged fibre (backbone) and wireless (fixed and mobile) networks. And little is being done to create pipelines for the skills to roll-out and exploit  the smart infrastructures of the future. In consequence when, last July, I was asked to speak to the UK Fibre Connectivity Forum on Digital Infrastructure Skills we had a glut of would-be infrastructure investors because shortages of the construction skills to turn planning into cash flow had led to an implosion of credible investment opportunities.  Today a growing number of  local authorities are dreaming of becoming smart cities or counties but unless they are also planning to help contractors recruit and train those to build the infrastructure, (as well as working to provide easy access to highways, wayleaves and anchor tenants) their Council leaders are likely to have retired before construction begins.

My presentation on skills standards, paraphrased here  followed one on the Local Full Fibre Roll Out programme. The DDCMS presenter confirmed that the Skills to deliver the programme was now their main concern. They felt the Barrier Busters now had credible plans for addressing the other issues. In October the Broadband Stakeholders Group organised a round table with the DDCMS Skills Barrier Buster and the Treasury Digital Infrastructure Team and a cross section of  network operators and construction companies. This led to a consensus that IET (not present though a number of participants were members), be asked to look at the standards and quality control problems, particularly the practicality of creating registers of competence.  A couple of weeks later I was being chased by DDCMS over progress and was able to say that I planned to use the session on barriers to broadband roll out at the INCA 2018 Conference  to summarise progress and invite delegates to help. By the time of the INCA event I was able to announce a DPA round table on 26th November, hosted by the Digital Skills Solutions team of Newham College. Newham College not only turns inner-City NEETs into digital apprentices for the major employers in City of London (working with City and Guilds, CompTIA, Microsoft, Samsung et al) it has also been chosen as the GLA Construction Academy. It was thus an ideal host for bridging the gap at the hart of the Digital Infrastructure Skills problem.

Creating coalitions of the willing to meet the needs of their supply chains as well as themselves

That round table on 26th November was unusual in many ways – including both venue (the London Fashion and Textile Museum happens to be administered by Newham College and the creative industries are massive consumers of bandwidth at the heart of the digital world) and format. It brought together planning and personnel directors from network operators and construction companies alongside the chief executives of training provider and Local Government broadband champions and Economic Planning Directors. The interplay revealed the gaps in understanding that have bedevilled thinking to date  For example – a driving license is a now mandatory pre-condition for more trainee posts than a digital qualification. Think about it. Most of Uber generation of urban teenagers does not bother to learn how to drive because they cannot afford the insurance, have nowhere to park and perceive no need. But construction workers and service engineers  need to drive a van to get themselves and their tools to the customer site and most of the “paper work” can be handled over mobile phone – no need for a lap top and “digital skills”.

They participants identified a series of potential action plans (see below) capable of delivering scalable solutions within months, not years.

Even more important, several of those present had agreed action plans before they left.

Within a fortnight the IET had hosted a meeting with DSS, City and Guilds and the Chief Executive of the Highways Electrical Association to look at how to crack the quality control problem with existing streetworks registers and also host co-operation on talent acquisition and modular training delivery programmes. They plan to present possible solutions (which builds on existing inter-operable log-book standards) to employers on 21st January with the aim of piloting implementation within the quarter. Invitations are being sent using the list assembled for the embryonic Digital Policy Alliance Digital Infrastructure Skills Group. Click here for an invitation to ask to register as a prospective member and/or ask for background information. I suggest you also ask for me to be informed because I will be serving as an advisor until I retire (again!) at Easter.

Summary of the current situation as identified on 26th November:

1. Shortages of the basic civil and electrical skills to competently and safely lay cables alongside/under roads and pavements and reinstate surface threaten to inflict delays on full-fibre roll-out programmes akin to those which derailed the roll out of cable TV. There are similar shortages and quality problems with regard to installing cabling in multiple dwelling units,

2. Most of the skills in immediate shortage are not “digital”. More-over they can be acquired inside 2- 3 months, using short modules interspersed with on-the-job experience by physically fit trainees who have (or are able to acquire) a driving license. “Pop – up“ training facilities to deliver the modules necessary can supposedly be created at a month’s notice, given suitable premises and paying customers. Most network construction is planned 12 – 18 months in advance.

3. The shortages arise primarily because commercial confidentiality regarding the roll-out plans of the network operators means that construction contractors cannot pre-plan recruitment and training and training providers cannot pre-plan the necessary modular delivery capacity.

4. The problems with talent attraction arise largely because careers advice, whether for school-leavers or armed forces veterans is geared almost entirely towards acquiring class-room based qualifications. “Building the physical/digital infrastructure of the future” does not feature as a career path. Potential recruits are not made aware of the opportunities on offer to “earn while they learn in the open air”. Current funding mechanisms which require 20% of working hours spend in off-the-job learning do not help. Nor does the inability to charge recruitment and selection costs against the levy.

5. There are issues with the provision of standards, training modules and practice facilities with regard to some modern network construction techniques. There are also issues to do with the assembly of modules and work experience into apprenticeships to enable training costs to reclaimed against the levy. This is now paid by most network operators and construction companies and almost none have yet been able to reclaim. These problems overlap with those faced by employers in other industries.

Summary of the Actions Needed:

1 Create registers of demonstrated technical competence, based on existing qualifications (updated as necessary) to provide the evidence missing from the Streetworks Qualifications Register . These might build on the Highways Electrical Association  and other professional/trade association, log books such as City and Guilds Digital Me (which shares the Open Badge Standard with players like IBM and Microsoft)) and/or programmes like iDEA (to draw in NEETs and others).

2 Organise talent attraction, acquisition and development programmes to meet shared needs, both short and long term, using existing processes and standards. National and local campaigns and competitions offering work experience opportunities to pupils and students might be organised with JISC and the Grids for Learning to convey messages and materials to not only schools and colleges but those commonly left out of such exercises, from youth groups and those in care as well as to under-employed adult communities.

3 Share information on forward needs with current and potential training providers and plan modular delivery when and where needed. The aim here would be to bring Local Authorities and FE College serving communities where broadband roll outs are planned alongside network builders, contractors and commercial training providers to remove risk by organising joined up local recruitment and training to meet known needs.

4 Identify those willing to work together on the longer term career development and skills delivery plans to plan, build, maintain and exploit the Smart (including secure, resilient, inter-operable fix and mobile 4/5G) infrastructures of the future.

Context for the possible action plans – both problem and opportunity – summarising some of the points made in discussion on November 26th:

1 How do we fit skills in short supply, which can be mastered inside with days of weeks by suitable trainees who can be productive from day one, into current skills frameworks?

A wide range of skills are needed and there are many career paths but the skills in immediate shortage are those at the bottom. These can be used to get trainees revenue earning from the very start, before either side commits to a longer term training programme or apprenticeship. They include basic streetworks (e.g. digging trenches, laying cables and reinstating road surfaces) or safely installing cabling in buildings (e.g. cutting through and reinstating fire resistant barriers – not leaving the building vulnerable both inside and outside like the Grenfell Tower). In many cases trainees can be “productive” from day one – shadowing and learning from a skilled operative on tasks which require a second person for safety purposes only, e.g. to watch for traffic).

Most of the subsequent technician skills can be acquired in short modules (e.g. to use complex equipment or plan operations) interspersed with supervised practice. Few require significant periods of off-the-job training – as opposed to the on-site or evening use of distance learning materials, simulations and assessments to acquire and demonstrate understanding of background knowledge.

Unfortunately most current public programmes are unattractive because they mandate periods of off-the-job training (20% is mandatory on apprenticeships) which are not relevant to most of the skills in current shortage or modern industrial and commercial training practice. Why should apprenticeship levy payers be pre-cluded from spending their levy on more cost effective ways of developing basic skills among those who may later proceed up the skills ladder?

2 How could/should we address known problems of quality control with the certification of supposed skills, including those claimed by immigrants, whether from EU or elsewhere?

Problems with unskilled staff, often with limited English, whose competence does not match that indicated by their Streetworks ID cards, exacerbates conflict with Local Authority Highways Departments and property owners and tenants and complicates the implementation of Streetworks Guidance or compliance with building regulations. There may, or may not, be a need to update the qualifications/certifications which these record but there is a clear need to record the competence and/or conduct shown in the work place, using employment log books and registers that can be checked and validated by future employers. There are a number of industry registers for electrical staff which could be used as the basis for shared registers which also cover streetworks and  intra-building skills. A growing number of certification bodies offer similar services using global standards for inter-operability (e.g. City and Guilds, Digital Me ).

Action: identify those interested in working together to produce shared/inter-operable employment records/log books using the “Open Badge” standard https://openbadges.org/ or similar pending reform of the Streetworks and/or other statutory registration programmes.

3 How could/should we work together, with who, to attract suitable trainees.

Current mainstream careers advice and activities are almost entirely geared towards routing youngsters to University and/or semi-academic FE qualifications with digital literacy (commonly using Microsoft and Google products and services on laptops) for the socially excluded (whether excluded for mental, physical, legal or cultural reasons).

Almost no attention is paid to the “physically fit but non-academic” and/or those who wish to work with their bodies as much as their minds (unless they wish to follow sporting careers). Even less is paid to those who prefer working outside – even though it can pay considerably more for those who do not reach consultancy, managerial or professional level in their chosen careers. Traditional prejudices are reinforced by the league table motivations of schools and teachers.

A pre-requisite for many infrastructure construction posts is a driving license for a van and (often) equipment trailer. Fewer urban teenagers in the “uber generation” learn how to drive Either they do not see the need, or they cannot afford the insurance, (more of a problem than the driving lessons or cost of an old, but roadworthy, car). There are few, if any, public or employer funded training programmes, other than for would-be bus and lorry drivers. There is a common view that such skills will be made redundant by driver-less vehicles but “digital skills” (alias use of current office systems) as opposed to “coding for all” (using raspberry pi  and microbit to develop abstract and applied logic and engineering skills), are already becoming redundant.

We pay lip service is paid towards social inclusion while failing to address the practical problems with attracting and/or supporting those from problem families, coming out of care, young offenders institution, prison or the armed forces. DWP insists that the timing and other gaps between loss of benefits (including by other members of a family where no-one else is in work) and earnings be treated on a case by case basis. In practice this presents almost insurmountable problems. Meanwhile recruitment costs, work experience and selection costs (let alone pastoral care costs) cannot be offset against the apprenticeship levy. Employer provided/supported accommodation is not only not reimbursable but is additionally taxed as a benefit in kind. By contrast most Universities now have programmes to support those from disadvantaged backgrounds doing full time degrees.

The first need is to produce careers messages, materials and events that will be attractive to the target audiences and will still be used by teachers and careers advisors. The key headline message for generation Uber might be: “Earn good money while you learn how to build, maintain and exploit the digital infrastructure of the future and widen your career choices” – with a clear sub-text that a physically fit recruit (any age from 20 – 60), willing to work in the open air, with no qualifications other than a driving license and the ability to use a mobile phone can be earning £20 – 25,000 (plus bonus) inside three months, with all necessary training (perhaps including to acquire the driving license!) paid for by the employer. Employers need to also show that their work placements are not charity but extended “interviews” for places on career paths that lead (including via subsequent training programmes, including apprenticeships, degree-linked or not) to the management of complex network installation programmes as well as a kaleidoscope of other opportunities building, maintaining and exploiting the smart utility infrastructures of the future.

But careers materials have to be used. We also need to identify channels and organise campaigns to promote those materials and events to those who will benefit most and/or bring most to the participating employers. These include e.g. physically fit NEETs of all ages, those trapped indoors with jobs they do not enjoy (or in prison), armed forces veterans and others used to organisational challenges or who enjoy the out-of-doors team-building exercise more than the day job. These might include working with high status groups like the City Livery Companies to exploit links with groups like Barnados, Founders4Schools, NSPCC, Placer, Veterans Associations, YMCA etc. DDCMS should also be asked to close the loop with MoJ plans to improve prison training and release programmes..

Action: Identify those employers and training providers interested in working with the Grids for Learning, National Charities, Local authorities and others to organise and publicise work experience opportunities, recruitment materials and events to attract suitable recruits from target audiences in relevant travel to work areas.

4 How could/should we set about overcoming the problems of commercial confidentiality and competition policy which get in the way of predicting demand (numbers and location) with sufficient accuracy to reduce the risk of organising supply.

There is much confusion over the scale and nature of the skills in current and prospective demand. BT is seeking thousands of contractors as well as a new generation of in-house skills. Others are scaling up from dozens to hundreds of new engineers per month or quarter. Some of the demand is because of problems with previous contractors. Some is genuinely new.

The techniques used for most publicly funded skills forecasts use definitions which are of little, if any, practical value to those planning course content, location or capacity. There appears to be no reliable data on how many skilled individuals are currently needed, where, or by who – let alone those who will be needed in the future to deliver the plans being worked on confidentially. This need not be so. Network builders commonly know their plans, expectations and aspirations over the next two to three years and most of the necessary training programmes can be organised at three months notice by the private sector. I will not comment on the problems to do with public sector planning/funding cycles. I am running late in producing a separate paper on these.

For reasons of commercial confidentiality the forward roll-out plans are rarely conveyed to construction contractors, training providers or recruitment agencies in time to enable the latter to also plan ahead. There is similarly little linkage between those planning 5G and smart products, technologies, buildings and/or cities and those who should be planning now to provide the necessary skills modules. [see also my blog on the IET plans in this space].

The aim should be to enable processes to bypass commercial confidentiality and enable local authorities, trade associations and others to collate demand based on collating the forward manpower plans and budgets of those intending to service their locations. Where this is not practical, analyses of current and planned recruitment advertising, like those produced by Burning Glass for Comptia and/or local authorities in the UK have been consistently better at identifying trends in demand but are of limited value in looking ahead.

This is, however, a poor second best to enabling network planners, local authorities, product developers, human resources directors (various titles), training providers and recruitment agencies to share confidential information and facilitate investment in rapid-return pop-up training facilities which have the potential to grow into facilities to meet long term evolving needs – as tangible demand emerges from the fog of forecasts.

The second, overlapping but different, need is to assemble a group to similarly work with technology and equipment suppliers, would-be smart local authorities, professional bodies and skills providers to plan ahead for the skills needed to build, maintain and exploit the inter-operable, critical infra-structure utilities for a smart (5G etc.) world. This should link to the IET work to produce guidance on standards, inter-operability, planning, procurement and skills issues for a 5G/Smart world. [see link above]

• Identify leadership team and invite participants (and others to be identified) to form a subgroup to agree what forward short-medium term planning information they are willing to share, with whom and to identify who else they would like to invite.
• Identify leadership team and invite participants for a longer-term planning exercise

5. Addressing the problems of reviewing and implementing current/proposed apprenticeship frameworks, including delivery and support, within current frameworks

There is much confusion with regard to what can and cannot be done using existing and planned apprenticeship and other skills frameworks and these are known to be under review, with political pressure for further change under way.

The problems are generic, apply to all industries and date from decisions by DfE officials to by pass the Sector Skills Councils. The solutions are also generic and will undoubtedly form part of the recommendations from the Prime Minister’s review into the Funding of Further and High Education. The means change will be delayed, perhaps indefinitely, while some of the UK’s most powerful interest groups fight to preserve their century old funding structures and way of life. Hence the reason so many in industry thought it easier to import talent than to sort out the UK education and training system.

Given the likely timescale for such fundamental change, it is more productive to identify what can be achieved by expanding delivery using already approved standards and suppliers, creating partnerships to increase throughput and serve additional locations as necessary. In parallel we should be to look at how these can be used to attract recruits for pre-apprenticeship work experience programmes and/or to look at new standards where necessary. This will also facilitate incremental change as students and parents are enabled to take better informed decisions rather than being herded towards debt funded full time degrees and the economic serfdom that follows.

Action: identify those interested in working on which apprenticeship standards, including those willing to work with BT on the Level 2 Trailblazer group which they are chairing.

Other longer term actions should then include:

• Publicising and replicating good practice in the provision of world-class local training access, when and where needed, including in co-operation with local authorities, Colleges, Universities, LEPs and others planning provision for the jobs of the future.

• Working with others across industry and political boundaries to secure action at whatever level necessary to improve current skills and apprenticeship frameworks so that they are fit for purpose and economically/socially sustainable.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: