Many organizations have learned the hard way that cybersecurity means more than strong passwords and firewalls. From political campaigns to big box stores to restaurant and hotel chains, many well-known data breaches happened because employees lent the hackers a hand. Email links were clicked, malware went undetected, and credentials were lost.
No wonder more businesses are examining their cybersecurity training approaches, or in some cases, the lack of them. As they do, they’re probably finding that it’s not as simple as knowing you need to conduct cyber training. There’s a lot to consider, from cost, quality and type to who to train and how to train them.
To further understand this state of affairs, Raytheon Professional Services (RPS), in conjunction with Cybersecurity Insiders, recently conducted a survey of hundreds of cyber professionals, working at all levels of their organizations. Here are three takeaways from the survey to consider when looking at upgrading your own organization’s cyber training:
Tailored, Third-Party Training
The days of one-size-fits-all training should end. According to 70 percent of the surveyed experts, it is very important that cybersecurity training be tailored to their specific needs. And, even more (80 percent), say it’s important that the training provider offers training infrastructure, facilities, and hardware to include range and lab equipment. Such tailored training can also range from online to self-paced and instructor-led classes.
This means that professionals recognize the value of customized, technology driven solutions provided by third-party training experts like RPS. It’s probably why more (45 percent) prefer a third-party expert instructor/service provider over an in-house trainer (38 percent).
Be Open to Change
The biggest challenges to cyber training identified in the survey were lack of employee time, budget, lack of employee and executive buy-in, and the absence of suitable training programs. In addition, the cost of training was said to be a bigger factor than quality when choosing training. It doesn’t have to be like that.
Consider in-house certification programs and mandated learning that ensures employees aren’t falling behind. View training time as increased security and capabilities for tomorrow instead of lost productivity today. Institute a culture of compliance, where security is viewed as something to take pride in. And while budgets are tough, you cannot afford to be short-sighted and put everything at risk. Just be focused and choose wisely. Go for a reliable and fairly priced training solution that fits your actual needs.
Turn Training Into a Turnpike
Speaking of cost, cyber training does return dividends in other ways. For technically skilled employees, it can be a highway to a better future for both themselves and the company: 71 percent of those surveyed said they want to gain new cybersecurity skills because of the rapidly changing technology and threat environment.
Even more, they said they have the desire to obtain formal education credentials including certificates (50 percent), improve their career prospects (44 percent), earn credits toward certification (37 percent), earn formal cybersecurity degrees (35 percent), or enter the cybersecurity field (31 percent).
So what could this infusion of skills mean for your organization? More experienced, better trained and motivated employees working hard to keep your information secure well into the future.
How would you change the cybersecurity training at your organization? Do you have other ideas? Or are you interested in an expert partner that can deliver high-tech, tailored solutions? Start a conversation in the comments below or connect with us at @RaytheonRPS using the hashtag #CybersecurityTraining.
To learn more, visit our Cyber Security Training Solutions page on RPS.com.