Stay ahead of cyber threats with effective cybersecurity training
According to the ESG brief: 2017 Cybersecurity Spending Trends, 45 percent of organizations claim to have a problematic shortage of cybersecurity skills. Another ESG report, The Life and Times of Cybersecurity Professionals, reveals that 27 percent of cybersecurity professionals say that the cybersecurity skills shortage has had a significant impact on their organizations.
Training a capable IT staff to keep their network secure and running amid a growing threat landscape is a business imperative. Here’s a look at what executives need to keep in mind to increase the security posture of their organization through cybersecurity training.
Training needs to be a leadership discussion
Security training should not merely be a checkbox item. It needs to come from the top and with emphasis. The CISO (chief information security officer) is responsible for the company’s security, so the mandate needs to come from that office and be supported by all of leadership, including HR. If the top is committed, this will resonate through the rest of the organization and have a more productive effect.
Know your needs and your options
Obviously, an organization is not going to train every employee in the same manner and depth. Non-technical employees may require education and awareness to increase vigilance. This can be accomplished through newsletters, informational sessions and tests of malicious email scenarios. HR can be enlisted to help, placing posters on bulletin boards and other distribution points.
IT teams, on the other hand, will require training in network management, use of existing tools, vulnerability assessment and incident response, among others. Certification programs are helpful for ensuring that employees or contractors possess a higher level of skill and expertise. These can be obtained for all levels of expertise from training institutes, and courses can be taken online or in a classroom setting.
Technology vendors also offer programs to certify that employees are proficient with their solutions and know how to gain maximum value from their use. Vendor training is often available in a variety of formats, including recorded sessions and hands-on labs.
Many certification programs are offered online, in an on-demand fashion. This provides employees with the flexibility to complete the course work while still meeting the critical demands of their job.
Cyber ranges help train teams for incident response and provide hands-on practice in safe, sandboxed environments. Inspired by government and military ranges, use of these are on the rise in the private sector as they as they mimic real-world events and scenarios in a lab environment. Participants train in both offensive and defensive measures and learn how to evaluate situations and apply the correct policy and response for specific attack situations.
When considering a cyber range for their organization, a CISO should closely evaluate if it’s appropriate and if the types of training available will deliver ROI. Just like there is no need to send someone to a NASCAR driving school when simple drivers’ education is all that is required; for an enterprise not responsible for critical infrastructure or a public utility, such as a power grid, water supply or an air traffic control system, some of the exercises offered by cyber ranges may go above and beyond what IT teams need to know. Also, keep in mind the expenses involved when sending a team to a cyber range, an already lean staff will be stretched even more while they are away.
Some enterprises are implanting their own virtual training labs to teach their teams how to respond to specific situations, like a ransomware attack. These environments allow participants to train in safe, accurate replicas of their actual IT infrastructure. Scripts can be injected enabling employees to respond to real world malware attack scenarios. Remote access eliminates the need for travel, and employees can quickly return to their regular tasks when the training is over.
There are many options available for IT teams to make sure they are receiving the latest training and information on dealing with today’s security threats. Close consideration needs to be given to which choices would best support the business’ needs and goals, while working with the team’s available resources and budget. Careful planning and assessment as to what levels of training are appropriate for various personnel can better ensure that an organization will be more prepared should they endure an attack. Most agree that today, it’s no longer a matter of "if" but "when."
Zvi Guterman is co-Founder & Chief Executive Officer at CloudShare. He co-founded the company in 2007 and previously co-founded and served as CTO at Safend, a leading endpoint security company, and performed as a chief architect in the IP infrastructure group of ECTEL, a leading provider of monitoring solutions for IP, telephony and cellular networks. Zvi is a recognized security expert, lecturing at conferences worldwide, and holds a PhD in Computer Science from Hebrew University.