{"id":604149,"date":"2023-02-03T07:49:20","date_gmt":"2023-02-03T13:49:20","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/02\/03\/security-think-tank-getting-the-training-and-development-mix-right\/"},"modified":"2023-02-03T07:49:20","modified_gmt":"2023-02-03T13:49:20","slug":"security-think-tank-getting-the-training-and-development-mix-right","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/02\/03\/security-think-tank-getting-the-training-and-development-mix-right\/","title":{"rendered":"Security Think Tank: Getting the training and development mix right"},"content":{"rendered":"<div id=\"content-header\">\n<h2>Rob Dartnall, CEO at SecAlliance and chair of Crest\u2019s UK Council, describes the need for formal, varied and continuous development in the cyber security sector<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Rob-Dartnall-SecAlliance-CREST-CW-contributor.jpg\" alt=\"Rob Dartnall\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Rob-Dartnall\">Rob Dartnall,<\/a><br \/>\n\t\t\t\t\t\t<span>SecAlliance<\/span>\n\t\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>02 Feb 2023<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>What training do we need to provide to cyber security professionals to keep them ahead of the bad guys? And how do we retain <a href=\"https:\/\/www.computerweekly.com\/resources\/IT-technical-skills\">talented security professionals<\/a> in such a competitive recruitment market? These two important questions may seem different, but they are intrinsically linked. Both are connected to the statement we always hear at the start of a vendor pitch: \u201cThe cyber threat landscape is continuously evolving.\u201d<\/p>\n<p>The truth is, we rely on the fact that we work in an industry where a significant percentage of the workforce comprises highly driven, motivated individuals who finish work and then often sit and create, or try out, new tools. They investigate new sources, <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/tip\/Ethical-hacker-certifications-to-consider\">compete in \u2018capture the flag\u2019 events<\/a> and debate in online forums. But this is not possible for all due to a myriad of reasons.<\/p>\n<p>This level of dedication and constant casual learning can also make the career transition path pretty scary for some. Keeping up with innovations, technology and the ever-changing threat landscape is certainly daunting. However, there are now some fantastic resources available, many free, for cyber security professionals to train more easily and hone their skills, with certified proof.<\/p>\n<p>One of the most important things we need to do as an industry is create the time, space, environment and budget to enable talent to continuously improve. Where some industries push continuous development for people to become more senior or certified, we in cyber security must also do this \u2013 because \u201cthe cyber threat landscape is continuously evolving.\u201d<\/p>\n<p>Personally, I love resources like <a href=\"https:\/\/www.immersivelabs.com\/\">Immersive Labs<\/a> and <a href=\"https:\/\/www.hackthebox.com\/\">Hack the Box<\/a>. Why? Because they can quickly reflect the real threat landscape, with practical labs that can test both defensive and offensive skills against the newest techniques, quickly aligning an individual\u2019s skills with real life situations.<\/p>\n<p>Many of these platforms also align to career development and certification pathways \u2013 so the work is mostly done for us. That said, variety is the spice of life. There will always be a place for classroom-based, tutor-led, intensive training.<\/p>\n<p>It is about getting the right recipe for the individual, which also helps with retention.<\/p>\n<p>The psychological construct of the average cyber security professional means they put a lot of weight on their employers caring about their training, knowing they have a dedicated training budget and a detailed training plan set out for them. The more effort we put into our talent\u2019s training and development plans, the more effort they will put into the role and our companies.<\/p>\n<p>This does not have to cost the earth.<\/p>\n<p>A training plan should not just contain big, expensive courses, but subscriptions to platforms, academies and even free online tutorials and webcasts, for example. Training offerings should not be a \u2018one-type-suits-all\u2019 scenario, we must be mindful that different people learn in different ways, and everyone benefits from variety.<\/p>\n<p>While lab-based training, such as HTB and Immersive, has driven cyber security skills of late, and certification bodies such as Crest have made sure these skills are used in a safe, professional, ethical and legal manner, for the future, I am excited to see what virtual and mixed reality <a href=\"https:\/\/www.computerweekly.com\/news\/252491299\/Accidental-heroes-How-one-scaleup-pivoted-to-cyber\">can bring to cyber security training<\/a>.<\/p>\n<p>Some of us are highly visual or auditory learners. Labs where we can learn with the help and support of friends or strangers, pointing at visual representations of networks and network traffic, will bring a whole new understanding and possibly even new people to our industry. This will also fuse the separation between classroom, tutor-led training and practical labs.<\/p>\n<p>Also interesting is the evolution of <a href=\"https:\/\/www.computerweekly.com\/microscope\/opinion\/Can-ChatGPT-revolutionise-cyber-security-for-good-and-bad\">AI-based chatbots<\/a>, many of which have hit the news recently. There is the opportunity for these bots to act as tutors and \u2018sounding boards\u2019. This allows for students to ask questions, clarifications and seek advice, for example with script and ruleset development.<\/p>\n<p>Overall, the training environment in cyber security is strong and continues to develop. What is more important is making sure individuals have the time, support, plan and budget to make it happen. Want to retain staff? Do the above. Want to be ahead of an evolving threat? Do the above.\u00a0 Want to do the right thing about the individual and the industry? Then do the above.<\/p>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Security policy and user awareness<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/news\/252528298\/Finnish-government-launches-information-security-voucher-scheme\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/Brazilian Portuguese\/BRPT_HeroImage_Security_4_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/Brazilian%20Portuguese\/BRPT_HeroImage_Security_4_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/Brazilian%20Portuguese\/BRPT_HeroImage_Security_4.jpg 1280w\" alt ><\/p>\n<h5>Finnish government launches information security voucher scheme<\/h5>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/252523494\/SBRC-to-administer-NCSC-training-across-Scotland\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Scotland-Edinburgh-city-panorama-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Scotland-Edinburgh-city-panorama-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Scotland-Edinburgh-city-panorama-adobe.jpeg 1280w\" alt ><\/p>\n<h5>SBRC to administer NCSC training across Scotland<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/252521418\/Qatar-bolsters-cyber-security-in-preparation-for-World-Cup\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/football-stadium-1-fotolia_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/football-stadium-1-fotolia_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/football-stadium-1-fotolia.jpg 1280w\" alt ><\/p>\n<h5>Qatar bolsters cyber security in preparation for World Cup<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineImages\/brans_pat.jpg\" alt=\"PatBrans\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Pat\u00a0Brans<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252518039\/Cyber-accreditation-body-Crest-forges-new-training-partnerships\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/exam-training-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/exam-training-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/exam-training-adobe.jpg 1280w\" alt ><\/p>\n<h5>Cyber accreditation body Crest forges new training partnerships<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/opinion\/Security-Think-Tank-Getting-the-training-and-development-mix-right\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Arden Center<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rob Dartnall, CEO at SecAlliance and chair of Crest\u2019s UK Council, describes the need for formal, varied and continuous development in the cyber security sector By Rob Dartnall, SecAlliance Published: 02 Feb 2023 What training do we need to provide to cyber security professionals to keep them ahead of the bad guys? And how do<\/p>\n","protected":false},"author":1,"featured_media":604150,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,46,1267],"tags":[],"class_list":{"0":"post-604149","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"category-technology","9":"category-think"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=604149"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604149\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/604150"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=604149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=604149"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=604149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}