Cybersecurity training - The customisable approach

Date: 
Friday, 17 April, 2020

As we have covered before on this website there are many different approaches to cybersecurity training.

The problem with traditional learning is it doesn’t prepare trainees for the job they’ll be doing and it is usually based on a “one-size-fits-all” approach. This traditional approach while better than nothing isn’t ideal, because it doesn’t adequately replicate what the trainee will be dealing with in its day-to-day work. For most organisations indeed, investing in cybersecurity training not only depends on internal factors such as capacity and financial resources, but also on the ‘fit’ between training demands and the training offer.

The UK cybersecurity skills survey conducted by Ipsos Mori at the end of 2018, found that businesses not only had “insufficient access to basic expertise”, but also experienced “high-level technical skills gaps”. This, therefore, has knock-on effects for how best to train organisations in cybersecurity, on one hand in terms of raising awareness and preparing the different profiles of an organisation, on the other hand in terms of developing the real-world hands-on skills required to combat today’s cyber threats.

Organisations today demand focused and real-case exercises and lessons that can help their employees to use the skills learnt through the training program to help protect their organisation. This is where the CYBERWISER.eu suite of training services come into play. Thanks to its risk-centred approach CYBERWISER.eu, is training both users with little knowledge of cyber risks and their socio-economic impacts, and users who are familiar with cybersecurity and want or need to attain a higher level of skill. Combining both theoretical and practical approach to cybersecurity with innovative features, including a cutting-edge cyber range (a simulated environment of cyber incidents and attacks) CYBERWISER.eu allows both IT professionals and non-technical staff to hone and evolve their skills and prepare for future real attacks.

This is offered through the project’s Open Pilot Stream, which allows organisations of all size to build their own training path in terms of the sequence of learning modules, classrooms, validation tests, and cyber range exercises that allow the trainee, if successful, to achieve their competence goals. The trainer can define the specific training pathway required by a trainee group and thereby customise the learning experience to their particular needs. This mixed or customisable approach to training not only builds towards users’ practical needs but also democratises cybersecurity among SMEs by making it economically affordable. According to the Cybersecurity workforce study 2019 from the training and certification body (ISC)2, the cybersecurity skills gap was most marked among small companies with less than 100 staff or large ones with more than 500.

It is currently available for organisations that are willing to enjoy a fully-paid-for pilot, owing to the Innovation Action currently co-funded by the European Commission. For more information on these freely available “Open Pilots”, click here