The Role of Team Training in Cybersecurity


Posted on

These days, few things trigger more insecurity than cybersecurity. The threat landscape continues to grow, attack methods become more nefarious and the collateral damage from assaults keeps getting worse.

For many business leaders, the natural inclination is to toss more protection technology at the problem. And there are certainly lots of possibilities for different types of hardware and software. But what’s often overlooked is the role of team training in cybersecurity. With the right tools and a human-centric approach, it’s possible to ratchet down risks and better manage costs.

How can your organization improve its security posture while achieving a more sustainable approach? A starting point is to recognize the human element, which includes preparing security teams by using realistic ranges that mimic actual tools in the security stack, cross-training staff, practicing responses and using advanced self-based training.

The Enterprise Is Under Fire

It’s remarkably easy to overlook the human element in combating cyberattacks. In reality, the best defense is one that combines technology with people. It’s inconceivable that the military would put the latest and most advanced weapons in the hands of pilots and soldiers without training them to use equipment effectively—and correctly—in seemingly realistic situations.

The enterprise must provide a training experience that aligns with specific cybersecurity roles and responsibilities—as well as the tools and technologies that teams use. For example, an organization might need to address topics such as web application security, threat hunting, security operations center best practices or cloud security.

An interactive training environment rooted in an organization’s IT framework is a powerful tool. Within this setting, a multi-week cloud-security-training framework can feature real IT infrastructure, actual security tools and real cyberattacks. Among other things, learning might revolve around issues as diverse as passwords, IAM stacks, data encryption, account keys, attack surfaces, isolating attacks, log management best practices and dealing with misconfigurations.

This framework can also establish red and blue teams in order to cross-train staff and help people appreciate each other’s duties. Using automated attack bots, it’s possible to unleash surprises that approximate the unpredictability of actual attacks—but within a safe space. Not only does this approach build comradery and a common sense of purpose among cybersecurity professionals, it broadens and deepens organizational knowledge and allows teams to help each other in the event of an actual attack.

Cybersecurity Is an Arms Race

During a team-based exercise, attack scenarios should mimic real-world threats. By exposing staff to authentic scenarios and practicing critical responses, an organization can better prepare to fend off an actual attack. What’s more, when teams receive feedback from the simulation, they can adapt and learn at a faster pace. Best-in-class solutions include virtual training assistants that deliver guidance (think of this as a nicer version of the drill sergeant at boot camp).

From an organizational perspective, this training approach generates other benefits. It exposes weaknesses that need to be addressed and should be followed up with a targeted self-based training program that sharpens skills and fills gaps that may otherwise fly under the radar. In addition, it’s possible to use gamification techniques to encourage competition and learning—and keep everyone motivated and marching in the same direction.

Today’s cloud environments support this more advanced form of learning, training and team development. They provide always-on, always-accessible ways to gain expertise within a web browser and even a smartphone app. It is best to hold team-training events on a regular basis. For most organizations, a quarterly exercise is ideal. In this way, individuals can continue to gain new skills and improve on existing cybersecurity skills.

It’s no secret that there’s a global shortage of available cybersecurity talent, and the problem isn’t likely to disappear anytime soon. Meanwhile, attack methods continue to evolve and addressing potential gaps in knowledge and expertise is increasingly difficult. Cross-training teams of professionals is one of the best strategies an organization can take. It also can help transition staff into new security roles, upskill new hires quickly and keep costs under control. 

Human Element

security awareness professional development & workforce

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs