Cybersecurity Skills a Top Training Goal
Cybersecurity training is evolving to better meet the real-world needs of today’s threat landscape
IT training and certification are evolving rapidly into something that actually offers significant value to both companies and their IT staffers. Not so long ago, the industry was beset by certifications that meant little more than the ability to pass a multiple-question test. What’s more, IT training had transformed into something that taught certification candidates how to pass those tests. The result was a swarm of so-called qualified job seekers who had no real-world knowledge to perform the jobs for which they were hired. Nowhere is that truer than in the cybersecurity field.
A recent global survey by ESG reveals that for 2018-2019, 53% of the organizations surveyed report a problematic shortage of cybersecurity skills. That’s an increase from 2017-2018, when 51% of those surveyed reported a problematic shortage of cybersecurity skills, and 2015-2016, when the skills shortage was at 42%. Simply put, the cybersecurity skills shortage is getting worse, perhaps fueling those in the cybersecurity education business to rethink their educational offerings and bring real-world skills into the mix.
After all, the need for comprehensive cybersecurity education is on a growth trajectory, especially if you consider the implications of a recent report from Skillsoft.
Skillsoft’s “Tech Learning Consumption Trends” research report, which explores the learning consumption data patterns across a user base of nearly 12 million technology professionals, offers some interesting insights. According to the report, the company delivered some 4.6 million hours of cybersecurity training worldwide, second only to networking and operating system training, which totaled 6.3 million hours.
Those seeking education have come to prefer courses, which are supplemented by books, according to the report. In addition, many students are embracing the concept of “microlearning,” a methodology that breaks security education into small, easily consumed chunks.
“Our data shows that microlearning helps, with users consuming more content in less time, allowing for a more efficient method to learn. Microlearning contributes to learners completing content at a higher rate but with fewer hours invested,” said Mike Hendrickson, VP, Technology & Developer Products at Skillsoft.
The most popular cybersecurity certifications are now EC-Council’s Certified Ethical Hacker, CompTIA Security+ and ISC2’s Certified Information Systems Security Professional (CISSP), the report noted. The certifications have evolved to include hands-on and real-world knowledge to achieve, further stressing the importance of educational resources that provide real-world situations as examples.
Skillsoft is not the only education resource in the game of IT education, and other well-known organizations are also making significant changes to their education programs. For example, Cisco Systems recently announced sweeping changes to its training and certification programs, with the goal of increasing the value of both. Cisco’s move demonstrates a trend by organizations that provide training and certification to place more value on the practical aspects of educating technology professionals.
“Training and certifications for network professionals and software developers have become a must,” said Susie Wee, senior vice president and CTO of DevNet at Cisco Systems. “The goal here is to bring enhanced software skills to networking, enabling application developers to write applications that leverage the full capabilities of the network.”
Cisco is not alone. Industry group CompTIA has recently revamped some of its certification programs. For example, the latest version of the CompTIA Security+ exam incorporates several different learning paths, ranging from classroom-led instruction to self-paced, online microlearning offerings. “For certifications to have real value today, people must immerse themselves in the technology,” noted James Stanger, CompTIA chief technology evangelist.
As more vendors enter the world of cybersecurity training, those seeking education will have many resources from which to choose. That said, due diligence is still required to pick the best fit in an educational resource, and it is now imperative to seek those who can educate the next crop of cybersecurity professionals to understand the real challenges.
Pingback: WhiteHat Report: DevSecOps Adoption on the Rise - Security Boulevard