Kaspersky launched an online cybersecurity training program for experts called Security Operations and Threat Hunting, designed to help organizations enhance or build a security operations center (SOC) from scratch.
The online courses, built around six-month access to the course and 100 hours of hands-on labs, are also designed to improve SOC and security team skills in threat hunting, incident detection and investigation.
The training focuses on modern attacks’ tactics, techniques and procedures for Windows, Linux and networks and how to deal with them, offering virtual hands-on labs and an on demand format.
Keeping up With Attackers
Kevin Gonzalez, security strategist at Anvilogic, pointed out that threats are constantly evolving and security practitioners need to educate themselves at the same rate that threat actors are researching ways of gaining entry and exploiting networks.
“Online training centers for IT security professionals allow them on demand access to the necessary education material to accomplish this, whether it be content associated with detection engineering and malware forensics or just trying to keep up with the emerging and evolving technologies,” he said.
He added that training centers are most effective when they offer material in various formats that can easily be digested and that actively engage the student.
“I have often found that covering foundational concepts and principles with readable content and then following through with practical application of those concepts via the use of cyber ranges and tutorials works best,” he explained.
This is because it allows the new learner to be immersed in situations where they learn how to apply the previously learned material.
John Steven, CTO at ThreatModeler, an automated threat modeling provider, pointed out that training and certifications alone are not sufficient to equip individuals to staff or operate a SOC.
“Training and certification present and assess procedures at a theoretical and often technology-agnostic level,” he explains. “Practitioners need help with applying that knowledge to the tools and tech stacks in play within their organization.”
He said the key advantage training centers can provide is giving practitioners perspective and experience that equips them to hunt threats and respond to incidents in their technology environment using their organization’s tools.
“Effective online training finds a way to boil down experience and subject matter expertise into checklists, guidelines and other job aides the learner can take home and use over and over to ‘punch above their weight’,” Steven adds.
Darryl MacLeod, vCISO at LARES Consulting, an information security consulting firm, said with the constantly evolving threat landscape, IT security professionals need to keep up with the latest trends and techniques.
“Online training centers can offer a convenient and affordable way to do this, especially with today’s globally distributed workforce,” he said.
These training centers for IT security pros offer a variety of courses and resources that can help professionals stay up-to-date on the latest threats and trends, which can include webinars, articles, e-learning modules and certification programs.
“For businesses, investing in online security training can help to ensure that their employees are up-to-date on the latest threats and trends,” MacLeod said. “This can help to reduce the risk of a data breach or other cyberattacks.”
For individual IT professionals, online security training can help them to stay ahead of the curve and keep their skills sharp without the need to travel.
“Many online training centers also offer certification programs that can help IT professionals stand out from the crowd,” he noted.
SOC: Consistency is Key
Steven said when you operate a SOC, consistency is key, as automation and hands-on exercises are becoming easier to produce as infrastructure-as-code and cloud-based environments are so easy to spin up and down.
“The posters you see in locker rooms with slogans like ‘Train how you want to play,’ resonate: Train your SOC analysts the way you want them to respond to incidents,” he said. “When stressed, we fall back on the last and most practiced set of training and habits we possess.”
He added that training that allows practitioners to explore actual environments and respond to incidents or set up monitoring to improve response will win the day.
MacLeod added that one emerging trend he’s seen is the use of gamification in security training.
“Games can be a fun and engaging way to learn about complex topics like cybersecurity,” he explains. “By incorporating game mechanics into security training, learners can develop the skills they need to succeed in the industry.”
Gonzalez says training is essential to help build a SOC from scratch, as understanding the core functions can help shape the organization’s strategy.
“From a defined strategy, efforts can be undertaken to achieve it by developing processes and procedures and a training plan,” he said. “Security professionals for the organization can take training to meet the organization’s objectives and improve processes and procedures.”
He noted that online training for security professionals will continue to become more immersive and easily accessible.
“With the increased growth in cyber ranges and simulation labs, more online training centers will offer these types of training, and begin partnering up with vendor solution providers to create immersive educational experiences for their products,” Gonzalez said.