Technology Sectors

Market Sectors

Why most cyber security training doesn’t work

Tue, 2012-09-18 02:16 PM
By: Joe Ferrara

Joe Ferrara

Use learning science principles -- If you are a hacker, are you automatically an effective teacher? If you know the technology and all of its weaknesses, then it seems reasonable that you should be able to teach the same information to employees, right? Possibly, but not likely. If you ask a bunch of hackers whether training is working, what answer do you expect to get? Everyone has strengths and weaknesses, but generally hackers don’t make good educators and technologists are better off making technology decisions.

If companies want to see results with cyber security training, a shift in mindset is required. The science of learning dates back to the early 1950s, and its techniques have been proven over time and adopted as accepted learning principles. Applied to information security training, these techniques can provide immediate, tangible, long-term results in educating employees and improving your company's overall security posture. Let’s conduct training based on how people actually learn versus treating training as a check-box activity, and we’ll see just how valuable an investment in security training can be.

In the words of Einstein, “Insanity is doing the same thing over and over again and expecting different results.” Thankfully, when it comes to cyber security training it’s possible to stay sane by embracing the advances in security training which are available today. 

Joe Ferrara is the president and CEO of Wombat Security Technologies, a security awareness training and assessment company. He can be reached at:

jferrara@wombatsecurity.com

Tags:
 
  • Share/Save
  • Email this page
  • Printer-friendly version
 

Upcoming Events

Event Details Dates of Event
SANS Austin 2013 May 19 - 24
DoD VA Healthcare Training Forum May 20 - 23
Transport and Logistics of Hazardous Material May 27 - 28
Southwest Microwave Seminar May 28 - 28
Border Management Southwest Summit May 29 - 31
Cyber Security Conference & Expo May 30 - 30
Mobile Device Security Summit 2013 May 30 - Jun 6
Security Analytics Summit 2013 May 30 - Jun 6
Cyber Security Conference & Expo May 30 - 30
Southwest Microwave Seminar May 30 - 30
SANS Malaysia @ MCMC 2013 Jun 3 - 8
2013 SIA Government Summit Jun 4 - 5
Southwest Microwave Seminar Jun 4 - 4
NCT: CBRNe Israel, 4 - 6 June 2013, Tel Aviv Jun 4 - 6
SEL Modern Solutions Power Systems Conference Jun 5 - 7
Mission Command Jun 10 - 12
Cyber Securty Brainstorm Jun 11 - 11
EDGE Summit 2013 Jun 11 - 11
IPv6 Summit 2013 Jun 14 - 16
SANSFIRE 2013 Jun 15 - 22
Oak Ridge National Laboratory's 2nd Biosurveillance Symposium Jun 17
Biodetection Technologies 2013 Jun 18 - 19
Southwest Microwave Seminar Jun 18 - 18
Cyber Defense and Network Security Summit Jun 24 - 26
Vanguard Security & Compliance 2013 Jun 24 - 27
SANS Canberra 2013 Jul 1 - 13
Border Management & Technologies Summit Jul 2 - 5
SANS Rocky Mountain 2013 Jul 15 - 20
SANS Mumbai 2013 Jul 22 - 27
SANS San Francisco 2013 Jul 29 - Aug 3
SANS Boston 2013 Aug 5 - 10
Cyber Security for Government Aug 12 - 14
SANS Thailand 2013 Aug 19 - 31
SANS Virginia Beach 2013 Aug 19 - 30
Maritime Security 2013 West Aug 19 - 21
930gov: Strategic Buying at Year-End Showcase Aug 21 - 21

Full 2012 Calendar