Cybersecurity Training Boosts Risk Posture, Research Finds
Business executives worldwide see the economic advantages of continuing professional cybersecurity education and the steep downside from a workforce of under-trained individuals, Cybrary, a training platform provider, said in a new report.
The Benefits of Professional Training
The survey of 275 executives, directors and security professionals in North America and the U.K. who either procure or influence professional cybersecurity training, was conducted by consultancy Omdia. The results showed that the benefits of professional training boost an employee’s impact on the organization, the overall risk posture of the organization, and in the costs associated with finding and retaining highly skilled employees, the analyst said.
The study’s key findings include:
- 73% of respondents said their team’s cybersecurity performance was more efficient because of ongoing professional cybersecurity training.
- 62% of respondents said that training improved their organization’s cybersecurity effectiveness (which encompasses decreases in the number of breach attempts and overall security events).
- 79% of respondents ranked professional cybersecurity training at the top or near the top of importance for the organization’s ability to prevent and rapidly remediate breaches and ensuing consequences such as reputational damage.
- 70% of companies reported a relationship between an incident and training, and two-thirds of respondents reported increased investments in ongoing cybersecurity training after a security incident.
- Large enterprises are the least likely to delay upskilling until after an incident, indicating that companies with larger cybersecurity teams firmly understand the importance of ongoing professional training.
- 67% of surveyed SMBs invested in cybersecurity training after a security incident, which served as a call to action.
- 53% invested in professional cybersecurity training due to a cybersecurity insurance audit.
- 48% of organizations said that cybersecurity training drives retention and decreases the likelihood that a cybersecurity professional will leave the organization that trains them.
- 41% said that ongoing cybersecurity training has no significant impact on if a cybersecurity professional leaves.
The Bigger Picture
The research shows the rewards organizations by investing in training and upskilling their security professionals, said Cybrary chief executive Kevin Hanes. The data “codifies the fiscal and reputational paybacks in proactively improving cybersecurity defenses versus responding to attacks. It also codifies an often-underrecognized benefit of cybersecurity upskilling: helping the organization retain invaluable security talent despite market and organizational uncertainty,” he said.