Cyber security training is a specialized group of training in the broadly understood IT area, the common feature of which is the focus on aspects related to security. Trainings in this category can take many different forms, as well as the motivation of their participants. The right choice of training that will significantly accelerate your career requires skilful analysis.
The article shall refer to some key criteria that should be taken into account when looking for the most appropriate training. Various pitfalls will be presented that can lead to making a wrong decision, so that you could make your choice more consciously!
Table of Contents
Before you start looking for cyber security training…
In this chapter you will learn what steps you should take and what to analyze before you start your search for cyber security training. This will help you avoid mistakes and, consequently, save you valuable time and money.
1. Understand Your Motivation
The starting point in the search for the perfect cyber security training for you is to understand your own motivation. People who are at an early stage of their careers or work in IT areas other than security, see the courses as an opportunity to gain knowledge and skills that will allow them to start working in the industry. The deficit of cyber security specialists has led to the creation of the so-called “skill gap”, which is assessed according to various studies, up to 3.5 million vacancies. This means that having the right predispositions and acquiring skills in the above-mentioned area basically becomes a guarantee for finding a job.
Naturally, not only people who are just aspiring to work in the cyber security industry are interested in participating in the courses. Many wish to supplement knowledge they already have in order to meet the formal requirements for the specific types of positions they are interested in at the current stage of their career in order to advance. Still other people may be guided only by the desire to expand their competences or refresh their knowledge. It is a particularly popular type of motivation due to the high dynamism of changes in the IT world and the constantly evolving threats.
The variety of training forms, the motivation of their participants, the balance between practice and theory as well as the levels of advancement mean that a huge number of very different courses are available on the market. It is worth carefully analyzing your needs so that the training you choose meets your expectations.
2. Define a Specialization
The cyber security industry has undergone many transformations over the past decades, but what has left its mark on it most is the emergence of many specializations within it. This process was a direct consequence of the development of the IT world itself and the emergence of new technologies and areas in it. In each of these areas, there are very specific types of threats, attacks, detection methods and countermeasures. A few sample areas include the following:
- security of web applications
- security of mobile applications
- security of network applications
- security of computing clouds
- security of IoT solutions
- security of Active Directory and Windows systems
- security of databases
- security of computer networks
- security of Linux-based solutions
- security of OT
Their number can be multiplied by two, because we can choose both offensive positions (Pentesters, Red Team workers), whose role is to review the actual state of security, and defensive positions (Security Analyst, Security Engineer), focused on detecting and counteracting attacks. If someone is still not convinced, then we have other, very specific areas, such as forensics and after-breach analysis, handling security incidents, formal security and compliance with the guidelines of various industry regulators (financial sector, medical sector).
Due to the complexity of this issue, NIST (National Institute of Standards and Technology) — an organization responsible for creating many recognized cybersecurity standards — proposed the Workforce Framework for Cybersecurity (NICE Framework), in which it defined as many as 52 unique positions!
Under such circumstances, it is difficult to expect anyone to be an expert and to be up-to-date in more than a few of these areas. Of course, these areas do not form isolated silos, but interpenetrate each other. However, expecting from an OT security specialist only accurate answers about the security of mobile applications, and from a database specialist all the knowledge about attacks on Active Directory may miss the point.
3. Check if You Understand the Technology Well
The development of cyber security specialists’ competences in any of the areas can be divided into two important paths. First of all, it is very important to get to know the technologies for which we are responsible and decent knowledge of various related technologies. The second is, of course, gaining specialist knowledge on the security of given technologies. It’s a big mistake, especially in the early stages of your career, to put too much attention on the second area.
Deficiencies in understanding the operation of technologies the safety of which we are to assess or the safety of which we are supposed to take care of, may adversely affect the effectiveness of our activities. At some point, such accumulated gaps in the technical knowledge of non-security may become for us a “glass ceiling” on the way to further professional development. It is not only about technical mistakes that we can make, but also a certain psychological burden related to the awareness of our shortcomings.
4. A Strong Foundation is the Basis of Your Career Development — Make Sure You Have One
The process of specialization in the area of cyber security closely resembles the changes that have taken place in the medical profession over the last centuries. Here, too, the development of knowledge and technology in this area has led to the creation of many specializations. However, there are many more analogies. Regardless of the chosen path, each doctor can be expected to have knowledge of anatomy, the functioning of individual systems in the human body and their mutual relations. Similarly, in the case of cyber security specialists, there is a list of issues in which a certain proficiency is desirable regardless of the chosen career path. It is worth remembering about them and making up for the shortcomings as an important element of development.
Knowledge of the operation of computer networks and good knowledge of the most important network protocols are extremely useful. General knowledge about the currently used cryptographic algorithms is also essential. It is worth knowing into what categories these algorithms can be divided and what practical applications each of these types offers. It is good to have a good understanding of how operating systems work. Especially the functioning of the virtual memory model, understanding what processes and threads are, how the code and data of running applications are separated, and how applications can interact with each other and with the operating system itself.
Practical knowledge in the field of programming or scripting also has seemed to be indispensable for some time now. It allows you to bypass the limitations that may appear in even the most specialized tools by creating your own extensions to the application or original scripts. The second important aspect that has gained importance recently is, of course, the automation of various tasks, which can significantly increase the efficiency of our work.
Naturally, depending on the specific role and areas of specialization, some common issues are more or less critical. Certainly, there will also be people convinced that without a given skill they can still successfully develop their career in cyber security. Due to the size of the “skill gap” in the industry, they may of course be right, but the knowledge deficit may reveal itself in the most unfavourable circumstances.
5. Are You Developing? The Cyber Security Industry is Open to You.
The shortage of candidates does not mean, however, that companies are desperate enough to hire anyone who sends them their CV for cybersecurity-related positions. The risk arising from the possibility of making mistakes in this area is too great not to verify the experience and practical skills of a given person before employing a given person. This does not mean that prospective candidates who want to develop in the area of cyber security will not find employment. Many companies aware of the deficit of specialists try to recruit experienced employees directly from the labour market, supplementing their teams with people with less experience, who will be supported in their development through mentoring and numerous trainings.
High specialization in the cybersecurity industry is also an advantage for people who are just starting out. Of course, employers require appropriate general knowledge of security and IT, but their expectations are focused on a specific topic that the candidate has to deal with on a daily basis. This means that everyone can try to find the niche that suits them best. In the case of people who have already worked in IT, but in positions not related to security, the most common development path is dealing with the current subject. Specifically from the cybersecurity perspective. A lot of people in the industry are former administrators, network engineers and programmers.
6. When Choosing a Training, Watch Out for the Tricksters!
Regardless of the stage of your career, at some point questions may arise: which cyber security training should I choose? Which trainings will help me find a better job and get promoted? Which trainings will increase my skills? What criteria should I pay attention to when choosing a training course?
These questions are not insignificant. The deficit of employees in the cyber security sector has caused great interest in this direction among people who are just choosing a career path and among people who want to retrain from their current profession. This interest resulted in an increase in the number of entities offering cyber security training and courses. Among the very wide offer, you can find extremely valuable ones that convey knowledge in a very accessible form.
Unfortunately, you can also find training courses of dubious quality, which sell knowledge at an exorbitant price, which can be found for pennies or even for free on many popular educational platforms. What is worse, some offers on the cyber security training market are just a hoax and try to deceive people from outside the industry with visions in which they will become an ethical hacker in a few weeks, with a guarantee of employment. If only, of course, they will buy the training they offer for $ 3000. It is difficult not to treat such offers in terms of SCAM and prey on human naivety. The process of acquiring knowledge and skills cannot be compressed into several weeks of training. Choosing a shortcut, you will not gain anything.
Criteria for Selecting Cyber Security Training
The ability to choose the right cyber security training will determine whether you will develop in your chosen direction and achieve your intended career goals, and your career will take off. Assuming that you have identified the subject you are interested in, what features should you pay attention to when looking for the training best suited to your current needs? Below are the most important criteria to consider.
1. Form of Cyber Security Training
There are many selection criteria, and in the case of some of them, our assessment will be determined simply by our individual preferences. This applies, for example, to the form in which the training will be implemented.
Courses in the area of cybersecurity can be both a set of videos on a given topic, but they can also take the form of e-learning, in which very different forms of knowledge presentation can be used. These types of courses usually have the advantage that individual participants can complete the material prepared by the instructors at a time and pace they prefer (so-called self-paced training).
For those interested in a greater dose of knowledge and interaction with the trainer and other participants, there are courses in the form of a bootcamp. It is a kind of “school class” in which a group of participants participates in a series of lectures (sometimes also laboratories) with a trainer. Classes can be conducted live and online.
2. How Much Practice and How Much Theory in Cyber Security Training?
The second important aspect of the courses is the proportion between the amount of theoretical and practical knowledge that the participant can acquire. Some of the courses, especially the basic ones and those introducing trainees to a given area, focus strongly on conveying theoretical knowledge. As the level of advancement of the training increases, so does the emphasis on the practical aspect.
The most advanced training is primarily the practice and improvement of the participants’ expertise by facing challenges based on real cases. The practical part, usually called laboratories, can be carried out using participants’ computers for live courses. However, specialized platforms are gaining popularity, offering high realism and convenience that cannot be achieved in the BYOC (Bring Your Own Computer) model. An example of such a platform is the CDeX cyber range. You will find out how much practice and how much theory is in a given training by analyzing the detailed description of a given training and reading the opinions of other participants.
3. The Advancement Level of Cyber Security Training
The level of advancement of a given training is an obvious parameter worth checking anyway. Attending mismatched training early in your career can be highly frustrating and overwhelming with overload of new information.
The knowledge whether a given training is not too advanced for us can be obtained by analyzing the syllabus of a given training, getting to know the initial requirements for participants and reading opinions on a given training. It is also worth taking similar steps when we already have a lot of experience and want to avoid a situation when most of the material will only be a repetition of what we already know very well.
CDeX cyber range training
4. Updates of Training Materials
An attribute worth checking before making a choice is the guarantee of updating the materials provided with the training. Many training providers do not provide for post-training updates, but some provide updates for a specific period of time. Sometimes it is six months, and sometimes even several years. However, there are occasions when the training provider offers to constantly update the content. Such a policy of providing training materials occurs in companies offering their training in the form of a subscription.
5. Tracking of Learning Progress
At first glance, no one wants to feel like a schoolboy during the training, whose progress is closely monitored by both teachers and parents. However, after starting the training in which we have invested our (or our employer’s) funds, at some point we will start asking ourselves the question “to what extent have we mastered the new knowledge?” or “are we already clearly better than we were before the start of the training?”.
Mechanisms that track our progress, integrated with the training, can help us. They can take the form of short quizzes displayed at the end of each chapter or even extensive performance reports, collecting numerous metrics related to our activities in the laboratory environment.
6. Cyber Security Training Fee or Monthly Subscription?
It is the financial model that is another important parameter to keep in mind. In the subscription model, the client interested in acquiring knowledge is obliged to pay a fixed, usually monthly (sometimes quarterly or annual) fee for access to the training platform and materials. This approach means that the costs are spread over time, and on the other hand, the customer gets access to a huge knowledge base and laboratories almost immediately.
However, it is worth paying attention to the presence of three important factors that often significantly reduce the attractiveness of solutions available in the form of subscription. First of all — the minimum period in which we undertake to pay for access to the platform. Secondly — additional costs, i.e. elements that we thought were included in the base price, and in fact you have to pay extra for them (e.g. exams). Third — quantitative restrictions on the use of the solution, e.g. the limit of materials that can be viewed during a month or a number of laboratories that can be launched in such a period. Much clearer rules of use are found in the classic financial model, in which the participant buys access to the entire training for the full amount.
7. Training From a Large Vendor or an Independent Supplier?
Selecting a training provider is another criterion. As in the entire IT industry, also in cyber security, training can be divided into those offered by well-known brands with a wide portfolio of products and training offered by companies dealing mainly with the subject of cyber security, or even dealing almost exclusively with providing training in the area of cyber security. It is worth remembering that large entities providing a wide range of solutions often create their trainings considering various issues (including cyber security!) through the prism of the technologies they offer.
If we are interested in working with the solutions of a given supplier, such training can be a big advantage for us. However, if we want to remain independent from specific solutions, we may be surprised that during the training some solutions were arbitrarily omitted. It is also worth paying attention to whether a given training from a large supplier is in fact a training in the use of one of its cyber security solutions.
8. Cyber Security Training Price
Price is the last parameter on the list. This criterion is the result of all the previously discussed parameters. The simplest version of commercial training can cost us just a dozen dollars. For this amount, we can get monthly access to rich training materials in the subscription model, or buy permanent access to a single course in the form of video recordings.
On the other extreme, there are trainings for which we will have to pay up to $ 7,000, and together with additional costs such as travel to the training center and accommodation, the total cost may be close to a five-figure sum! It is easy to guess that for such a considerable amount we will get an exclusive offer, which will include not only a week’s live training in a small group under the supervision of an instructor with documented achievements, but also a voucher for a certification exam, access to regularly updated materials and access to extensive laboratories. Such an offer sounds attractive, but you should be aware that at this price we can purchase a whole set of various training courses from several suppliers, which will bring us a lot of knowledge and skills.
Online training courses based on extensive materials in the form of e-learning and offering valuable laboratories systematizing the acquired knowledge can be purchased for the amount in the range of $ 1000–2000. Similar amounts come into play in the case of companies offering training in the form of 2–3-day classes, but usually the practical part is carried out to a limited extent using computers of the participants of the training.
The choice we make depends not only on the size of our wallet (or the company’s training budget), but also on our current needs. One, very expensive and extensive course, can be a good choice if you want to focus on a given topic for the next years of your work. A set of several extensive online training courses can be the right decision if you can motivate yourself to learn, want to gain solid skills in these several areas and spread the expenses over time. On the other hand, purchasing access to an extensive library of training materials in a subscription model can be a great choice when in your daily work you often need to quickly learn a specific topic.
What to Look for When Choosing Cyber Security Training: Summary
There is no single, good answer to the question “which cyber security training should you choose?” There are many evaluation criteria that you should be aware of. Some of these criteria are universal, but many of them depend on our individual preferences, experience, stage of our career and what we currently do or want to do in the future.
Making decisions impulsively based on, for example, advertising in social media may not be the best choice. It is worth taking a bit of trouble and analyzing your own needs and familiarizing yourself with the description of the content and opinions on the training that we are interested in. No minute spent considering which training to choose is time wasted.