The Red Education Cybersecurity Training Survey December 2022
Students prefer instructor-led training
We asked delegates about their preferred delivery mode for training. Would they rather do Virtual instructor-led training, Live in-person training or Self-paced online training? The results were clear – 78% of students prefer instructor-led training, whether in person in a classroom setting or online, to the self-paced online model.
Of course, self-paced online training has its advantages. On-demand content is convenient and appears ideal for fitting around a busy professional lifestyle. However, it can quickly fall down the priority list and be ignored under the pressure of a busy workload. In general, it is more suited to simpler topics. Cybersecurity technology certification is complex, and learners benefit from being able to access subject matter expertise in real-time. Experienced instructors will tailor content to the group, explain challenging areas as they arise, reinforce learning with real-world examples and support lab sessions. The small group environment allows for engaging discussion and the sharing of ideas, preventing the boredom and isolation of working through a syllabus alone.
Training mitigates risk
Human error is one of the major causes of cybersecurity risk. Research has shown human error to be behind between 88% (Stamford University) and 95% (IBM). Of course, better-trained teams are better equipped to protect their organisations. Cyber security training that includes time to test workflows and respond to attack scenarios in virtual labs allow teams to eliminate errors in a safe sandbox environment before implementation in a live setting.
In our survey, 48% of responders said they believed their organisation would be at risk if their people did not receive up-to-date cybersecurity training.
The impact of training on career prospects and income is well documented but not always well understood by employees
Research has shown that better-qualified IT staff will generally have higher incomes. In the 2021 Value of IT Certification Report IT certification was shown to generate significant ROI for both the certification earners and their employers. Seven out of 10 candidates met their goals for certification and would recommend certification to someone seeking to start or advance a career in IT. As a result, many attained new jobs (36%), pay raises (28%), and job promotions (21%). Their employers felt a direct and favorable impact as well, experiencing benefits such as increased quality of work, productivity, efficiency, and the employee’s ability to mentor others. According to Global Knowledge’s 2020 IT Skills and Salary Report, IT decision-makers estimated the return on investment for each credentialed staff member to be about $10,000.
In our survey, 35% of responders agreed with the statement ‘I am likely to have a better-paid career as a result of increased certification’ and only 28% said that they felt that employees with more certifications would be more likely to be promoted than those with fewer certifications.
Since the COVID-19 pandemic, companies are struggling to find enough skilled workers. The technology sector has been especially badly hit. The Australian Financial Review reported that almost a third of Australian businesses were struggling to fill jobs, and most of these businesses attributed their challenges to applicants not having the required skills (59 percent). When it comes to technology jobs, there’s a global shortage of workers with the necessary skills. Markets around the world are vying for workers with these skills, so Australia faces a competitive fight to attract that talent. According to weforum.org, there is a global cybersecurity workforce shortage of 3.12 million, broken down as follows: North America -376,000, Europe -168,000, LATAM -527,000 and -2.045 in APAC.
These numbers were reflected among those we surveyed. 45% of respondents said that it is challenging for their organisation to find enough qualified and experienced staff.
Addressing the skills gap: training vs new hires
Responding to the skills shortage, organisations are turning to training to manage skills gaps, most responders – 87% – said that their organisation would train their existing teams in preference to looking externally to hire new talent. This is a more optimistic picture than that shown by Deloitte and RMIT Online in 2020, whose survey showed that 88% of businesses said that it was difficult to find skilled employees but 15% had no means of tackling the issue within their own organisation and only 45% were focusing on training and education.
From these results, we can see that the value of quality training is well understood by many – but not all – of those working at the coalface of cybersecurity. There is still work to be done in the education space, increasing the awareness of the importance of training to reduce the risk of cyber attacks, improving individuals’ career prospects and income while increasing their value to the organisation.
The message is clear about how that training is to be delivered, however, with an overwhelming 78% of those surveyed stating that they preferred instructor-led training, whether in-person or live virtual training, over on-demand online models.