Many organizations still rely on outdated approaches to measuring cyber capabilities, including expensive industry certifications and annual training courses, which could be giving teams a false sense of security.
With 82% of security leaders believing they could have mitigated the damage of their most significant cyber incident if they were better prepared, it's time to rethink old-school methods and embrace a new data-driven approach to building and proving cyber resilience: the ability to successfully prepare for and then respond to cyber threats.
Leaders should question the industry’s overreliance on outdated certifications because they fail to build and prove hands-on knowledge, skills, and judgment. Instead, we should focus on continuous improvement through regular exercises via real-life fire drills, measuring the capabilities of teams and individuals, and filling talent gaps before it’s too late. This will result in stronger cyber postures for organizations and the confidence to know that teams are truly ready when a crisis hits.
In-person training won’t help in a crisis
Traditional certifications and training are flawed for many reasons. They take years to develop, by which time they are already outdated, and are updated infrequently. Cyberattacks are evolving at a rapid pace, and certification programs can’t keep up. Additionally, the cost of maintaining certifications has become prohibitive for many organizations, making it difficult to justify the investment. It's clear that certifications alone are not the solution.
These methods fall short when it comes to reacting and recovering quickly from cyberattacks. Infrequent training sessions do not align with the pace of the real threat landscape, and professionals are not engaged with the information they receive.
Hands-on practice and realistic, simulated scenarios are necessary to develop cognitive agility and muscle memory for tackling real breaches. Without concrete proof or data demonstrating cyber resilience, leaders lack the metrics needed for meaningful conversations with boards and senior leadership.
Four steps for a path forward
By embracing a data-driven, always-on approach, we can build true cyber resilience and confidently face the challenges of the ever-evolving cyber threat landscape. The future of cyber resilience, requires that leaders adopt the following four criteria:
- Continuous exercises: Teams need regular and ongoing practice and training in cybersecurity to improve skills and readiness for potential threats and incidents.
- Practice continuous training across the whole workforce, not just cyber pros: Involving all employees, regardless of their role or expertise, in cybersecurity exercises to create a culture of security awareness and preparedness.
- Tailor the training by role and experience level: The future of cybersecurity is personalized. Customize cybersecurity exercises based on individual job roles and levels of experience to ensure relevant and effective training for each employee.
- Insist on proof of real capabilities: Demonstrate and validate hands-on cybersecurity skills and competencies through practical exercises and assessments, offering tangible evidence of an individual's capabilities in the field.
By adopting this approach, security leaders gain a comprehensive view of team and individual preparedness for attacks, and they can make informed decisions and ensure alignment throughout the organization. This approach will lead to tangible proof of cyber resilience and ultimately create more secure organizations.
The rise of cyberattacks targeting the human element exposes the inadequacy of traditional cybersecurity certifications and training, which fail to offer the necessary skills and confidence to effectively respond to and recover from cyber incidents.
The industry needs a data-driven approach that focuses on continuous improvement, hands-on practice, and realistic simulations. By breaking free from outdated methods and embracing a stronger cybersecurity culture, organizations can confidently face the challenges of the evolving threat landscape and create a more secure future.
James Hadley, founder and CEO, Immersive Labs