Skillsoft has recently conducted research, using data from users globally that have accessed security assets in Skillsoft’s learning experience platform, and seeing how organizations and their employees are engaging in security training. This was spurred by October is Cybersecurity Awareness Month and today’s increasingly complex threat landscape, high rate of skills gaps, and growing talent wars.
The research showed that 2021 has been a true inflection point for security learning and development (L&D) in corporate environments.
Cybersecurity training: Increase in hours and consumption
Organizations and employees are spending significantly more time with cybersecurity training than ever before – there has been a 53% increase in the total number of hours that learners are dedicating to security training content and courses on an annual basis since 2019.
This increase could be due to various reasons, such as for professional development, to increase awareness of threats and learn risk mitigation best practices, to pivot career paths, or simply to build skills sets.
Observing this trend via a monthly view from 2019, each month in 2021 – except January by a slight margin – has seen significantly higher rates of consumption for security training and education assets across all expertise levels.
Breaking this down further, the study analyzed 25 industries ranging from aerospace to banking and finance to medical. Two in three(60%) of all companies saw the total number of hours spent by learners annually on security training content increase in 2020 compared to 2019, with this number rising to 80% in 2021 compared to the previous year.
The top five industries that have seen the largest relevant content consumption spikes:
- Energy and utilities
- Training & development
On average, these five industries saw a 59% year-over-year growth trajectory.
Security pre-certifications are a hot commodity
With the increase in the amount of security training, the study also looked into where the time is being spent.
Looking at the 10 most frequently completed security courses so far in 2021, OWASP Top 10 related lessons take the lead spot (Open Web Application Security Project), followed by cloud security fundamentals, possibly attributed to the COVID-19 pandemic spurring a rapid global shift to the cloud.
Just falling short of the top 10 positions are a variety of CompTIA Security+ pre-certification courses, ranging from social engineering techniques to basic cryptography principles.
Security training best practices
Security professionals are encouraged to maintain a mindset of continuous learning and curiosity even beyond Cybersecurity Awareness Month. Keys to building a lasting culture of cybersecurity include:
- Outlining the role each employee plays, where everyone works together to achieve a common objective rather than simply checking a box;
- Implementing a blended learning approach, combining traditional course content with real-world scenarios, practice labs, and team-oriented lessons;
- Encouraging employees to pursue certifications to expand skillsets, become more cyber-aware, and reduce skills gaps; and
- Providing employees with the tools needed to train and upskill in their natural flow of work.