02.12.2019 Cyber Range: Hands-on exercises vs. theoretical learning

by Noel Murphy

Is hands-on learning the key to remembering and mastering cyber skills? Cyber ranges provide multiple options to prepare for threats

As cyber threats become more targeted and frequent, coupled with a shortage of skilled workers, cyber skills training should top the priority list for any organization.  

In fact, research shows that less than one-third (28%) of businesses rate their ability to mitigate cyber risks, vulnerabilities, and attacks as “highly effective.”  And the lack of cyber skills across businesses and organizations today may have a direct impact on training challenges. A report this year revealed that 74% of organizations have felt the impact, with specific training implications:

    • 47% say it has prevented learning and using new security technologies to their full potential
    • 41% claim they have had to recruit and train junior employees rather than hiring experienced cyber security professionals
    • 66% believe it has caused extra workload on existing staff

Yet, mastering the cyber security skills required to defend today’s business networks doesn’t happen overnight. If you look at a typical day in IT, team members are juggling multiple tasks to manage, support, and secure users, devices, and networks — with little time left to learn, let alone remember, cyber skills training.  Remembering is the critical word here as these types of skills usually require time with hands-on experience.  

How do you learn the cyber security skills training needed to react to an incident, remediate damage, and get your operations back on track? How do you remember the steps you need to take when an attack hits? 

Could you remember your cyber training after 30 days?

While cyber skills training is critical, equally important is reinforcing the training so the skills are remembered when it’s time to react to an incident.

For example, the advantage of hands-on cyber skills training in contrast to theoretical training is  the opportunity to truly participate in the learning. You are ‘doing’ vs ‘watching.’ You’re not just watching videos or listening to an instructor at the front of the room showing powerpoint slides and then trying to remember sequences for incidence response. Like learning to ride a bike, cyber skills must be trained through experiencing and repeating.

To better illustrate this, let’s look at the forgetting curve. Discovered by German psychologist Hermann Ebbinghaus, who also pioneered other fundamental human learning and memory behaviors, the forgetting curve shows how information is lost over time when there is no attempt to retain it. It looks at how humans start losing the memory of learned knowledge unless it is consciously reviewed time and again.  Research on the forgetting curve shows that within one hour, people will have forgotten an average of 50% of the information presented. Within 24 hours, this rises to 70%, and in a week, over 90%.  

Apply this to a busy, understaffed IT environment, and you can picture the training challenges.

Doing vs watching may be your best training technique

While the forgetting curve reminds us that we must reinforce training on a regular basis to retain the content following training, investing in the right type of training is also important.  

Cyber skills training can be delivered using theoretical learning techniques in classroom settings or online. Or instead, by using practical, hands-on methods to test reactions in realistic situations.

We believe training your team to face and defend against threats in real-world conditions makes the difference in retaining learning. Cyber skills training should be easy to repeat, modify, reuse, and scale to fit changing needs. You can imagine the complexities. Without the right tools, the project can become prohibitive for many organizations. 

That’s why tools like cyber ranges are so useful for IT and security teams.  Cyber ranges enable teams to experiment with ‘what-if’ cyber security scenarios in safe environments.  As we discussed in a previous post, a cyber range lets you create and run realistic training that trains, tests, and evaluates response to cyber threats without requiring resources and time.

For example, with our Field Effect Cyber Range platform, a group of participants can access the platform, debrief on the ‘scenario’ (content) and review a list of objectives to complete the ‘mission’ in a set amount of time. Our platform offers cyber security incident response content packages as well as customizable content to stage literally any scenario needed. 

Field Effect’s Cyber Range platform can also produce content and exercises dynamically or “on the fly” so participants can easily be tested again and again to ensure the skills taught are retained. You can also use our Cyber Range to build frequent refresher modules to boost memory, especially in those critical first 30 days after initial training. 

Test, retrain, test, retrain 

We developed our Cyber Range platform to deliver consistent, continual training in real-world conditions with rehearsals and assessments that mimic realistic operational environments. We believe this makes the difference between safe and secure networks or expensive recovery and reputation loss.  

Our training platform and customized content are designed for the rigorous and critical cyber training requirements of military, government, law enforcement, financial services, and technical operations teams — can you imagine what the platform could do for your organization?

In fact, our Field Effect team of cyber analysts and developers also uses our Cyber Range capabilities to test, train, and retrain cyber skills and knowledge.

Here are a few benefits of our Field Effect Cyber Range solution:

  • Design and run continuous training in any location via your browser 
    • Launch self-paced courses for individuals or interactive classroom training for groups
    • Stage real-world exercises that mimic operational scenarios
  • Create and run simulated safe environments that behave realistically
    • Design networks that mimic yours to train and test security incident response and disaster recovery
  • Deploy quickly and easily
    • Use your existing hardware for hosting trainings or simulations on-premise. Or choose short-or long-term cloud-hosted options. No matter your size or needs, we have a package to easily train your organization with monthly or annual pricing.
  • Accelerate understanding of new security technologies
    • Stand up environments similar to yours, in just a few clicks, enabling your team to experiment with new security tools and technologies.
  • Improve readiness
    • Immerse team members in a live environment by executing cyber security fire drills or providing overviews and objectives of scenarios, to evaluate protocols and situational readiness.
  • Reduce operational errors
    • Perform and re-set test runs in a safe environment to ensure flawless execution and minimize errors.

To get a better sense of the capabilities of a cyber range, contact [email protected] for a demonstration of our Cyber Range platform.



Is the cybersecurity skills shortage getting worse?

Cybersecurity for small- and medium-sized businesses

You probably won’t remember this, but the “forgetting curve” theory explains why learning is hard


Request Demo

Fill out the form and we will send you details about our demo.