As cyber threats become more targeted and frequent, coupled with a shortage of skilled workers, cyber skills training should top the priority list for any organization.
Unfortunately, mastering the cyber security skills required to defend today’s business networks doesn’t happen overnight. If you look at a typical day in IT, team members are juggling multiple tasks to manage, support, and secure users, devices, and networks—with little time left to learn, let alone remember, cyber skills training.
Remembering is the critical word as these types of skills usually require time with hands-on experience. This is where traditional cyber security training often falls short.
Cyber security training challenges
Theoretical training lacks the opportunity to truly participate in the learning process. It's challenging to retain knowledge when you're watching videos or listening to an instructor at the front of the room showing PowerPoint slides, then trying to remember sequences for incident response.
And while cyber skills training is critical, equally important is reinforcing the training so the skills are remembered when it’s time to react to an incident. Like learning to ride a bike, cyber skills must be trained through experiencing and repeating. This is where hands-on training excels.
To better illustrate this, let’s look at the forgetting curve.
The forgetting curve
Discovered by German psychologist Hermann Ebbinghaus, who also pioneered other fundamental human learning and memory behaviours, the forgetting curve shows how information is lost over time when there is no attempt to retain it.
It looks at how humans start losing the memory of learned knowledge unless it is consciously reviewed time and again.
Research on the forgetting curve shows that within one hour, people will have forgotten an average of 50% of the information presented. Within 24 hours, this rises to 70%. In a week, over 90%.
Apply this to a busy, understaffed IT environment, and you can picture the training challenges. How do you learn the cyber security skills training needed to react to an incident, remediate damage, and get operations back on track? How do you remember the steps to take when an attack hits?
Practical, hands-on experience is key
The forgetting curve reminds us that we must reinforce training on a regular basis to retain the content following training. However, investing in the right type of training is also important.
Cyber skills training can be delivered using theoretical learning techniques in classroom settings or online. Or instead, by using practical, hands-on methods to test reactions in realistic situations.
Training your team to face and defend against threats in real-world conditions makes the difference in retaining learning. Cyber skills training should be easy to repeat, modify, reuse, and scale to fit changing needs. Without the right tools, this is prohibitive for many organizations.
That’s why tools like cyber range solutions are so useful for IT and security teams.
How cyber range solutions improve training
Cyber ranges allow teams to experiment with what-if cyber security scenarios in safe environments. A cyber range lets you create and run realistic training that trains, tests, and evaluates incident response without requiring resources and time.
With a cyber range, entire teams can:
- Access the platform with ease
- Debrief on the scenario
- Review a list of objectives
- Collaborate to complete the mission
Since cyber ranges are often designed to meet the rigorous cyber security training requirements of military, government, law enforcement, financial services, and technical operations teams, imagine what this type of platform could do for other organizations.
Benefits of a cyber range solution
Design and run continuous training in any location via your browser
- Launch self-paced courses for individuals or interactive classroom training for groups
- Stage real-world exercises that mimic operational scenarios
Create and run simulated safe environments that behave realistically
- Design networks that mimic yours to train and test security incident response and disaster recovery
Deploy quickly and easily
- Use your existing hardware for hosting training or simulations on-premise. Or choose short-or long-term cloud-hosted options. No matter your size or needs, we have a package to easily train your organization with monthly or annual pricing.
Accelerate understanding of new security technologies
- Stand-up environments similar to yours, in just a few clicks, enabling your team to experiment with new security tools and technologies.
Improve readiness
- Immerse team members in a live environment by executing cyber security fire drills or providing overviews and objectives of scenarios, to evaluate protocols and situational readiness.
Reduce operational errors
- Perform and re-set test runs in a safe environment to ensure flawless execution and minimize errors.
Cyber ranges deliver consistent, continual training in real-world conditions with rehearsals and assessments that mimic realistic operational environments. This makes the difference between safe and secure networks or expensive recovery and reputation loss.
Learn more about using a cyber range
Many organizations use Field Effect's Cyber Range platform to train their teams. In fact, our own team of cyber analysts and developers use the platform to test, train, and retrain cyber skills and knowledge.
Field Effect’s Cyber Range allows you to produce content and exercises on-the-fly so participants can be tested continuously to ensure content is retained. You can also use the cyber range to build frequent refresher modules to boost memory, resulting in superior learning outcomes.
To get a better sense of the capabilities of a cyber range, reach out to our team today.