What's Happening?
A recent study by ISC2 highlights the difficulties faced by cybersecurity teams in finding time for necessary training to combat emerging threats. Despite an increase in security training budgets, with 73% of organizations reporting a rise, many cybersecurity professionals
struggle to engage in training due to time constraints. The study surveyed nearly 1,000 cybersecurity leaders and found that while 98% of organizations allow training during work hours, over half of the respondents face challenges in dedicating time to it. The rise of AI is identified as a significant skill gap, with 47% of respondents focusing on addressing this through training. Barriers such as outdated training content, lack of qualified trainers, and insufficient leadership support further complicate the situation.
Why It's Important?
The inability to allocate sufficient time for cybersecurity training poses a significant risk to organizations as they face increasingly sophisticated cyber threats. As technology evolves, so do the tactics of cybercriminals, making continuous training essential for maintaining robust security defenses. The rise of AI as a pressing skill gap underscores the need for cybersecurity teams to stay updated with the latest technological advancements. Organizations that fail to prioritize training may find themselves vulnerable to attacks, potentially leading to financial losses, reputational damage, and compromised data security. The study emphasizes the importance of integrating training into regular work schedules to ensure cybersecurity teams are well-prepared to tackle new challenges.
What's Next?
Organizations are likely to explore strategies to better integrate training into the workday, such as adjusting workloads and providing managers with resources to prioritize learning. As AI continues to evolve, cybersecurity teams will need to focus on developing skills in this area to effectively counter AI-driven threats. Companies may also seek to address barriers such as outdated training content and lack of qualified trainers by investing in updated training programs and partnerships with educational institutions. The ongoing challenge will be to balance day-to-day responsibilities with the need for continuous professional development in cybersecurity.
