How the crisis is unveiling the true cost of classroom cyber training

Every year organizations buy overpriced cyber courses that occur in dull classroom settings, disrupt normal business function, and yield few tangible results. But in the current crisis, where social distancing and remote working are the new norm, these courses aren’t just ineffective – they’re virtually non-existent. Global lockdown measures have exposed their inflexibility and halted…

Every year organizations buy overpriced cyber courses that occur in dull classroom settings, disrupt normal business function, and yield few tangible results. But in the current crisis, where social distancing and remote working are the new norm, these courses aren’t just ineffective – they’re virtually non-existent. Global lockdown measures have exposed their inflexibility and halted them for several weeks already. In turn, security teams have been unable to upskill at a time when attackers are ramping up their activity.

Yet, by highlighting the flaws of dated training methods, the crisis is giving businesses the chance to reevaluate how they approach cyber skills development. Training that requires people to gather in set locations on set days is hardly conducive to creativity, so its loss (temporary or otherwise) should not be mourned. Such training works on the assumption that attendees are in the right mindset for learning at a highly specific moment in time, with no regard for external factors like stress, illness or even sleep quality. People-friendly, it certainly isn’t.

Cyber training must also occur often to be effective; a handful of sessions throughout the year is simply not enough. Cyberthreats evolve and so too should defenders, which is why security teams using traditional courses will never match the pace of cyber. The linear, theoretical sessions won’t prepare them for a real attack – how could they? – but the privilege costs their employers huge amounts of time, money and effort. Adding insult to injury, training providers typically split their material into numerous expensive micro-courses – a shrewd, if detestable, way of maximizing profit.

Right now people have more time to develop cybersecurity skills than ever, as demonstrated by a recent spike in activity on our platform. Our clients are utilizing their reclaimed time to get ahead of the game, knowing that they can access our browser-based content whenever and wherever they like. For those organizations lumbered with postponed classroom training sessions, the opportunity is going begging. But it doesn’t have to. At a fraction of the cost of classroom training, which pales in comparison to our library of gamified content, security teams can get to grips with real tools and techniques at their leisure. If it’s digital forensics they’re after – great, we’ve got them covered. Perhaps they need certain employees to be fully GDPR compliant? There’s a lab for that. Even senior executives can benefit by developing cyber awareness in just a few labs.

Regardless of the current crisis, and to put things into perspective, a five-day cyber essentials boot camp typically costs around £5,000 per head. The course material will often be inaccessible at the end of those five days, and there’s no guarantee that knowledge gained in such a rigid environment, at a disagreeable pace, will be retained. And this is before considering the 40 working hours sacrificed per head.

We’ve seen one training provider charging around £3,000 for a five-day IT security fundamentals course. The themes covered – cryptography, security threats, security incidents, security policies, compliance and authentication mechanisms – can all be learned on demand (and better) with Immersive Labs. More importantly, we enable users to explore these subjects through an engaging mix of theory and practical labs, all of which can be revisited as little or as often as necessary.

Let’s make a final telling comparison. For a business looking to equip 10 employees with cybersecurity fundamentals via a typical training provider, it would cost around £30,000, 400 man-hours and a whole lot more on food, travel and accommodation. For all this, you get five days’ basic training. That’s it. For less than this, Immersive Labs provides unlimited access to hundreds of interactive labs covering all things cyber, including capture-the-flag challenges and highly technical red and blue team content. Nobody travels, nobody misses work, nobody gets sick.

If you want a new, powerful cyber skills strategy that will see you through lockdown and beyond, download our Ultimate Cyber Skills Strategy Cheat Sheet:

We help businesses to increase and evidence human capability in every part of cybersecurity.

Legal