We are continuing our focus on cybersecurity as we roll through October, the official month for cybersecurity awareness. Here at GovEvents we feel there is a strong connection between awareness and training. There has been wide reporting about the shortage of trained cyber professionals. So how do we get qualified (and interested) professionals up to speed on the practice of cybersecurity?
As we mentioned in a post this summer, cybersecurity is among the most common topics for events listed on GovEvents.com. There are a wide variety of events from panel discussions sharing lessons learned to specific technology demos and trainings. Given the need for more professionals, in-depth hands on training may be the most needed type of event. A study released early this year asked government IT professionals in organizations deemed to be "high performing security organizations," "What steps have you taken to improve your agency's cybersecurity posture?" Training played a role in a number of their top answers including recruiting personnel with credentials in security (73%), raising awareness and training employees (85%), and providing specialized training for IT and IT security staff (56%). This same survey found that the biggest "challenge to achieving a strong cybersecurity posture" was insufficient personnel (60% of respondents citing this reason).
So as event professionals, how do we meet this training need? What do we need to consider when planning cyber-themed events?
- Understand the difference between a speaker and a trainer - to build an IT workforce we need trainers. People who are teachers and can walk attendees through hands on experiences with technologies and scenarios. Having a security professional who has "been there done that" to share experiences and lessons learned is valuable for context, but what the market is looking for is hands on training and credentialing. Use that subject matter expert as a lunch speaker to provide a break between the more intensive hands on training.
- Help them up their game - many IT generalists are being tasked with taking on cyber roles. While they are tech savvy, cybersecurity is a new field for them. Some will need training to be the day-to-day resource for security while others need to get up to speed on the discipline so they can oversee a cyber team. Determine which audience you can best help.
- Create opportunities - professionals in transition and recently retired military personnel are looking for their next career opportunity. If trained, these groups could help to fill the void in the cybersecurity workforce. Providing training that are intros to cyber and not overly detailed/technical can provide a first step into a new career for people looking/needing to make a change.
What have you seen in the way of effective cyber training? What events meet the needs of attendees as well as the market?