We have approached Halloween with quick steps. However, if you want to be scared, you don’t have to wait for the month’s change. Because October is Cybersecurity Awareness Month, looking at the increasing number and the increasingly serious consequences of attacks on IT security can cause a lot of horrors, especially for those responsible in companies. Since 2004, the month of action has been intended to raise awareness of IT security and provide a framework for appropriate advanced training such as security training.
The e-learning provider Skillsoft has evaluated the anonymized user data of several million users of its Percipio learning platform. The results show how much the time invested in safety training has risen in the last 30 months, which safety topics and qualifications are most in-demand, and which sectors are investing particularly heavily in training.
Security Training: Increasing Expenses For IT Security
After a sharp increase in the number of attacks and security breaches in 2020, 2021 has already exceeded the total number of the previous year by 17 percent since the beginning of October. The number of attacks is increasing, but also their complexity and their consequences. The only positive development is that cybersecurity is finally receiving significantly more attention and prioritization in most companies due to the cyberattacks that have become known and their serious consequences. According to the industry association Bitkom, spending on IT security rose by 9.7 percent despite budget cuts in many places due to the pandemic.
6.2 billion euros are expected to be spent on hardware, software, and services in IT security in 2021, and current forecasts by Bitkom anticipate 8.9 billion euros by 2025. However, it is a challenge for security officers that Today’s threat landscape is becoming increasingly complex. The qualification gaps in many companies are correspondingly large so that the area of safety training and certification has moved onto the priority list of many responsible persons.
Users Spend More Time On Learning Content About IT Security
Whether it’s gaining certifications, raising employee awareness of threats, or learning best practices to mitigate risks, employees are spending significantly more time on cybersecurity training than ever before. Since 2019, Skillsoft has observed an increase in hours invested in training with safety training content by 53 percent. The comparison of the examined 30 months shows not only an increase in comparison with the month in the previous year but also increased peaks: For example, after security incidents that have become known, such as in March and April 2021 after attacks on US industrial companies or after the wave of Phishing-E -Mail for data theft in May 2021.
Sectors With A Particularly High Need For Safety Training
In the companies surveyed, the total number of hours learners spend on safety training content each year increased by 80 percent compared to 2019. The industries where investment and time spent on safety-related courses and learning have been highest are:
- Legal (lawyers, legal departments, etc.)
- Energy and utility companies
- Training & Development (L&D)
- Nonprofit organization
For these five industries, an average growth rate of 59 percent was discernible compared to the previous year.
Top Topics In Safety Certification And Safety Training
If one looks at the ten most frequently completed security courses in 2021, the topics “OWASP” (Open Web Application Security Project) and “Cloud Security” occupy the top ranks. In particular, the increased need for security in cloud environments is certainly due to the decentralized work of many companies in the wake of the COVID-19 pandemic.
Also represented in the top 10 are many CompTIA Security + (pre-) certification courses. These range from social engineering techniques to basic cryptography principles. According to studies (v), 75% of IT decision-makers struggle with existing skill gaps, with cybersecurity and cloud certifications being the two most sought-after technology areas for businesses. This explains the high demand for corresponding courses, shown in the current evaluation.
IT Security Is Not A “Flash In The Pan”
The increasing investments in safety training and further education show that the awareness of the dangers and the need for appropriate training is growing. The many successful attacks on corporate environments often achieved through absolutely avoidable security gaps also show that there is still a lot to be done.
“Cybersecurity Awareness Month is a good reminder that we must jointly concentrate our efforts on increasing awareness and education about security risks and equipping employees with the necessary skills to cope with these risks.” “It’s not a task that can be done in a month. Since the type of attack is developing very quickly, the countermeasures and security precautions also require constant updates and new skills. ”
Checklist For Building An Enduring Cybersecurity Culture
- Describe the role each employee plays in security so that employees see this as a task that must all work together to achieve a common goal.
- Implement a “blended learning approach” that combines traditional course content with practical scenarios, practice environments, and team-oriented lessons.
- Encourage employees to pursue safety certifications to expand their skills and fill skill gaps.
- Provide employees with the tools to incorporate necessary training into their workflow. A gamification component can help increase the interest and motivation of groups of participants.