Approach to cyber security training
Cyber security is a key element for business continuity in the modern digital world. All the organizations are relying on their own and/or service providers’ digital infrastructure. Its criticalness for business is so big that it should be high priority in organizations. Also, the risks that organizations are facing comes from digital networks from many potential threat actors who are nowadays really capable of executing successful attacks.
The challenge of cyber security is in complexity. Digital infrastructure is expanding all the time and dependency chains are getting longer and longer which means that being able to understand and know our digital environments is getting harder. However new technologies helps specialists to have visibility and understanding of the environments but it requires that they know how everything works.
For me the important skill for cyber security is to understand the underlying technologies as well as possible. With the knowledge of how IT environments work helps to understand the potential risks and impacts of it to businesses. Cyber security is a broad topic that includes many areas that can be focused on, for me it has been always the defensive side of it and how to investigate and handle cyber attacks. Technology plays a big role in cyber security and being able to be a generalist who understands how different elements are connected and depending on another elements is one of the most important skills that I have learned.
About writer
I have gained my expertise in cyber security in past 15 years on developing new solutions and environments for cyber exercises for organizations to train their critical capabilities in realistic manner. Also being a part of many RDI-projects focusing on cyber security development and working together with our partners and customers has taught me a lot of their needs and challenges on cyber defense. My expertise areas range from cyber security controls and defending to cyber attack investigation and analysis. I also have vast experience on incident response from technical perspective to operational level.
Q&A
What do you value as a trainer?
In my approach to training the participants are in the focus. My goal is to scope the topics to suit participants’ background and knowledgebase. The philosophy in training is focusing on best practices and application of the knowledge in practice. It is important to highlight overall contents of topic and contextualize the details in practice.
What training methods do you use?
The methods I tend to use in trainings focuses on theory tight with contextual practical hands-on exercises. I explain the overall contents of the topic and highlight details in practical examples so participants can understand how the theory works in practice.
What are the most common challenges that participants face?
Cyber security covers so many other areas of IT as well that it is difficult to understand how different elements are connected to each other and what kind of measures can be taken to implement cyber security in successful manner. For me it is important to teach participants to understand how they can apply cyber security in practice for their organization’s needs and what are the best practices they need to take into account.
How do you ensure that participants understand and absorb the subject matter?
Most the trainings I provide include demonstrations and hands-on exercises so I can demonstrate the topic in action and have discussion with participants to ensure they have understood all the contents.
Could you share a particularly successful moment from your career?
As trainer who helps critical infrastructure organizations to prepare for cyber attacks, every information nugget that I share that helps organizations to make the society to be more secure for citizens and organizations is a win for me. The most rewarding element on training is to see participant have an aha-moment, when they realize how to solve the root-cause of cyber attack in investigation with the new method that we have been working on.
