Whether it’s a company of any size or an individual user, cyberattacks can happen to anyone, and it’s most often caused by human error.
Some believe that the key to great cybersecurity is investing in various security tools, such as malware prevention, data encryption, and other. However, many successful attacks are the aftermath of human mistakes. This is due to a lack of awareness about password health importance, fraud attempts, or other cybersecurity-related topics.
While it’s virtually impossible to track each employees’ step, one of the primary ways for a company to ensure high security standards is to educate its employees about cybersecurity.
To learn about the importance of cybersecurity education and threat prevention methods, we have interviewed Kevin Hanes, the CEO of Cybrary – cybersecurity professional development platform.
What has the journey been like for Cybrary? How did this project come about?
Cybrary was founded in 2015 to make cybersecurity training accessible and available to anyone. This is a mission we still carry forward today. Our Co-Founders, Ryan Corey and Ralph Sita, came from a brick-and-mortar cybersecurity training background. This is where they realized that traditional training methods were not going to cut it in terms of closing the cybersecurity skills gap and Cybrary was born.
Can you introduce us to your platform? What are its key features?
Cybrary is the leading cybersecurity training platform that combines professional development with mission-ready experiences to fully equip cyber practitioners at every stage of their careers. Cybrary offers best-in-class training and certifications to help industry professionals build the skills and knowledge they need to confidently respond to the threats their organizations face and bridge the persistent cybersecurity skills gap. Cybrary enables more than 3 million learners, from service providers and government agencies to Fortune 1000 organizations and individuals alike, to be armed and ready to respond in the fight against constantly-evolving cyber threats. By simultaneously supporting the individual learner who is entering into the workforce as well as the entire organization, Cybrary helps managers ensure their team is skilling up and provides them the visibility into their progress to encourage them to continue along with their growth and career path.
In your opinion, what are the main challenges associated with traditional learning methods?
One of the biggest challenges often associated with traditional learning is budget constraints. Whether it’s tens of thousands of dollars for college tuition or even $5 for a one to two-week crash course, many potential cybersecurity professionals can be deterred by the price. Traditional learning also requires individuals to do that on a full-time basis and/or needing them to leave their job for a short period of time, which is difficult for organizations to endure if they’re already short-staffed to begin with. Not to mention that a week-long cram session doesn’t help with hands-on skills in the long run. Plus, organizations tend to rely too much on on-the-job training without establishing a foundation of knowledge that would make this type of training more effective for both the learner and the teacher.
Did the pandemic alter your field of work in any way? Were there any features added to Cybrary?
Our platform was already set up for remote learning before the beginning of Covid to be as inclusive and accessible as possible, regardless of geographical location. However, once the pandemic intensified, we did see an uptick in new users.
Why do you think certain companies turn a blind eye when it comes to employee cybersecurity training?
In most cases, it simply comes down to a lack of understanding of the problem. A lot of organizations often think of this issue as a tech problem versus a people and skill problem. They also think that they can hire someone with all the skills they need, but given the current demand within the industry, this isn’t possible. Additionally, many are concerned about the fast turnover of employees and don’t want to invest in their people. But poor training and burnout are the primary reason for these attrition rates. They also aren’t considering both the risk and the cost of an untrained employee dealing with a cyber risk to their organization.
What would you consider to be the most serious cyber threats prominent nowadays? What warning signs should average individuals be on the lookout for?
By now, almost everyone, whether they’re a security expert or not, is pretty familiar with ransomware and its impact. But one thing we’re witnessing in Ukraine is destructive cyberattacks that are likely to make their way into attacks against corporations. Also, average individuals need to understand that they can be used as a vector of attack based on who they work for and the relationships that they have with other individuals and other organizations.
Since cybersecurity is a relatively new field, there are still some misconceptions floating around it. What cybersecurity myths do you come across most often?
Most people think that issues surrounding cybersecurity are a technology problem and therefore implementing a specific tool or service can immediately fix the problem. However, this couldn’t be further from the truth. Also, many believe that to have a career in cybersecurity, they need to have a computer science or military background. However, just looking around our team internally, we have people who have come from many different industries.
What tips would you give to someone looking to break into the cybersecurity industry?
More often than not, it almost always comes down to being hungry, dedicated, and persistent. And a platform like Cybrary – one that is affordable, accessible, and flexible – also provides necessary hands-on skills, certifications, and networking opportunities with others in the community to guide each other along the way.
What does the future hold for Cybrary?
We are going to continue to produce the best quality cybersecurity content that’s relevant to the latest threats to keep organizations and cybersecurity professionals on the front lines ready to defend against them. We also hope to ensure that the people who use the platform are job-ready whenever they join an organization so the time spent learning on the job is as minimal as possible. Our team is also anticipating some exciting company news in the next couple of months leading up to RSA and is happy to share more details then.