Eight ways microlearning makes security training more effective
Find out how microlearning can increase cyber resilience in your organisation and improve employee engagement with cybersecurity training.
Read MoreThere are numerous courses and certifications available to cybersecurity students and aspiring professionals. Many of them are good, and there’s definitely a place for formal learning in this sector – and some cybersecurity experts take their studies to Masters degree or doctorate level.
But learning in the classroom (or a digital equivalent) has to be backed up by real-life experience. Every time we ask cybersecurity professionals whether they value hands-on experience more than formal education, they say yes.
So what hands-on cybersecurity opportunities are out there for students to gain experience?
We’ve written about why Capture the Flag (CTF) is so important to the cybersecurity ecosystem before. And for aspiring industry professionals, CTF challenges offer an incredibly valuable route to build experience, connect with a network, and establish a reputation for themselves.
Heba Farahat (Senior Cybersecurity Consultant at Liquid C2) said:
“I believe that CTFs offer one of the most effective ways to learn about cybersecurity in a gamified manner.”
“For that purpose, I actively participated in CTFs at the start of my career, and my team ranked among the top 5 in several regional competitions. Eventually, I transitioned from the player seat to the driver seat, aiming to help more people enhance their cybersecurity skills. Over the years, the number of participants doubled, attracting players from 15 different countries, with women comprising over 60% of the participants.”
They’re also known as ‘cyber ranges’ or ‘virtual hacking labs’. They’re simulated environments specifically designed for people (students, cybersecurity professionals, and enthusiasts) to practice their ethical hacking skills and develop their abilities in a way that is controlled and legal.
Usually, a hacking lab environment is made up of systems that are intentionally vulnerable to attack, unpatched networks, and applications that replicate real-world security scenarios.
You can find ready-made hacking lab environments online – from SlayerLabs to OverTheWire, and PenTester Lab to Hack The Box.
As well as engaging with existing hacking lab environments, you can build your own. And you can do it for free.
To get you started, we like this comprehensive guide by StationX – which takes you through the hardware and software you’ll need, and provides step-by-step instructions.
As well as developing technical ability, real hacking experience that exposes you to different environments and different people helps to build an understanding of cybersecurity that’s rooted in the world you’ll be working in – and not restricted only to technical skills.
When we interviewed Omar Khawaja (CISO at DataBricks), he said:
“I used to think technical security controls were the most important part of a security program, then I realised it was important to not just have controls but for the controls to be part of some comprehensive framework (compliance!).”
“Then I evolved my thinking to consider the business as the most important stakeholder (risk management). Along the way, I learned that in a complex organisation, people and process are immensely more important than technical controls.”
So if you want to be an ethical hacker, take every opportunity to gain hands-on hacking experience. It’ll set you up with the knowledge, skills, problem-solving capacity, and the contacts to navigate your career path with confidence.
If you want to immerse yourself in the future of cybersecurity, join us in Riyadh for Black Hat MEA 2024.
Join the newsletter to receive the latest updates in your inbox.
Find out how microlearning can increase cyber resilience in your organisation and improve employee engagement with cybersecurity training.
Read MoreFind out how microlearning can increase cyber resilience in your organisation and improve employee engagement with cybersecurity training.
Read MoreWhat is cyber poverty, and why do cyber inequities affect all organisations and industries? Learn how cybersecurity practitioners can work together to close the cyber poverty gap.
Read More