Comments
The Troubling Decline Of IT Security Training
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
dankney
50%
50%
dankney,
User Rank: Apprentice
11/16/2013 | 2:10:40 PM
Look at the conferences, not just the budgets.
There's an implicit assumption here that the trend is due to spending decisions rather than issues within the conferences themselves.

My experience over the last several years is simply that the quality of conference training has been declining steadilty. The threats, topics and techniques being discussed have essentially stopped evolving in the session rooms. Talks tend to either be slight but obvious variations over previous presentations or show-and-tell about a project that was delivered using well-established tools and techniques.

I can assure you, if you're paying attention to the traffic hitting your datacenter edge, that attack sophistocation has not stagnated.


As security continues to evolve from a problem set to a set of products, the real conversations are happening behind closed doors. Vendors can't allow potential customers to see them discussing threats they can't mitigate, so the dialogue becomes private.


Why would you spent $3k to attend a conference where you aren't actually invited to learn the real content and have nothing to sell?
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
11/15/2013 | 4:21:23 PM
Train then drain
How much of this reluctance to train is government managers worried that they'll spend precious funds to educate their security pros on cutting-edge tech, only to have them bail to higher-paying private-sector jobs?

We see it happen now with SEALs and other special forces, where it costs the US thousands to train these experts, who are then lured away by the Haliburtons of the world. Cyber-warriors may not be able to survive in the wild for a month with nothing but a compass and a knife (at least the ones I know), but they have other skills worth big bucks.
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
11/15/2013 | 2:53:03 PM
Bigger than IT alone
This issue is of particular concern to IT professionals, though it is far bigger than IT alone. The state of awareness and training about proper security preactices is completely lacking across the enterprise. IT professionals first need the training in the tools and best practices, then the end users throughout the organizaiton also need education about security. We're still seeing end users with shocking lack of awareness about basic security (don't click on that unknown link in the email from the person you don't know, please!).

Security only seems to rise to the surface of priorities when there's a breach. Otherwise it's the forgotten stepchilde in the IT organization and in the enterprise as a whole.

Good security practices should be made part of the emplyee performance evaluations for every single employee across the organization, IMHO.
Greg MacSweeney
100%
0%
Greg MacSweeney,
User Rank: Apprentice
11/15/2013 | 1:06:44 PM
Security Training In Any Industry Is Lacking
The lack of information security training isn't limited to the federal government. Financial services companies are also complaining that they can't find qualified information security experts. But, very few financial organizations invest any resources in security training. Most firms expect new hires to come in knowing everything they need to know about security. It just isn't that simple. All firms need to invest in training for information security.
<<   <   Page 2 / 2


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.