Comments
Nearly 61 per cent of Indian organisations lack well-structured cybersecurity training modules for their employees, according to a survey by cybersecurity firm, Cyberbit.
According to the report, this number is especially concerning considering that a majority of the workforce still works remotely.
It adds that 77 per cent of cybersecurity professionals work remotely, while 23 per cent work on-premises or hybrid.
Of the cybersecurity professionals working remotely, 50 per cent said they had not been given any cybersecurity training by their organisations.
A majority of organisations rely on training that provides limited practical exposure. According to the survey, 89 per cent of organisations “still rely on classroom training, external certificates, and tabletop exercises that emphasise theory and have limited practical exposure.”
“These approaches are great to develop knowledge, but don’t prepare SOC teams with the practical skills required for the experience of a real-world attack,” the report said.
Of the organisations surveyed, 11 per cent have deployed a Cyber Range that exposes their security teams to simulated cyberattacks.
“Training using a cyber range provides experiential learning (i.e. learning by doing or hands-on-training) that ensures SOC staff are prepared and equipped to deal with any incident using “muscle memory” acquired through regular practice,” the report said.
“We expect more and more organisations to invest in Cyber Ranges in India, especially after the Covid-19 pandemic has given cybercrime a boost, making the need for skilled cybersecurity professionals even more significant,” it added.
The firm also surveyed universities in the Asia-Pacific “to understand the maturity of their cybersecurity training programmes.” According to the report, 60 per cent of the universities surveyed lacked hands-on education for cybersecurity students.
Rakesh Kharwal, MD-India, Cyberbit, said, “With the pandemic worsening, the cybercrime situation and an increasing number of Indian employees working from home, India is still unable to fulfill the demand for a competent and agile cybersecurity workforce.”
“Although the demand for cybersecurity professionals in India is at an all-time high, the dearth of proper educational institutions that impart accelerated cybersecurity training is a key factor responsible for the shortage of skilled professionals in the country. There is a fundamental flaw in the method of training and building cybersecurity workforces in our country,” he added.
“It is essential to note that cybersecurity training can’t be taught in classrooms as theory classes, or by reading books and PPTs, or going through product videos. It must be based on a real-life corporate environment, using commercially available cyber tools and simulation experiences. Only then can India produce a resilient cybersecurity workforce and solution stack that is well-equipped to neutralise all kinds of imminent cyber threats," he added.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.