As the cybersecurity skills gap looms, gamification techniques could prove to be a great addition to organizations'...
cybersecurity training strategy, according to Kathie Miley, chief operating officer at online cybersecurity learning platform Cybrary. In this Ask the Expert, Miley discusses why deploying gamification techniques not only helps build cybersecurity skills but is also instrumental in instilling a passion for cybersecurity among the future generation of information security professionals. Miley also offers tips to organizations that are implementing gamification techniques for cybersecurity training.
Editor's note: The following interview has been edited for clarity and length.
How are gamification techniques helping cybersecurity skills training?
Kathie Miley: Gamification is usually takes PowerPoint-based or video-based training and turns it into an interactive game. People want to go in and solve issues interactively, versus being lectured and then taking an exam at the end.
We offer that in a couple of different ways. We have mock scenarios that people can join and we walk through a breach event where the person who is taking the training responds to that as if it was really happening. At the end, it would give them the practical tools to be able to respond to something if it were to happen in real life.
The gamification technique is advancing cybersecurity in a couple of different ways. One, it gives practical hands-on experience about the right way to respond to phishing emails or credit card breaches.
The one other thing that I believe it is being applied to is training the newer generation of learners who are coming into the marketplace, ones who are accustomed to being online and interacting with all kinds of social sites.
For organizations trying to implement gamification techniques, number one would be obviously to develop that training toward the exact correct demographic they are trying to assist. It's not necessarily one size fits all, so it really does have to be customized to fit the audience that it's intended for, whether that be folks who are handling PII or legal folks who are handling sensitive documents.
Dig Deeper on Risk management and compliance
Related Q&A from Mekhala Roy
For a cybersecurity program to be effective, CISOs must be viewed as business enablers. Kudelski Security's John Hellickson offers tips on how CISOs ...continue reading
Regulations like the GDPR promise to enforce stricter data protection rules. While a data loss prevention program can help, it requires end-user ...continue reading
As information security budgets grow, cybersecurity spending needs to be focused on employee-centric areas like training to be effective. ISSA's ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.