creative soul - Fotolia

Can gamification techniques help build cybersecurity skills?

Interactive gamification techniques provide a fun, practical way to train employees and help them improve cybersecurity skills, says Cybrary COO Kathie Miley.

As the cybersecurity skills gap looms, gamification techniques could prove to be a great addition to organizations' cybersecurity training strategy, according to Kathie Miley, chief operating officer at online cybersecurity learning platform Cybrary. In this Ask the Expert, Miley discusses why deploying gamification techniques not only helps build cybersecurity skills but is also instrumental in instilling a passion for cybersecurity among the future generation of information security professionals. Miley also offers tips to organizations that are implementing gamification techniques for cybersecurity training.

Editor's note: The following interview has been edited for clarity and length.

How are gamification techniques helping cybersecurity skills training?

Kathie Miley: Gamification is usually takes PowerPoint-based or video-based training and turns it into an interactive game. People want to go in and solve issues interactively, versus being lectured and then taking an exam at the end.

We offer that in a couple of different ways. We have mock scenarios that people can join and we walk through a breach event where the person who is taking the training responds to that as if it was really happening. At the end, it would give them the practical tools to be able to respond to something if it were to happen in real life.

The gamification technique is advancing cybersecurity in a couple of different ways. One, it gives practical hands-on experience about the right way to respond to phishing emails or credit card breaches.

The one other thing that I believe it is being applied to is training the newer generation of learners who are coming into the marketplace, ones who are accustomed to being online and interacting with all kinds of social sites.

For organizations trying to implement gamification techniques, number one would be obviously to develop that training toward the exact correct demographic they are trying to assist. It's not necessarily one size fits all, so it really does have to be customized to fit the audience that it's intended for, whether that be folks who are handling PII or legal folks who are handling sensitive documents. 

Dig Deeper on Risk management and compliance