Blog
Oct 18, 2023
How to Build Elite Technical Teams Internally with Cybersecurity Training
Learn about strategies and best practices for upskilling and promoting internal technical team members with OffSec’s cybersecurity training.
5 min read
To safeguard your organization’s sensitive data and maintain a competitive edge, it’s essential to have a highly skilled cybersecurity team. But how do you build and maintain a team of experts?
In our recent webinar, Denis Kucinic, VP of Operations at Packetlabs, shared invaluable insights into how to upskill and promote from within with OffSec’s cybersecurity training programs. Let’s delve deeper into the strategies and best practices outlined in this conversation.
Start by Benchmarking
Packetlabs places significant emphasis on PEN-200: Penetration Testing with Kali Linux (OSCP) as a foundational pillar for their cybersecurity team. They treat the OSCP as a benchmark for all of their employees. Denis highlighted this by saying, “We require the OSCP as a minimum. That’s our differentiator.”
For Packetlabs, the OSCP serves as both a benchmark and a trust indicator for their clients. It signifies that their team members have achieved a standardized level of expertise in offensive security. By making the OSCP a minimum requirement, Packetlabs ensures that every team member possesses a strong foundation in penetration testing and ethical hacking, setting the stage for further skills development and specialization.
Using Cybersecurity Training Programs to Upskill and Promote Team Members
Cybersecurity training is a continuous process that should be integrated into your organization’s culture. Denis emphasized that team members are driven to acquire new skill sets and advance in their careers. Packetlabs categorizes service offerings into different levels, evaluating their team members’ skills regularly, and upskilling them accordingly.
More specifically, their process involves:
- Holding a certificate bounty
- Evaluating team members and asking them where they want to grow
- Enrolling employees in advanced training and certifications such as the WEB-300 (OSWE), PEN-300 (OSEP), and EXP-301 (OSED)
- Promoting team members to different service offerings
- Coaching and having routine one-on-ones
Denis also highlighted the importance of providing financial support for online cybersecurity training. Rather than burdening employees with training costs, Packetlabs invests in their team’s growth by covering expenses associated with certifications and courses. This approach demonstrates a commitment to employee development and serves as a powerful motivator.
Elevating Skills Through Ongoing Cybersecurity Training
One of the key takeaways from the discussion was the emphasis on continuous training. It’s not enough to have certifications; team members actively seek out new knowledge and skills. Packetlabs encourages this by incorporating training into their daily routine.
They conduct regular “show and tells” and project updates where team members share new findings, techniques, and tools. This practice keeps everyone engaged and encourages the dissemination of knowledge within the team. Additionally, they have dedicated training days throughout the year and provide additional flexibility for team members to pursue online cybersecurity training.
A Holistic Approach to Cybersecurity Skills Development
Building a strong cybersecurity team involves developing a well-rounded skill set. Denis likened their approach to building physical strength, saying “The stronger you are, the stronger your delivery is to the client”. As team members progress through different levels of expertise, they are encouraged to master a range of skills, from advanced penetration testing and web application security, to exploit development.
This holistic approach ensures that every team member possesses a comprehensive skill set, allowing them to adapt to different scenarios. It also reflects the ever-expanding nature of cybersecurity, where a broad skill set is a valuable asset.
We echo Packetlab’s insights and believe that an organization’s cybersecurity team should be a dynamic and ever-improving entity. Online cybersecurity training coupled with a holistic approach to skills development are all essential components of building a strong team.
Upskill and promote from within, improve security posture, and drive long-term success through cybersecurity workforce development with these resources:
- 4 Essential Strategies For Enterprise Cybersecurity Workforce Development
- Essential Metrics to Boost Support for Your Cybersecurity Learning Program
- 5 Ways Security Leaders Are Using Real-World Exercises
Engaging Non-Technical Executives and Stakeholders
Getting non-technical executives and stakeholders interested and engaged in the cybersecurity process can be a challenge. Denis shared strategies that have worked for Packetlabs, including investing in cybersecurity training programs that showcase real-world exercises. Demonstrating the ease with which attackers can compromise systems through live examples, such as cloning a bank website, can be eye-opening.
Moreover, external perspectives can often carry more weight. Bringing in third-party consultants or experts to showcase potential vulnerabilities and security gaps can help non-technical stakeholders grasp the importance of robust cybersecurity measures. This approach bridges the knowledge gap and creates a sense of urgency around security.
The Role of Cybersecurity Certifications in Skills Development and Client Confidence
During the webinar, Denis emphasized the value of certifications in skills development. While some argue that practical experience should outweigh certifications, Denis pointed out that cybersecurity training programs that offer certifications provide a benchmark that clients can trust.
As previously detailed, Packletlabs uses the OSCP as a minimum requirement. Their clients remain confident in knowing that the security professionals they’re working with have a standardized level of expertise. Certifications also signal a commitment to ongoing learning, a core value at Packetlabs.
Continuous Learning and Skill Development with OffSec’s Cybersecurity Training
Building and maintaining a robust cybersecurity team requires a multifaceted approach. It’s not just about hiring individuals with certifications; it’s about fostering a culture of continuous learning, promoting from within, and demonstrating a commitment to ongoing skill development through cybersecurity training programs.
Our Learn subscriptions offer comprehensive training resources for organizations looking to upskill their teams and enhance their cybersecurity posture through online cybersecurity training. The OffSec Learning Library delivers comprehensive, practical training with hands-on exercises, videos, and labs. Teams build indispensable skills with role-specific content, from entry-level to advanced.
Ready to get started? Connect with us to learn more about how we can support your cybersecurity initiatives.
Latest from OffSec
OffSec News
Evolve APAC 2024: Key Insights
Discover key insights from Evolve APAC 2024 on building skills, career growth, and tackling cybersecurity challenges with expert advice.
Nov 21, 2024
8 min read
Enterprise Security
How to Use Assessments for a Skills Gap Analysis
Discover how OffSec’s Learning Paths help organizations perform skills gap analyses, validate expertise, and strengthen cybersecurity teams.
Nov 19, 2024
4 min read
Enterprise Security
The Human Side of Incident Response
Effective incident response requires decision-making, adaptability, collaboration, stress management, and a commitment to continuous learning.
Nov 8, 2024
5 min read