Cyber training 'needs to put theory into practice'

Cyber training 'needs to put theory into practice'

Cyber training should be about more than questions on pen and paper, an expert has said.

Certification alone is not enough to tackle the problem of cyber crime and companies should instead be training their employees on real-world threats.

This is according to Brian Murphy, chief executive of cyber security enabler ReliaQuest, who said everyone needs to be putting theory into practice using programs that simulate real scenarios and allow participants to leverage their skills.

"By learning from real-world security vulnerabilities and utilising advanced attack simulations, security pros can gain the skills they need to protect corporate networks," he told Forbes.

Mr Murphy pointed out that this is also likely to be more interesting for employees than typical pen and paper exercises, as it will be relevant to their day-to-day operations.

This hands-on training should be given both at the start of a worker's tenure and beyond if it is to be effective, the expert said - and he also called on business leaders to start viewing every security challenge as a training opportunity.

Only by doing this can engagement in security issues be boosted and everyone receive the relevant know-how to battle threats.

Earlier this year, Fidelity International chief executive Anne Richards said at the City Week conference that it is time for businesses to stop thinking so much about competing with one another and instead to start sharing information on hacking incidents if hackers are to be beaten.