3 min

Strengthen Your Security with Cost-Effective Training

Retain and engage IT professionals through mentorship, peer-to-peer learning and vendor resources.

Ongoing training and skills development are essential for IT roles, particularly in cybersecurity. Unfortunately, they can be the first programs organizations cut in difficult economic times. That’s risky for a few reasons. 

First, technology changes quickly, so staff need to stay current with tools, technologies and best practices. Training helps deepen the IT bench by enabling employees to grow their skills to keep pace with these changes — for instance, progressing from an incident responder to a midlevel analyst or learning how to build security into an evolving cloud environment. Knowing this, today’s technical staff typically expect their employers to provide training opportunities as part of a comprehensive benefits package. Not doing so is a sure way to lose talent in a competitive market. 

In addition, given how difficult it can be to hire qualified security professionals, developing other IT roles into security assets can be highly beneficial. Cross-training helps make security a shared responsibility across the enterprise.

Here are some ways to maximize learning opportunities for IT and security teams. 

Include Formal Training in New Technology Investments

Formal training should be part of every significant capital expenditure, such as implementing a new platform or technology. If this isn’t included in the statement of work, ask the vendor to partner in that effort and incorporate training as part of the capital expense. Data shows that including training and enablement increases the speed of adoption and the long-term likelihood of a project’s success. At a minimum, such training should involve the people who will manage the technology when the experts are gone. Knowledge transfer and enablement are integral to any engagement. Otherwise, the handoff can feel incomplete, and employees will struggle to find a path to ownership.

Some vendors have developed excellent training programs and have authorized training partners, such as CDW. Newer vendors may not have this type of offering yet, so ask early and plan for how your team can acquire the necessary skills. 

Ask About Vendor Training Programs

Many vendors have training credit programs — essentially, “credits” that don’t cost any extra but can be redeemed within a certain period. These can be a great resource when budgets are tight, so make sure they’re included in significant hardware and software expenditures. 

Often, organizations have these credits and don’t realize it. The person who formalized the vendor contract may have overlooked this or may not have communicated it to frontline managers. Find out who oversees this information and knows how to redeem the credits, and make sure credits get used before they expire.

Leverage the Experience of Senior IT and Security Staffers

Peer-to-peer resources are cost-effective and extremely valuable. One way to structure these programs is to assign every junior employee to a senior mentor who can answer questions and provide over-the-shoulder training. Formalizing these relationships helps junior employees overcome hesitancy to ask for help, either out of a reluctance to “bother” senior colleagues or because they are afraid to appear inexpert. 

After employees attend training, ask them to lead a lunch-and-learn to share their new knowledge and how it applies to their specific environment. Job rotations and shadowing can also deepen employees’ knowledge while exposing them to new roles.

Extend the Value of Every Training Opportunity

Vendors love to discuss their products, and most offer free webinars, lunch-and-learns and similar programs. Often, these are led by midlevel or senior engineers who are excellent resources for staff questions. Some companies, including CDW, have a treasure trove of online resources, such as blogs and white papers, at no cost. 

One caveat: Instead of asking employees to read something independently, create accountability by tasking one person with studying a white paper and briefing the team. This creates motivation to follow through and makes training more engaging.

Skills training is essential to staff retention, especially when there is intense competition for talent. Technical people expect skills development, and when that’s absent, organizations tend to lose employees faster. Conversely, when organizations establish robust and varied development programs, they’re more likely to attract new talent and build a healthier organization overall. 

Story by Buffy Ellis, leads CDW’s Workforce Development practice in the U.S. Her team develops and delivers technical training to CDW’s clients. She is responsible for strategically aligning CDW’s training and enablement portfolio to clients’ technology and security initiatives. Buffy has worked in the technology industry for over 30 years in a variety of roles, from network engineer to penetration tester, spending the past 15 years focused on cybersecurity training initiatives.

Buffy Ellis

CDW Expert
Buffy Ellis is the executive vice president of Focal Point Academy, bringing over 30 years of experience in network design, vulnerability assessment, penetration testing and security analysis to lead a team of phenomenal technical experts in delivering hands-on cyber training courses.