Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/26/2019
08:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

Your Employees Want to Learn. How Should You Teach Them?

Security practitioners are most likely to stay at organizations that offer career development. Here are eight tips to consider as you plan your course of action.
2 of 9

Educated Employees Are Happy Employees

Forward-thinking businesses, and those that have grown, realize education and career development is "the most critical piece to retention," Corey says. Businesses that give employees the tools they need retain them 60% more than those that don't, according to Cybrary's research.

"You could stress about it, but the best way to keep employees in an organization is to make sure they're continually challenged," Lee explains, adding that he has seen many people with great loyalty to companies that value them and treat them right.

Offering educational opportunities to your security team provides skills development they both want and need. Their knowledge leads to greater defense for your organization, as well as a cost-savings aspect, Corey says. After all, offboarding and onboarding are both expensive. Educating your current workforce and promoting people trained internally can save companies an annual $25,000 per worker, Cybrary found.

It wasn't long ago that education was mainly a requirement, Lee points out. Now it's a benefit. Employees will limit their job searches to companies committed to education. Cybrary's research shows if you develop someone's career and give them the tools they need, you'll retain them at a 60% greater rate compared with those that don't, Corey says. Organizations invested in education demonstrate improved preparedness at employee and corporate levels.

(Image: Pressmaster stock.adobe.com)

2 of 9
Comment  | 
Print  | 
Comments
Threaded  |  Newest First  |  Oldest First
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-6017
PUBLISHED: 2020-12-03
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code ...
CVE-2020-6021
PUBLISHED: 2020-12-03
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DL...
CVE-2020-6111
PUBLISHED: 2020-12-03
An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and...
CVE-2020-5680
PUBLISHED: 2020-12-03
Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.
CVE-2020-5638
PUBLISHED: 2020-12-03
Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.