At least this is what one learning experience platform’s data is showing.

Analysis of data from millions of users globally that have accessed security assets in a specific learning experience platform has indicated that 2021 has been a true inflection point for security learning and development (L&D) in corporate environments. 

Amid today’s increasingly complex threat landscape, IT skills gaps, and a growing tussle for IT talent, the research is shedding light on how organizations are engaging in security training.

Data is showing that people and are spending significantly more time with cybersecurity training than ever before—whether for professional development, increasing awareness of threats, picking up risk mitigation best practices, pivoting career paths, or simply building skills sets. Since 2019, there has been a53% increase in the total number of hours that learners on Skillsoft’s learning experience platform (LXP) have been dedicating to security training content and courses on an annual basis, across all expertise levels.  

Security training is hot

Breaking this down further, analyses of 25 industries ranging from aerospace to banking and finance to medical saw 60% of all companies in the platform increasing the total number of hours spent by learners annually on security training content increase in 2020 compared to 2019. In 2021, this number rose to 80%. The top five industries that have seen the largest relevant content consumption spikes were:

  1. Legal 
  2. Energy and utilities  
  3. Healthcare 
  4. Training & development 
  5. Non-profit  

For these five industries, on average, there was 59% year-over-year growth level.  

Looking at the 10 most frequently completed security courses so far in 2021, OWASP Top 10 related lessons took the lead spot in the LXP, followed by cloud security fundamentals (possibly attributed to the COVID-19 pandemic spurring a rapid global shift to the cloud).   

Rounding out the top 10 were a variety of CompTIA Security+ pre-certification courses ranging from social engineering techniques to basic cryptography principles.

Security training cannot be a one-off event

The findings on the LXP platform indicate that security professionals and all employees must maintain a mindset of continuous learning and curiosity, in addition to building a lasting culture of cybersecurity.

Practical security training ideas include: using a blended learning approach; combining traditional course content with real-world scenarios; practice labs; and team-oriented lessons.

Additionally, organizations need to encourage employees to pursue certifications to expand their skillsets, become more cyber-aware, reduce skills gaps; and be equipped with the tools needed to train and upskill in their natural flow of work. A gamification component can also be used to help keep individuals interested and motivated.