How companies can change the game in cyber recruitment and upskilling – FE News

How companies can change the game in cyber recruitment and upskilling – FE News

Why switch to NCFE for EPA In Article Block advertising

The global L&D market is approaching $360 billion, but $97 billion of that is wasted. That’s 26%, a quarter of L&D budgets, making ineffective corporate training a major problem for companies. And with the risk of a recession, businesses need to keep a very close eye on their budgets, making sure they are spent in the most efficient way possible.

Of course, several reasons have been given to explain this waste, from unengaging content and bored staff to time constraints and a lack of opportunities for staff to use the newly learned skills.

One area that cannot afford not to engage and upgrade its employees as it is business critical is cyber security. Organizations and business leaders recognize that cybersecurity is a business priority. But they are also keenly aware of the huge global shortage of cyber talent (up to 3.5 million by some accounts) and how a lack of skills makes businesses vulnerable to cyber attacks.

For most company managers, upskilling the security specialists has become a priority. Ineffective training is not an option, and companies are increasingly looking for innovative ways to engage and upskill their security teams and avoid the training waste trap.

That’s where “Capture The Flag” (CTF) games can come in handy.

What are CTFs?

CTFs are online competitions where teams or individuals test their cyber skills in a race to solve challenges and capture the “flag” – a secret code that unlocks points or rewards. These have long been played for bragging rights by the underground hacker community.

See also  Rapper The Game defends his daughter against criticism over the dress

From the world’s largest and oldest CTF at DEF CON in Las Vegas with millions of dollars in prize money up for grabs to our very own annual event – which attracted 12,000+ players from 181 different countries earlier this summer and everything in between, CTFs are a big deal in the hacker world. They are now moving into the corporate world as an engaging and effective way of delivering cyber education and training.

In addition to the significant upskilling benefits, CTFs are a very effective tool for companies to streamline the hiring of cyber talent.

CTFs for recruitment

For cyber talent recruiters, CTF challenges are a great way to test potential applicants. They can be useful throughout the process by helping to narrow down the number of initial applicants and assess the qualifications of your chosen prospects.


CTFs allow hiring managers to assess a candidate’s technical skill level and understand how they perform under time constraints in a practical situation. Good CTF challenges are simulations of real-world hacking scenarios and reflect the problems that security teams are likely to face on a daily basis.

CTFs are not only a great resource for companies, but can also be used by candidates to strengthen their resumes. CTF competitions take place all the time in the non-professional cyber world and are open to players of all skill levels. Entering these competitions is a great way for security professionals looking for a new role to demonstrate their proactivity and eagerness to develop their skills.

CTFs for upskilling

A 2019 poll of UK employees for the City & Guilds Group found that 69% of respondents complained that training content was not always exciting or engaging. CTFs circumvent this by allowing collaboration, team building and competitiveness. This makes them a more effective way to learn, while promoting a more collaborative workplace culture, essential to establishing a company-wide safety culture. As an engaging learning tool, CTFs are the type of training that employees don’t skip or turn off.

See also  Rule changes and 'clarification' on chips, transfers + captaincy

A good example of CTF implementation is Toyota North America, where the team has integrated CTFs as part of the company’s internal training program. The automaker tried a couple of CTF competitions with their security team and invited employees from other departments to participate in an effort to improve the hands-on experience of their cybersecurity training. Levels of exercise involvement were significantly raised by these trials. Security team engagement in learning has increased by 150% since the initiative’s implementation. Participants said that over the course of 11 months, the challenges had increased their knowledge and skills.

The big takeaway?

The staff have learned new ways to use the newly acquired knowledge in real situations. Also, the CTFs proved so popular that they are now a permanent company-wide fixture and run every Friday for everyone to join. Toyota also found that recruitment increased as candidates sought cutting-edge training and development programs like this one.

The widening cybersecurity skills gap shows the urgency for companies to revamp their training programs. As attacks become more sophisticated, security leaders must ensure that they constantly keep the skills of their teams up to date and continue to provide them with opportunities to learn the changing techniques of cybercriminals. CTFs are a great way to gain real, relevant and practical skills while building your teams through the best hires.

By Haris Pylarinos, CEO at Hack The Box

Recommend0 recommendationsPublished in Exclusively for FE News, Work and management, Skills and apprenticeships

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *