CxO Decision Brief: Cyber Workforce Resilience

Leveraging People-Centric Cybersecurity to Improve Security Posture

Solution Value Icon

Solution Overview

Too many organizations remain ill-prepared and lack full insight into how to respond to cyber threats. The cyber resilience program from Immersive Labs combines realistic, team-based training and exercises with technical insights to optimize response against cyber threats.

Benefit Icon

Benefit

Immersive Labs Cyber Workforce Resilience platform speeds response and improves security readiness. Benefits include:

  • Improved readiness of individuals and response teams
  • Continuous measurement and proof of cyber readiness
  • Improved application security
  • Better staff retention and career development
Urgency Icon

Urgency

Cyber attacks represent a strategic threat that can inflict significant financial and reputational damage. Organizations that delay action on cyber resilience invite substantial risk and stand at a competitive disadvantage in the market.

Impact Icon

Impact

Organizations must assess staff and align skills and competencies to the security landscape. Immersive Labs helps maximize investments in people and security tools, policies, and procedures through application of rich training focused on emerging threat and cyber-crisis scenarios. Organizations can also expect to gain actionable insight into current and future investments.

Risk Icon

Risk

Improving cyber resilience reduces risk, but organizations should be ready for what Immersive Labs may uncover. Leaders may reframe their approach to process, skills, and techniques to align the organization and mitigate threats.

1. Solution Value

This GigaOm CxO Decision Brief was commissioned by Immersive Labs.

Cybersecurity incidents have become so pervasive that it is no longer a question of whether an incident will happen but when. Compounding the challenge, many organizations lack accurate metrics to understand their security posture and adequate skills and staff expertise to enable it.

Cyber workforce resilience addresses these shortfalls by adopting a primary focus on the people aspects of cybersecurity. Immersive Labs was founded on the principle that the overall scale and impact of an incident is defined first by both the team’s ability to react and its effective preparation driven by a well-disciplined and trained staff.

To develop this ability, Immersive Labs provides realistic simulations and hands-on cybersecurity training to enhance an organization’s security posture and evaluate individual and team decision-making and response capabilities against the latest threats. Its platform also allows an organization to measure cyber readiness compared to industry benchmarks, helping achieve true and measurable risk reduction. Core aspects of the solution are:

Multi-level, realistic team exercises: Education and testing for cyber response rarely account for the organization’s operational environment. Immersive Labs’ ability to provide customizable environments for team simulations, working at both organizational and technical levels, ensures that response teams train in their environment and develop strong “muscle memory” to deal with threats in real time.

Hands-on educational labs: Unlike conventional training materials, which can take months and be quickly outdated, Immersive Labs Threat Intelligence identifies emerging threats early in their lifecycle and quickly turns them into exercises and labs. Rapid delivery ensures teams gain experience with emerging threats rapidly.

Benchmarking and proof of resilience: The Immersive Labs platform leverages granular performance data to measure and assess your technical and non-technical teams’ skills development and cyber readiness compared to industry benchmarks. Company leaders can use evidence of capabilities to confidently demonstrate risk reduction and compliance.

2. Urgency and Risk

Urgency

Overconfidence is a problem. Organizations often believe they are better positioned to handle threats than they actually are. They utilize traditional training based on theoretical classroom exercises focused on individuals while ignoring hands-on skills and the team dynamics of a real attack. And they lack the metrics to fully understand their position.

These issues combine to increase vulnerability and slow response. Any delay in cyber response increases cost and reputational damage and threatens an organization’s long-term sustainability.

Risk

There is very little risk posed by a cyber workforce resilience implementation except those associated with changes to existing processes. Any review will likely highlight gaps or failures in readiness; however, effective change management is needed to ensure uptake and minimize resistance to this guidance.

3. Benefits

Key benefits of an Immersive Labs Cyber Workforce Resilience deployment include multiple organizational and technical benefits, including:

Executive insight into security posture: Effective incident response comes from a complete, defensible understanding of security posture and capabilities. Implementation of advanced metrics enable CxOs to view progress, track return on investment, and assess the organization’s competitive posture.

Improved individual and team practical skills: Cyber response is a team exercise, so traditional individual-based training is often ineffective. Hands-on, practical scenario-based team education and testing gives security staff the tools to handle live-fire incidents and improve cyber resilience.

Improved security decision-making: Enhanced hands-on expertise and transparency puts critical information in the hands of prepared responders during incident response. The result: prompt, informed, and effective decision-making that can significantly mitigate the risk of financial loss and reputational damage that could follow an attack.

Improved application security: Increasingly, software is being built at pace, and the quicker that pace, the more vulnerable your software is likely to be. The solution demands a culture of security across the software development lifecycle. Cyber Workforce Resilience, by hosting content for a range of roles involved in building applications, improves AppSec and development teams’ security capabilities, enabling everyone to be part of improving application security.

More effective career development and retention: Deployment supports and develops heightened workforce expertise, awareness, team-building, and organizational and technical skills, which directly impacts staff development and can increase retention. In addition, Immersive Labs Cyber Workforce Resilience optimizes recruitment practices, providing tests for potential candidates with a skills-first approach.

Figure 1. Advanced Metrics and Visualization Improve Outcomes

4. Best Practices

Successful adoption requires a clear vision. Management must understand its priorities, the reasons for investing, and the specific, measurable outcomes it seeks. By understanding the drivers of adoption and developing KPIs to measure and track success, management can fully articulate the importance to the organization and its people.

Focus is critical. By setting priorities, decision-makers can create a focused plan that delivers on shorter- and medium-term risk reduction goals and addresses issues uncovered during adoption of the Immersive Labs education and training platform. This focus is essential, as those that try to adopt too broadly too quickly may fail to address the highest priorities successfully.

The solution: Pair Immersive Labs with your security strategy and walk through the program’s rollout as part of a larger security strategy review, proceeding in order of importance to your organization. This way, you can check off the areas where competency meets and exceeds your desired organizational readiness, setting you up for maximum success without being overwhelmed.

Finally, consider engaging Immersive Labs’ professional services teams to help engage stakeholders and prioritize which aspects of the solution to adopt first.

5. Organizational Impact

The adoption of security solutions often drives change in an organization. These changes can be highly positive, as noted in benefits around staff skills and retention. In addition, different groups and seniority levels can gain from working together to address simulated security challenges.

Nonetheless, management must be aware of changes and potential impacts when moving to a cyber-resilience strategy. Not least, once an organization has developed a detailed and measured understanding of its security capabilities, it may discover it is not as well prepared as it thought. This can shock and embarrass those responsible for resilience and may result in additional costs of putting together a more comprehensive security program.

Immersive Labs simulations will likely expose weaknesses in communication channels, shedding light on gaps where valuable minutes or hours can be saved in a real emergency. Those minutes and hours are worth everything in the midst of a cyber incident.

Specific roles with a focus and responsibility for cyber skills may also need to be developed, translating to increased, or potentially the reallocation of, spending on cyber resilience. Also, a successful cyber-resilience program requires that adequate time is built into workflows and practices in addition to training. Properly budget time for teams participating in inter- and intra-team sessions to extract maximum value from the platform.

Ultimately, there will likely be a cultural shift, with changes to workflows, responsibilities, and, potentially, customer and supplier interaction. Understand this and prepare for these changes.

People Impact

The organization must have a roadmap to deal with skills assessment and management of staff. There should be recognition for those whose skills may have been underestimated and need to be recompensed differently. Individual motivation can increase, as such roles are seen as more valuable.

Management may also need to handle people less suited to their role, including dealing with outcomes such as redeployment or removal of individuals lacking necessary skills. Careful planning can minimize the risk of demotivation and potential staff defections, which would leave the organization under-resourced and exposed.

6. Solution Timeline

A well-planned implementation of the Immersive Labs solution will take around 90 days. Here, we provide a guide to the plan, test, and deploy stages of a deployment.

Figure 2. An Example Solution Implementation Timeline

Plan, Test, Deploy

Immersive Labs works with customers to ensure successful deployment, engaging its customer success teams to build a clear understanding of cyber workforce resilience goals. The following are the key directional stages of deployment.

Pre-planning: This is done before the project kicks off and is foundational to a successful implementation. This process focuses on defining clear scope, including project goals and objectives, challenges, teams, and end goals. Key contacts, priorities, and service delivery plans must be identified.

Discovery and execution: In this design and deployment stage, usually in the first 60 days, tasks such as platform configuration, licensing and permissions design, and platform training are addressed. Scenario-based lab exercises and content are developed for crisis team simulation training.

Launch: Awareness must be built at this stage, creating a clear understanding of why the solution was adopted, its impact, and importance to the organization. It is essential to develop success criteria and plans for additional growth and adoption of the platform.

7. Future Considerations

A business investing in Immersive Labs should understand that, as with all security tools, this market does not sit still. Organizations should prepare for ongoing engagement and continual development, with new exercises and labs enabled as emerging threats arise and proliferate. Business leadership should also expect new focus areas within the platform to address new architectures and threat types.

Finally, businesses should invest in the vendor relationship, providing feedback on the kinds of exercises and scenarios they need, as this can inform Immersive Labs’ efforts going forward.

8. Analyst’s Take

Security and preparedness should be at the heart of an organization’s IT and business strategy. However, it is clear that many cybersecurity and cyber resilience approaches are ineffective. Understanding why traditional methods fail is essential, and one key area to focus on is the inadequate training and preparation of teams, which can significantly impair both breach prevention and incident response.

Companies also need to have a clear-eyed understanding of their capabilities. Ineffective training and poor reporting can cloud an organization’s visibility into its actual capabilities, creating a false sense of confidence in its preparedness for cyber incidents.

Immersive Labs Cyber Workforce Resilience takes an approach that is focused on the team, practical skills improvement, and evidence of capability using clear, actionable metrics. Its hands-on, scenario-led approach represents a considerable step up from passive, theoretical learning approaches, enabling organizations to improve their cyber resilience and deal with inevitable threats.

9. Report Methodology

This GigaOm CxO Decision Brief analyzes a specific technology and related solution to provide executive decision-makers with the information they need to drive successful IT strategies that align with the business. The report is focused on large impact zones that are often overlooked in technical research, yielding enhanced insight and mitigating risk. We work closely with vendors to identify the value and benefits of specific solutions and to lay out best practices that enable organizations to drive a successful decision process.

10. About Paul Stringfellow

Paul Stringfellow has more than 25 years of experience in the IT industry helping organizations of all kinds and sizes use technology to deliver strong business outcomes. Today, that work focuses mainly on helping enterprises understand how to manage their data to ensure it is protected, secure, compliant, and available. He is still very much a “hands-on” practitioner and continues to be involved in a diverse range of data projects. Paul has been recognized across the industry and has spoken at many industry, vendor, and community events. He writes for a number of industry publications to share his enthusiasm for technology and to help others realize its value.

Paul hosts his own enterprise technology webcast and writes regularly on his blog.

11. About GigaOm

GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands.

GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises.

GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level.

12. Copyright

© Knowingly, Inc. 2023 "CxO Decision Brief: Cyber Workforce Resilience" is a trademark of Knowingly, Inc. For permission to reproduce this report, please contact sales@gigaom.com.