Education is vital in cybersecurity as it equips individuals with the necessary knowledge, skills, and awareness to adapt to a context. Resilience against cyber incidents is a collaborative endeavor that requires the involvement of all levels of the organizational hierarchy. Education can help to make organizations more resilient by supporting people, security professionals and leadership.
CYRENZH wants to understand in which areas people, security professionals and leadership in organizations need greater guidance. Together with these stakeholders and our partners, we want to create new modules to address the challenges each stakeholder faces.
Furthermore, we seek to establish cooperation through interdisciplinary teaching programs located at both the University of Zurich and ZHAW, including lectures on BSc/MSc level, summer schools, a Ph.D. network, and continuing education vessels such as CAS and MAS..
Education plays a vital role in raising awareness about cybersecurity risks and threats. It helps individuals understand the potential consequences of cyberattacks, such as data breaches, identity theft, financial loss, and disruption of critical infrastructure. By educating people about the importance of secure practices, like using strong passwords, identifying phishing attempts, and keeping software up to date, education helps prevent common security pitfalls.
For Security Professionals
Education prepares professionals for the dynamic challenges of the cybersecurity landscape through knowledge and skills development at the university or other educational institutions. However, security professionals often encounter practical challenges in the workplace that were not covered in their basic training. One such challenge is the responsibility of raising awareness about cybersecurity risks and threats among employees within the organization. However, this task is typically not included in their standard training. To accomplish awareness next to their numerous other responsibilities, many rely on expensive simulated phishing campaigns promising to increase awareness among the people in the organization – with questionable impact. Education can help security professionals to make more informed decisions about their options.
Education can aid managers in providing the necessary support for their security professionals and workforce. There is a strong link between the employees’ motivation to perform well and work environments that are non-competitive, permit employees to choose how to complete work tasks, and acknowledge their feelings and perspectives. A good relationship requires mutual respect and care. In a one-sided, or even toxic, relationship, employees will leave or, at a minimum, disengage. Given their significance in shaping a healthy work environment, leaders and managers have great responsibility in enabling their security professionals and workforce to protect the organization from cyber risk. Education can help leaders to create a workplace that can leverage, not thwart, human resilience and creativity to address the volatile cybersecurity landscape.