2880: Bridging the Gap: Are Junior Cybersecurity Pros Outpacing Veterans in Skills Development?

[00:00:00] In a world where the cyber threat landscape is evolving at unprecedented pace, the need

[00:00:07] for skilled cybersecurity professionals who are prepared to defend against the next wave

[00:00:11] of cyber threats has never been more pressing. And yet I was recently reading that a startling

[00:00:17] number of organisations feel unprepared and they feel uncertain if their teams possess

[00:00:24] capabilities needed to fend off those future attacks. And this dilemma begs the question,

[00:00:30] where does the solution lie? Well today we have the privilege of hosting Max Vetter, he's the VP

[00:00:36] of Cyber at Immersive Labs and we're going to delve into this critical issue because I was

[00:00:41] reading that Immersive Labs research revealed a surprising trend, or not depending on your

[00:00:47] age, and that is that junior cybersecurity personnel are engaging with content significantly

[00:00:54] more challenging than their more experienced counterparts and younger people get a lot of stick

[00:01:00] but it seems that old people like myself may be stuck in our ways, maybe just coasting,

[00:01:06] just going through life, just taking our foot off the gas whereas younger people more ambitious,

[00:01:11] more interested in the technologies and stopping attacks. So for me this highlighted a gap in

[00:01:16] that continuous skill development among industry veterans. So Max is going to bring to light the

[00:01:22] essential strategies for fostering a culture of continuous learning within cyber teams, bringing

[00:01:28] people together and emphasising the importance of staying abreast of industry trends

[00:01:33] and threats for everyone from the most to the least experienced and how the two can complement

[00:01:39] each other. So today we're going to explore the intricate balance between experience and

[00:01:44] adaptability in the cyber security domain. Now before I get today's guests on it's time for

[00:01:50] me to mention the sponsors of Tech Talks Daily and in an era where digital security is non-negotiable

[00:01:58] legacy managed file transfer tools they simply don't cut it now. So that's where

[00:02:03] Kiteworks comes in revolutionising the MFT landscape with unparalleled security credentials

[00:02:09] including the much coveted FedRAMP Modera authorisation. This isn't just about compliance

[00:02:15] though, it's about offering a secure efficient platform for today's remote workforce. So with

[00:02:20] Kiteworks you can benefit from advanced file sharing, email security and customisable

[00:02:26] integrations all within a platform designed to safeguard your most sensitive data. So don't let

[00:02:32] outdated technology compromise your security, step into the future of secure managed file

[00:02:38] transfer. Get started today by going to Kiteworks.com that's Kiteworks.com where security meets

[00:02:45] sophistication but enough from me let's get today's guest on now.

[00:02:52] So a massive warm welcome to the show can you tell everyone listening a little about who you

[00:02:58] are and what you do? Yeah thanks Neil my name is Max Vetter I'm the VP of cyber at Immersive

[00:03:04] Labs and as the VP of cyber I run the whole cyber team that creates all the amazing content

[00:03:11] that goes the cyber security content that sits on Immersive Labs. A bit of my background I was

[00:03:16] a police officer and then I went into as a contractor for GCHQ for a few years before

[00:03:22] before joining Immersive Labs so a relatively interesting background and lots of stories we

[00:03:28] could tell another time from that. Wow man there was a backstory I cannot walk away from

[00:03:33] there. How did you go from that world to what you're doing now and the world of tech and

[00:03:39] everything? There's got to be a story there right? Yeah well it was kind of all tied in. I left

[00:03:43] university and started life in a private investigations body, part of the international

[00:03:50] chamber of commerce actually and we were doing online investigations that led into cyber

[00:03:54] investigations and that led then into the police as a kind of joint role so I was both

[00:03:59] in private sector and in the police and obviously that led to GCHQ and then here so yeah it kind of

[00:04:08] does tie together though on the face of it maybe it seems. There seems to be a whole other

[00:04:14] episode just waiting there so we might have to get you back on. But one of the reasons I

[00:04:18] invited you on today was I was reading about your research that highlights a fascinating

[00:04:22] trend where junior cyber security professionals are engaging with content these on average 5%

[00:04:29] more challenging than their most experienced colleagues. So can you elaborate on the

[00:04:34] significance of this finding and also the implications for cyber security preparedness

[00:04:39] of course? Yeah so I think one of the key things we find is and anyone listening will know

[00:04:47] what the young people have. They typically have lots of drive, they have lots of perseverance

[00:04:52] and especially in the cyber industry. From my background I've always kind of like what we

[00:04:57] call criminal innovation which is the hackers that why we're all here and listening to this

[00:05:03] is there are hackers out there and they're really good at what they do and actually

[00:05:07] what you find with young people they have a lot of that drive to keep up with them and a lot

[00:05:13] of the qualities that you see in hackers actually which is perseverance drive and that

[00:05:18] kind of innovative mindset and I think you could maybe you know old people like us Neil

[00:05:24] who've lost that spark for the innovation maybe that's due to it and I think

[00:05:34] why it's significant is obviously you do rely on your most senior people in cyber security

[00:05:40] and they're super important, they know the most, they've been in the industry the longest

[00:05:45] but I think what takeaway from that would be just make sure you have a diversity of

[00:05:51] voices in the room because those young people who might not have the experience but definitely

[00:05:56] have the drive and sometimes have like more sharp skills than maybe the more seasoned professionals.

[00:06:03] Yeah and I've seen this in the creative industries before where I don't know you've

[00:06:07] got a 30 year old graphic designer or motion designer and they're scared to death and when

[00:06:12] these kids come out of university they hit the ground running, they've got hundreds and

[00:06:16] hundreds of hours of YouTube videos and everything that they've done their research on and

[00:06:20] they just completely blow them out of the water. I think we underestimate this sometimes just how

[00:06:24] much time and effort they put into their work right? Yeah exactly, I think there's a lot of

[00:06:29] negativity talk about millennials and gen z and all that stuff from the older people but it's

[00:06:36] definitely you know that inspiration for you know the joy for work and the interest in being

[00:06:43] there and you know I think that's what we're seeing in the research that we've got here.

[00:06:48] So that gap between junior and senior professionals especially in terms of engaging with

[00:06:54] challenging content it almost suggests a potential issue with training and continuous

[00:06:58] skill development and as you said as you go older you may lose your love for that a little

[00:07:03] bit but we are in a world where we all need to continuously learn to stay ahead of the game

[00:07:08] now so in your opinion what are the main barriers preventing those seasoned cyber security

[00:07:12] professionals from pursuing that more demanding training? Is it the business not

[00:07:19] investing in them or is it something else? I think as always with these things it's probably

[00:07:25] a combination and I think the seasoned professionals usually they've got all the

[00:07:30] certifications under you know under the sun, they've done that early in their career so

[00:07:36] in terms of their kind of professional CV they like well what does it give me so that's

[00:07:42] a kind of push factor they're not really getting that maybe they get on more certifications every

[00:07:48] year but generally a lot of them might think they know it all and that's sometimes they do

[00:07:55] but there is kind of risk there in that oh I've done it all so why would I need to do

[00:07:59] any more professional development but I think like you mentioned that the business also

[00:08:04] might not be prioritizing those people because they're like well they're safe hands we don't need

[00:08:10] to prioritize them, they just do their job they're so good that we kind of I know

[00:08:15] we're sometimes guilty about that oh you're fine because we know you're here every day and

[00:08:21] so we don't need to put that extra effort in getting your personal development up because

[00:08:26] you've been here years. Yeah absolutely and giving the rapidly evolving landscape of

[00:08:32] cyber threats on the flip side of that note staying updated with those latest trends and threats is

[00:08:37] absolutely crucial and the barrier of entry for hackers is lower than ever with things like AI

[00:08:44] at our fingertips now and at so many different forums where people can hang out so

[00:08:48] how do you at Immersive Labs facilitate this continuous learning process both for those junior

[00:08:54] team members and the senior team members that seem to have been forgotten about what do you

[00:08:57] do there? Yeah so when we started Immersive Labs it was kind of about making sure we got

[00:09:05] a simple way that you could create like me and the CEO, James Hadley the founder, we were

[00:09:11] instructors and we would find that just getting a virtual machine and a virtual network setup

[00:09:18] was a massive effort in itself and there would always be errors and everything like that

[00:09:22] would be really difficult so the whole the point about Immersive Labs initially was

[00:09:27] well we just put that all on the cloud you need to click a button and it spins up a lab

[00:09:31] and you kind of take out all that barrage entry so you can just get to learning the cyber stuff

[00:09:36] rather than having to configure all these virtual networks but actually very quickly what

[00:09:41] happened after that was what we call our cyber threat intel labs and so we realized not only

[00:09:49] you know compared to classroom training we could be more up-to-date but we could actually

[00:09:52] be up to date to the matter of hours or days or hours and so we release basically content that

[00:09:59] is hitting the news as fast as possible and you know we do it within hours sometimes one a cry

[00:10:04] we got in four hours I think the recent XZ supply chain compromise of SSH that was

[00:10:13] potentially a massive impact and again we got that a few days after that came out and so

[00:10:19] the whole point of that is can we ignore the whole training element of long-term you know you

[00:10:25] want to upskill yourself and train yourself which is still valid but can you actually

[00:10:31] learn about a new threat within hours of it potentially before it hits your network

[00:10:36] and one of our HSBC is one of our customers and they used those labs to actually do that

[00:10:41] with the F5 vulnerability they actually upskilled on it before it caused them any problems

[00:10:46] so that's how we do it is if we can get you hands-on dealing with that vulnerability or that

[00:10:53] threat as soon as possible hopefully before it becomes a threat to your network that's

[00:10:59] that's kind of how we keep all these professionals you know upskilled and ahead

[00:11:04] of the curve. And before you came on the podcast today I was doing a little research

[00:11:09] on you and I know that you're passionate about building a culture of continuous learning across

[00:11:14] all levels of cyber security professionals and we will have a lot of business leaders listening

[00:11:18] thinking maybe they're nodding in agreement with much what we're saying and they know they need

[00:11:23] to make changes. What strategies do you recommend for any organization to encourage and support

[00:11:29] this mindset among their staff particularly some of those more experienced members of the cyber

[00:11:34] security team? Sadly like with any any cyber professionals the answer is time and money

[00:11:41] which is which is maybe always the thing that is difficult but I think you need to take

[00:11:49] understanding of training or upskilling or any of the words we use here exercising

[00:11:55] you have to take it seriously as seriously as you would say if you're going to buy an EDR

[00:12:00] software or you know endpoint detection and any other technical software that you do use to

[00:12:05] protect your network you've got to think of your humans as part of that and if you're

[00:12:11] if you're buying a platform like Immersive Labs or if you're spending lots of money on training

[00:12:16] you wouldn't expect someone to just do it in their own time or just you know so typically

[00:12:21] what we say is you have to dedicate time which is essentially resource and money to that

[00:12:27] so if you say right this is important for the business and its security posture that we will

[00:12:32] give someone I don't know half a day every two weeks or whatever the amount that you can

[00:12:37] you can fit in because again and budget for that you would you would budget for technology

[00:12:44] to protect your network you also have to budget for making sure the people who are

[00:12:48] running the technology that are protecting the network actually are up to date and skilled and

[00:12:54] that's maybe everyone says more time and more money but I think it is it's forgotten when

[00:13:00] it comes to the humans so it's just important to make that a budget item.

[00:13:04] And your research also points to a possible complacency or lack of organisational

[00:13:10] focus as reasons behind that readiness gap and in nearly 3000 interviews on here we

[00:13:15] spoke many many times over the last seven or eight years on does the boardroom get the value

[00:13:20] and ROI of cyber security and so much of that has changed in recent years but how can

[00:13:26] leaders within the cyber security field address and overcome some of these challenges to bolster

[00:13:31] their team's defence capabilities against new threats? Anything you can share around that too?

[00:13:37] Yeah everyone's busy. Everyone's got their metrics, their targets, their KPIs

[00:13:43] and everyone like you said the board is starting to recognise it. The reason the

[00:13:48] board is starting to recognise it is they see CEOs getting fired and you know when a CEO

[00:13:54] gets fired because they've been hacked suddenly all the other CEOs look around and go oh okay

[00:13:58] this is not just I can't just you know sometimes we talk about the CISO is the full guy you

[00:14:04] know the Chief Information Security Officer but now it's so big that cyber is so impactful

[00:14:10] it could not only the CEO could be fired but you take your whole company down

[00:14:14] so that does change how board views cyber. In the security we would always say it's kind of

[00:14:21] should have always been there but you know everyone gets to it in their own time but so

[00:14:26] I think understanding that everyone's busy and if you're talking about a security culture which

[00:14:31] is what we talk about a lot is how do you get a security culture and it's really the time

[00:14:38] and the effort to throughout the organisation because it's actually not the security team

[00:14:43] really anymore. It has to be the developers, it has to be you know the receptionists,

[00:14:48] everyone is at the forefront of the attack surface and so if everyone isn't up skilled

[00:14:56] you can't leave people out now so you really have to think holistically about

[00:14:59] the whole organisation and make sure everyone is thinking security so yeah it's that fostering

[00:15:05] that culture which doesn't happen by accident you don't just get a security culture you

[00:15:09] do need to you know put time and effort into making sure that you have the security

[00:15:14] culture throughout the whole organisation. And in the research that we're talking about today

[00:15:20] can also ask that you share some insights into the checklist that you mentioned in that it's

[00:15:24] just so organisations can ensure their cyber security teams are adequately prepared to face

[00:15:30] some of these new threats that we're talking about and what were some of the key elements

[00:15:34] of this checklist just for anyone that's not seen this? Yeah so we kind of have a few

[00:15:42] different things that we do we call exercise benchmark up skill and prove so you exercise

[00:15:48] and that means if you can test your teams and this is everyone from the board down to the

[00:15:54] boarder into the store room we say you exercise them on what would happen if you know what

[00:16:01] would happen if a ransomware attack happened what would happen if you know your network

[00:16:05] got taken down and so you exercise first to see what you like and that allows you to

[00:16:10] benchmark against yourself or at least an initial benchmark or a benchmark against peers

[00:16:15] and then you that from that you can find the gaps so who needs up skilling where are our gaps

[00:16:21] is it the whole security team is it individuals within that or is it people elsewhere and then

[00:16:27] it's all about proof as well how do we prove because what we find from training is training's

[00:16:33] great but when you're talking about the board and you talked about ROI yeah how do you prove

[00:16:39] ROI of training and a lot of the we've had some customers who say well I think there's one

[00:16:45] customer spending 10 million a year on cyber security training and they said well it must work

[00:16:50] because I spend 10 million dollars a year you know that's that's not proof that's just kind

[00:16:55] of because it's quite hard when classroom training do you know the person turned up

[00:16:59] do you know they learned as much as the person sitting next to them did they go there

[00:17:03] and get drunk every night and just sort of hung over in the day you know and so it's really

[00:17:08] how do you prove that people have the skills they need because training is secondary really it's

[00:17:12] not about training people it's about the outcome of training which is in this case making sure you

[00:17:18] are resilient to cyber attacks so you have to prove it and the good thing about that is then

[00:17:23] you can prove to the board or the the exec that oh this money we spent on training is

[00:17:28] actually worth it because we're raising our security um benchmark there and baseline so

[00:17:34] yeah that's exercise benchmark up skill improve and then I would add some some more kind of keywords

[00:17:41] which is prepare and practice you know if you haven't run a security and and this goes for

[00:17:48] everyone listening whether you're ceo down if you haven't run a simulated attack and it doesn't

[00:17:54] matter where you are in the org if you've never done one then you're not prepared for when it

[00:17:57] does happen and we found uh you know through lots of research if you're prepared even if

[00:18:02] you've done it once you're much better at resolving it if it happens because the other thing about

[00:18:09] hacking is it it's not if it's when and so you have to be prepared and you have to practice so

[00:18:15] practice those things like you would a fire drill you know you you walk outside every month

[00:18:19] or whatever and you stand in the right place uh you should do the same for cyber because

[00:18:24] you know that could take your company down just as much as a just as much as a fire could

[00:18:29] and you mentioned there they're going from the store room to the board room I also mentioned

[00:18:32] clients playing 10 million a year thinking that they're covered and I've also seen those

[00:18:37] dreaded compliance training tests where once a year the employee just hits next next next and

[00:18:42] hopefully gets that multiple choice right and maybe even get some people in finance that will

[00:18:48] go befriend somebody in it just to help them skip through it so they can get through it

[00:18:51] quickly are organizations moving away from this at these approaches now or is that still largely

[00:18:57] out there as well I'd love to say yes of course everyone every organization no uh sadly

[00:19:04] I mean it you know and we have the whole range even in our customer base we have we

[00:19:09] have customers who just want it for compliance purposes we have customers who are really

[00:19:15] they've drunk our kool-aid which is you know um it's about the skills that you can

[00:19:21] get across and it's about making your cyber risk less really which is the ultimate how

[00:19:27] do we stop you getting hacked but if we are hacked how do we mitigate the the worst um

[00:19:33] worst impact of that so yeah training for training sake no one likes it everyone's done

[00:19:39] that training that they learn nothing from and everyone's clicked to the end to just do the

[00:19:44] questions to see if you know or sometimes you know the fact a lot of this has the videos have

[00:19:50] it built in where you can't skip it that tells you something now from our side what we

[00:19:54] think is if you're excited interested in the training and and actually all the research shows

[00:19:59] this as well you're going to learn a lot more and so why force people to do training they're

[00:20:04] not going to learn anything from anyway yes there's a compliance element but if you can

[00:20:08] you can tick that box as well uh the whole point about compliance is actually to make

[00:20:13] you more secure not to take a box that you've wasted everyone in the company's time for

[00:20:17] for an hour a year uh so I think the industry is moving away from that like a lot of our

[00:20:23] clients you know customers come to us saying exactly that when we say well what what did

[00:20:29] what did you gain from doing all that compliance training um and so but it is it's a slow thing

[00:20:35] because and and it's not anyone's fault you know that was all there was really is like well

[00:20:40] how do we show that people have done training well we could all send them to a classroom

[00:20:46] that's really expensive so let's just put them on this video learning and that's not

[00:20:50] the way we want to go but that is kind of understandable so yeah I think the industry

[00:20:54] is slowly catching up and I'm curious from everything you've seen in your experience

[00:20:59] around this as well what impact does the integration of of more hands-on challenge

[00:21:04] based learning have on the effectiveness of cyber security training especially in

[00:21:08] preparing professionals to tackle unforeseen challenges is is there anything you've seen

[00:21:12] about that is the the learning more impactful when it's more hands-on yeah well exactly I

[00:21:19] think anyone will know if you're gonna learn to drive a car yeah and they told you like I

[00:21:25] turned up to I did some training myself once and it was a I won't mention what but it was

[00:21:30] a cyber security training course and I turned up and there were no computers in the room

[00:21:34] and I used to say I questioned this and they're like oh no no that's it's just on paper

[00:21:38] and again if you turn up for a for a car a lesson in a car and there wasn't a car there

[00:21:43] I think most people would question is this going to get me the skills I need to pass that exam

[00:21:49] and so um so and this is it's the same thing you know getting the reason we like to think

[00:21:55] it works for us is we try and put people exactly in their role as a job so if you're

[00:22:01] you know network admin or a sock analyst we get you in that the software that you're using

[00:22:07] real attacks coming in so you actually see what it's really like and it would be really like

[00:22:11] in the in your in your day job which also happens to be more engaging and more interesting

[00:22:17] and you know so it is um yeah we we have to move away from that where you're just doing

[00:22:23] training for training sake and to be an ethical hacker you don't need to actually touch a computer

[00:22:28] is not probably the way you want to go. Well just the same and I say if we look to the

[00:22:34] future to an ideal future utopia of sorts how do you see the role of cyber security

[00:22:39] training evolving to meet the demands of this increasingly complex threat landscape which is

[00:22:44] only going to get more complex with AI and quantum computing possibly breaking cryptography

[00:22:49] and all that stuff what and also what innovations or shifts do you anticipate will be necessary to

[00:22:54] to keep pace with some of these changes and challenges ahead? Yeah I mean you've said

[00:22:59] you used to mention AI and AI is everyone's talking about it you know and there's a

[00:23:03] reason everyone's talking about it um it's it's everywhere um it it will cause challenges and

[00:23:10] but I feel as a you know as an ex-copper we're always on catch up so we're always

[00:23:16] you never know what the criminals will innovate until you see it first so

[00:23:20] you're naturally always on catch up but AI will help us as well as them um and so

[00:23:26] and I think we're moving away from as you mentioned just training people like let's sit

[00:23:33] you in a room let's do rote learning and then you'll be really good at cyber security

[00:23:38] I think we're already moving away from that but I can see us moving to a place where you're

[00:23:42] continually identifying risks so if you're in an enterprise there are lots of innovative things

[00:23:48] that you can analyze individual risks for per person so again now it's not the same training

[00:23:55] for everyone you get really specific training for certain people based on their risk areas

[00:24:01] so that's that's the way I see it really going is that training is less relevant it's

[00:24:06] the outcome that's the whole point um so if we just get the right people the right amount

[00:24:12] training at the right time then it it's um we're going to be all better off generally

[00:24:18] so that's that's the way I see it going and yeah AI will AI and quantum and you know blockchain

[00:24:24] and all all those buzzwords they will they will play into it but I see them as kind of tools

[00:24:30] that just enhance or make it make the the general thing which is hackers are trying to hack into

[00:24:37] what we do and we're trying to stop them there I think they're just kind of tools that will

[00:24:42] supersize both sides really so it's kind of kind of an arms race but I don't see it

[00:24:48] you know changing the the race it's still it's still the race between us and the hackers

[00:24:53] and it's just using the tools we can um but yeah not wasting time or money is key in all that

[00:25:00] you know you don't want to waste anyone's time you don't want to waste your money on on if

[00:25:05] we're talking about training training that isn't ineffective or if you're talking about

[00:25:09] tools tools that don't work or prove that you're more safe so um yeah that's I think all those

[00:25:16] things are just features in um what will what will go towards is that actually we have a lot

[00:25:22] more telemetry about where our risks are and how do we help you know we say the human's actually

[00:25:28] the strongest strongest link not the weakest link but that's the right right trained human

[00:25:34] is the strongest um strongest asset the wrong trained human is the weakest link so

[00:25:39] so that's the um the important bit there is is making sure all humans are are as strong as

[00:25:44] they can be and it's so refreshing to hear you say that so I cannot thank you enough

[00:25:49] for sharing your insights with me today but before I do let you go I want to ask you to leave one

[00:25:53] final gift to people listening all around the world we have an amazon wishlist a library of

[00:25:59] sorts of books all my guests recommend all I'm going to ask you is what would you like to add

[00:26:03] to that bookshelf and why for other people to check out yeah I um recently read uh something

[00:26:10] called trusted executive a book called trusted executive and I think those of you in management

[00:26:16] positions moving away from the the technical side of cyber um and and as I mentioned it's all

[00:26:22] about people and if you want to be trusted as a as a manager and as a leader um that's what the

[00:26:29] book goes into really it's all about um trust and there's kind of it talks about ability

[00:26:35] integrity and but out of the level under that uh so that was quite impactful just because

[00:26:40] especially with cyber um the people who understand people and a diverse set of people because

[00:26:47] in in cyber and tech there's always a a big diversity of of people and thought uh is

[00:26:54] understanding those people because essentially if you're a leader um you need the people to

[00:26:58] work for you to do a good job and that all ties ties back so yeah that was um really

[00:27:04] useful book to I recommend to anyone because it you know talks about why being a good leader

[00:27:10] actually is is good for a company in in all because if people are happier in there and you

[00:27:15] know they they trust the leaders then they do a better job in general so yeah that's one I

[00:27:21] recommend. Fantastic, lovely choice I'll get that added straight to our Amazon wishlist

[00:27:25] and obviously we've covered a lot in a short amount of time so we've talked extensively

[00:27:28] about some of your research so anybody listening want to find out more about that

[00:27:32] about immersive labs connect with you ask your team a question any of that stuff well

[00:27:36] do you like to point everyone listening yeah um please go to our website immersivelabs.com

[00:27:42] and you can find me on linkedin max vetter uh and shoot me a shoot me a message or yeah and

[00:27:48] and you can um connect through the website as well for a demo or anything else like that so

[00:27:53] yeah connect well as I said we did cover a lot there and I think that need for cyber

[00:27:59] security professionals to have skills to defend against the new cyber threats has never been

[00:28:03] more critical and that is for junior and senior members of the team and covered so many great

[00:28:08] points so I urge people to check out your website and I'll leave a link to the report

[00:28:12] or research as well but more than anything just thank you for sharing your story today and we

[00:28:16] will have to get you back at some point to find out the other half of that story yeah

[00:28:21] thanks yeah cheers so as our conversation with max comes to a close I think we're left with

[00:28:26] a profound understanding of the current state of cyber security training and its implications for

[00:28:31] organizational preparedness against cyber threats and max's insights into the discrepancies

[00:28:37] between junior and senior cyber security professionals in their approach to learning

[00:28:41] and challenges I think it exposes a critical vulnerability with organizations and yes it's

[00:28:47] evident that fostering a culture of continuous education and adaptability across all levels is

[00:28:53] paramount to maintaining robust cyber security defenses but sometimes it doesn't feel that easy

[00:28:58] so for me my conversation with max props me to reflect somewhat on the broader implications

[00:29:04] of cyber security training and readiness and how organizations could maybe bridge the gap

[00:29:10] between experience and ongoing skill development to bolster cyber resilience and also how these

[00:29:16] two parties these two age groups can learn so much from each other but hey this conversation

[00:29:21] never truly ends how do you envision the future of cyber security training and preparedness

[00:29:26] in the face of rapidly evolving threats let me know as always techbloggerite.outlook.com,

[00:29:32] twitter, linkedin, instagram at Neil C Hughes if you're not following me or messaging me on there

[00:29:37] why not come on you know where I am I'm the easiest guy in the world to find other than

[00:29:41] that if you're quite happy just lurking I'll be back in your podcast feed waiting for you

[00:29:45] bright and early tomorrow but more than anything just thank you for listening

[00:29:49] and until next time don't be a stranger