The Importance of Cybersecurity Training for SMEs - Fleximize

Why Cybersecurity Training is Crucial for SMEs

Melanie Jones looks at how investing in cybersecurity training can positively impact both your business and your wider workforce

By Melanie Jones

With new cybersecurity threats on the rise with each passing day, it’s becoming increasingly difficult for businesses to stay protected against data and security breaches. This means it’s more important than ever for companies to ensure they have a cybersecurity specialist within their team to protect their assets and ensure they are following best practice. 

However, the challenge facing businesses around the world is the huge divide between the demand for qualified personnel and the number of cybersecurity specialists available to fill the roles. It is estimated that as many as 3.5 million cybersecurity positions will be left unfilled by 2021. While this will leave many businesses unprepared for online attacks, it also means those looking to bring in the brightest cybersecurity talent will have to pay over the odds to do so. 

So, how can you protect your business? It seems as though investing in training your current workforce may be the most viable and cost-effective solution. Here's why.  

Wise investment

Funding cybersecurity training for staff isn’t just a way of ‘paying off’ current threats - it’s an investment to keep your business safe in the future as new threats emerge and develop. Companies hoping to save money by avoiding hiring a cybersecurity specialist, paying for staff training, or upgrading their security software will likely end up being stung the most if an attack were to occur.

The latest statistics suggest the average cost of a single cyber-attack to UK businesses can be as much as £9,260, depending on the size of the organisation. With many businesses left unprotected and unable to deal with threats, this figure may not just be a one-off either.

It’s thought as many as 90 per cent of successful cyber-attacks occur because of human error, suggesting trained staff would be able to adapt to new threats, and share best practice knowledge with their peers. Therefore, hiring a dedicated specialist to look after your systems or offering training for staff who are keen to learn relevant skills will be much more cost-effective than paying huge, one-off sums in the wake of an attack.


As cybercrime becomes even more common and threats more complex, taking a proactive approach to protecting your business will place you in a better position in the future. A proactive approach to cybersecurity involves reviewing a business’ current processes to define their most valuable assets and the weak links in their current security set-up. This often calls for complex analysis which needs to be tackled by a specialist who knows the organisation’s many layers in-depth. 

Although this may seem overwhelming to a business who hasn't invested in cybersecurity in the past, it's worth considering that firms that plan a proactive strategy can reduce the growth of cyber-attacks by 53 per cent, while those who wait to react once the worst happens end up paying more for staff or resources to patch the problem.

Plus, continuing to fund training for staff as new courses become available will keep your business prepared for new threats. This isn’t to say that cybersecurity training is just a precaution for the future, though. Of those who’ve completed courses in cybersecurity, 94 per cent claim they used the skills they attained within four weeks of completing the course.

So, providing training for staff could see an immediate return in tweaking daily practices to make them more secure and help plan for the most secure ways to run future business operations.

Building a better workforce

Although the growing threat of cyber-attacks is a worry for businesses, it could also be viewed as an opportunity to invest in and upskill your staff on an ongoing basis - unlike some IT skill sets, cybersecurity isn’t just a single qualification to earn. There are plenty of regularly updated courses, covering the latest threats and accommodating learners of all levels, from foundation courses through to expert.

Those pursuing a career in cybersecurity can work their way through the available courses, with those completing expert courses able to go on to secure top-paying IT job roles. In fact, six of the top twenty highest-paying IT certifications are in security. 

Supporting staff through training has plenty of benefits for employers too, who could see their business retain the brightest cybersecurity talent in a competitive marketplace. Similarly, being open about the potential of training staff in cybersecurity when outlining company benefits during recruitment drives could also result in making your business more attractive to future employees. 

By investing in cybersecurity training for staff you’re offering them real-world applications for their growing knowledge in an environment they know inside-out. As their knowledge develops, they can use the latest industry standards to keep your business protected against new threats.

About the Author

Melanie Jones, Product Director for Cisco, Citrix and Cybersecurity has been with Global Knowledge for over 15 years. She is responsible for managing the strategic vision, product portfolio planning, innovation and go to market strategy and is a member of key Cisco, Collaboration, Cybersecurity and Big Data groups worldwide.