As you’re looking to improve yourself as a Cybersecurity citizen, you often need help from an outside source to increase your knowledge and/or abilities.   Security is a broad topic encompassing many disciplines and Cybersecurity is no different.  There are technical, procedural, and managerial aspects to be considered to grow what you know about Cybersecurity.  There are often many, different ways to solve the same security problem. Knowing what to do and how to do it requires both knowledge and experience.  How do you gain it though?

The answer is Cybersecurity training and education.  There’s often a question as to which you need: training or education.  There is a difference between the two, which I’ll explain below. You need to be aware of your needs, wants, and goals before proceeding, or there’s a chance you won’t meet them.

Cybersecurity education provides a more general background on the philosophies and concepts behind Cybersecurity.  It allows you to understand the context for security tools, techniques, and technologies. With security education, you understand why it’s important to have particular protection methodologies in place and is at the strategic level of thinking.  Cybersecurity education emphasizes principles of risk management and how security fits into an organizational culture and structure. Education is long term taking many months if not years to acquire. Finally, education teaches critical thinking and allows the student to learn how to learn, which is crucial for new subjects or technologies.

In contrast, Cybersecurity training is more specific to a technology, procedure, or skill.  It’s tactical or operational, rather than strategic. Training emphasizes the building of explicit skills and applying what you know to a particular situation.  When you attend cyber training, you are learning about a specific technology or practice that can meet an immediate need. Lastly, training is short term and can often be accomplished in days or weeks.

In this discussion, I’m trying not to sway your though as to which is better, because both are important for expanding your Cybersecurity knowledge and abilities. You need to decide for yourself the method you want to take in order to meet your goals. The important thing to consider is that you keep growing and increasing your knowledge.  Feel free to comment below on your views of education versus training. Don’t stop learning!