Cybersecurity Training Research Survey

Thank you for participating in the ISMG survey. Your anonymous responses will uncover common gaps in cybersecurity education and training, focusing on recruitment, certification, CPE credit courseware availability, and employee security awareness.


About ISMG
ISMG is a leading cybersecurity editorial, research and education firm with 36 publications, global reach and 1.6 million first party subscribers, who rely on ISMG information and reporting to support more effective cybersecurity and IT practices.
1.What are your organization’s most pressing cybersecurity needs? Please rank the topics below on a scale of 1 – 5 in terms of urgency, where 1 is not urgent and 5 is extremely urgent.(Required.)
1
2
3
4
5
Cyber Risk Assessment & Management
Cybersecurity Staff Certifications
Cybersecurity Skill Gap Assessment
SOC 1 or SOC 2 Certification
Employee Security Awareness Training / Human Risk Mgmt
Operational Technology (OT) Cybersecurity
Zero Trust Implementation
AI Cybersecurity Defenses
Identify and Access Management
Threat Detection
Incident Response
Cybersecurity Continuing Education Credit
Compliance Requirements (SEC, HIPAA, NIS 2, DORA, CMMC)
Implementing a NIST Cybersecurity Framework Plan
Recruiting Qualified Cybersecurity Professionals
2.What are your organization's top cybersecurity priorities? Please specify whether these needs are related to skilled staff, budget constraints, or a combination of both.(Required.)
Professional Staff
Budgets
Both
Cyber Risk Assessment and Management
Cybersecurity Staff Certifications
Cybersecurity Skill Gap Assessment
SOC 1 or SOC 2 Certification
Employee Security Awareness Training / Human Risk Mgmt
Operational Technology (OT) Cybersecurity
Zero Trust Implementation
AI Cybersecurity Defenses
Identify and Access Management
Threat Detection
Incident Response
Cybersecurity Continuing Education Credit
Compliance Requirements (SEC, HIPAA, NIS 2, DORA, CMMC)
Implementing a NIST Cybersecurity Framework Plan
Recruiting Qualified Cybersecurity Professionals
3.How would you rate your organization's overall level of cybersecurity awareness and education?(Required.)
Extremely Inadequate
Somewhat Inadequate
Somewhat Adequate
Adequate
Extremely Adequate
4.How many additional cybersecurity related roles will be added in your organization in total in 2024?(Required.)
5.Are you expecting to increase cybersecurity headcount further in the next year?(Required.)
6.How easy or difficult is it for your company to train and/or certify candidates in the following roles?(Required.)
Extremely difficult
Somewhat difficult
Neither difficult, nor easy
Easy
Extremely Easy
Security or SOC Analyst
Audit & Compliance
Penetration Testers
Network Security
Cloud Security
Product Development / DevSecOps
Security Awareness Trainer
Application Security
Threat Hunter
Incident Response
N/A
7.Please rate each of the topics below regarding hiring cybersecurity candidates.(Required.)
Extremely Inadequate
Somewhat Inadequate
Somewhat Adequate
Adequate
Extremely Adequate
Cybersecurity knowledge among candidates
Cybersecurity experience among candidates
Number of qualified candidates
Amount of diversity amongst candidates
Number of early career candidates
8.Does your company or organization provide advanced cybersecurity training for the following groups? (Select all that apply)(Required.)
9.In the past year, how many times have you participated in some form of ongoing cybersecurity professional development or training?(Required.)
10.Were CPE credits granted?(Required.)
11.Were certifications obtained? (Please specify the certifications obtained.)(Required.)
12.Does your company currently offer cybersecurity tuition reimbursement for your employees?(Required.)
13.Please rate each of the organization’s role groups below around their level of cybersecurity knowledge.(Required.)
Extremely Inadequate
Somewhat inadequate
Somewhat Adequate
Adequate
Extremely Adequate
C-Suite
Board of Directors
IT Department
Cybersecurity Staff
Product Development
General Employees
Industrial Operations / Plant Engineering
14.The company’s employee security awareness training has been:(Required.)
15.Employees participating in security awareness training consider it: (Select all that apply.)(Required.)
16.Which types of cyberattacks has your organization experienced in the past 12 months? (Select all that apply.)(Required.)
17.Did any of the attacks originate through employees being targeted?(Required.)