Cyber Security
People-first. Technology-enabled.



Explore Cyber Security Learning Paths

Whether your role is business or technical, these recommended cyber security learning paths aligned to the NICE Cybersecurity Framework are available to discover courses and exams for building skills to align to individual development plans or scaled to team/organization development plans.

Explore the Interactive Cyber Security Learning Path Tool




Guidance, Offers & Extras to Extend Your Cyber Security Learning.

Choose Your Own Cyber Security Learning Path Adventure ›

Custom Learning Paths for Teams & Organizations ›



Building a Robust Cyber Security Team w/ Learning Tree CEO Richard A. Spires
Register Now ›

Explore all Cyber Security
Awareness Month Resources ›

Implementing a People-First Cyber Culture


Cyber Security Skills Gaps Compounding Vulnerabilities

The adversaries are getting smarter, while the use of cloud and SAAS-based systems are making protection of data even that more complex.  Additionally, ‘zero-day’ attacks are creating data breaches at alarming rates across an unprepared, global marketplace. These large-scale breaches continue to erode consumer and investor confidence and the threat appears to be worsening, as reports of threats to critical infrastructure industries, including energy, finance, and transportation can have profound national security implications.  And to make matters even more difficult, organizations struggle with having the talent to address their cyber security vulnerabilities, given the 1.8 million in predicted shortage of cyber personnel in 2022, according to Frost & Sullivan.

Invest in a Culture of Cyber Security Responsibility

One of the greatest concerns of public and private sector leaders in an age of system vulnerability is Trust. Trust is at the center of most transactions; without it, commerce comes to a halt. As a result, a people-first, technology-enabled, approach to mitigating cybersecurity vulnerabilities is a growing trend to protect this critical nucleus of commerce. Major General Dale Meyerrose – first Presidentially-appointed, Senate-confirmed CIO for ODNI – succinctly stated, “Cyber Security is what you do – not something that you buy.” Many organizations are now infusing the responsibility of security awareness and critical thinking into the non-technical culture of the organization – business, marketing, finance, accounting, human resources and operations. A first step in this cultural transition is asking the right questions.

Where to Start? Learning Tree's cyber security training is aligned with the NICE Framework to ensure your staff has the right skills for the right role at the right level.

View Cyber Security Training Framework ›


TOP 10 Questions
to Cultivate Enterprise-wide Cyber Security Responsibility –

Organizational leaders seeking to improve collaboration, accelerate organizational agility and foster a creative, problem-solving mindset, should consider the following initiatives –

  1. Do all employees have a concise and consistent understanding of how our organization views and manages security of our property, systems and data?
  1. Have all employees’ job function been modified to included security awareness?
  1. Are employees asking themselves and their colleagues prior to every action – “Could this current action create a vulnerability for myself, my network or my organization?”
  1. Are proactive discussions of system and data security included in all business decisions?
  1. Do customer-facing employees fully recognize the importance and sensitivity of our customer data, and its proper storage, protection and retrieval?
  1. Is there a defined, cross-departmental triage plan when a cyber event (breach) occurs?
  1. Are employees proactively and reactively reporting system and data vulnerabilities to a dedicated, organizational resource, or team? Are there incentives to do so?
  1. Do employees feel confident about their own capabilities to help mitigate vulnerabilities? If not, do they have ease of access to professionals with the required expertise?
  1. Are employees, and our support personnel, routinely briefed on the threats, and their frequency, to our organization and its assets?
  1. Is the organization encouraging enterprise-wide collaboration, communication and critical thinking on system and data protection? How are these skills being developed?

Enabling Responsibility within the Workforce

If the above top 10 questions have highlighted vulnerarabilities, here’s how you can enable security responsibility within your workforce. Enabling responsibility across the entire enterprise starts with creating broad and relevant awareness. Extending the responsibility of system and data protection outside of IT and into the primary department functions of an organization increases threat awareness, institutional integrity and personal reliability. Achieving sustainable results in this action requires a formal commitment across all People in the organization, supported by Process and Technology.

Learning Tree International has identified five critical actions to enable enterprise-wide responsibility across any public or private sector workforce.

Develop Cyber Hygiene

The National Security Agency (NSA) identified Cyber Hygiene as a substantial priority for any organization, as several of the network and data breaches on record could have been prevented with basic cyber hygiene. According to Forbes, cyber hygiene disciplines occur over three phases – planning, execution and check. These disciplines include, but not limited to, hardening techniques, patching, network segmentation, security of both protocols and authentication credentials. This effort is a continuous process as adversaries are always innovating.

Adopt NIST & NICE Cyber Security Frameworks

The National Institute of Standards and Technology (NIST) – an agency of the Department of Commerce – has released one of the most comprehensive, and widely adopted, frameworks that provides guidance in assessing organizational maturity across five functional areas for cybersecurity – Identify, Protect, Detect, Respond and Recover. Furthermore, the National Initiative for Cyber Security Education (NICE) established a framework identifying common cybersecurity functions, specialty areas and job roles; highlighting the knowledge, skills and abilities to effectively protect organizational assets.  See the presentation below for more detail on Learning Tree’s course offerings to advance knowledge and skills across the cyber security roles defined in the NICE framework.

Establish Risk Management Posture

The biggest risk to protecting information and information systems in modern business operations are untrained employees and corrupt inside actors. Modern cyber security strategies now employ an enterprise-wide risk management posture across the entire organization, rather than isolating this strategy within IT. As part of this posture, organizational leaders continually consult with internal and external cyber security experts to review their human capital talent and critical thinking capabilities, business processes, system design, access management and the policies and safeguards governing organizational assets.

Build a Multidisciplinary Program

To combat the forces of threat actors attempting to penetrate your systems and steal your data, an organization must create an adaptive environment in which the workforce must no longer operate in silos, but rather as multidisciplinary, agile teams.  Job functions and the roles associated with them must be able to rapidly adjust for the variable influences on their responsibilities.  Further, the workforce needs the flexibility of rapidly developing and integrating new skills and capabilities, as the cyber landscape continues to evolve.

Continuous Recruitment & Retention Process

Given the war for cyber talent, HR and Employee Development departments must establish a revised and continuous strategy for attracting and retaining these key hires. Department leaders must encourage more enterprise-wide adoption of security awareness to not overly burden dedicated security personnel. Also, HR professionals must also seek individuals that have the innate skills, but not necessary the technical degrees, and develop those individuals to help address the cyber skills gap.


Defend Your Organization from Cyber Threats with Cyber Security Training — Aligned with the NICE Framework

Explore our interactive Cyber Security Training Framework below:


NOTE: Prezi presentations are best viewed with the latest versions of Safari, Firefox, Chrome, and Edge. Please make sure your browser's pop-up blocker is turned off. Trouble viewing the presentation? View the PDF ›


Featured Resources Supported During Cyber Security Awareness Month (#CyberAware)

In recognition of the Cyber Security Awareness Month, Learning Tree offers you complimentary cyber resources to help apply best practices and adopt a proactive posture in your organization and in your life.

WEEK 1: Own IT. Secure IT. Protect IT.

Does your Organization Cultivate an Enterprise-Wide Culture of Cyber Security Responsibility?

Take Quiz ›

Be #CyberAware Checklist

View Checklist ›

Cyber Security Interactive Learning Paths

Explore Learning Paths ›

Thinking in the Security Context

Read Blog ›

Do or Don't: It Makes a Difference to the Cyber Security Mindset

Read Blog ›

Beware the (Online) Game

Read Blog ›

Cyber Security Enterprise Risk Management – Key to an Organization’s Resilience

Watch Webinar ›



Custom Learning Paths for Your Team or Organization?

Consider leveraging our online skill assessments + guided learning paths  + our content library to customize a program tailored to your current cyber security initiatives and challenges. We can even apply before/after skills assessments to measure the impact of skill advancement for visible ROI. Combined with our FlexVoucher procurement options, this is a powerful option to address your war for talent in the cyber security space. Call, live chat, or use the form below to contact us for details.

Preferred method of contact?

Chat Now

Please Choose a Language

Canada - English

Canada - Français