Security Congress Abstract
The cybersecurity learning environment—learning content, training providers, certifications, cyber ranges, tools—is entirely disjointed, with each being a discrete element. This leads to significant cybersecurity training inefficiencies (duplication of training and capabilities, gaps between capabilities, etc.) and, more worrisome given the substantial cybersecurity workforce gaps, problems with workforce satisfaction leading towards attrition. Almost-mature industries and domains have, either through an explicit directive or evolution, moved toward a degree of standardization. For example, training content should be portable across systems; cyber range environments should be portable across different cyber range vendor solutions; artificial intelligence (AI)-based red/blue/white teams should work across all platforms. We, as the leaders in the cybersecurity industry, must work towards platform and solution-agnostic components in order to mature and strengthen.