Fewer than half of tech leaders are able to align their training and development programs with desired business outcomes, according to a TEKsystems survey of more than 300 tech managers and 900 tech pros. That suggests a considerable percentage of IT training and development programs lack executive sponsorship or leadership. According to the report, less than half (47 percent) of respondents agreed that their training and development efforts correlate with positive business outcomes. It also found that less than a quarter (23 percent) of tech leaders reported that their programs had an executive sponsor or oversight by a C-level executive. "Organizations should have structured curricula developed for each IT job role, creating a clear path for professional development, and provide the tools and technology solutions to support a variety of learning delivery methods," Kevin Holland, training and education services director for TEKsystems, told Dice. Holland added that businesses need to elevate the importance of tech programs by soliciting endorsement and leadership at the executive suite level, and should implement learning-resources experts who focus on defining, evolving, and sustaining IT learning processes and assets. Rod Mathews, senior vice president of Barracuda Networks’ data protection business, said it’s a good idea to align training with your businesses’ overall IT strategy. For example, if the technology department’s top concern is protecting the business from ransomware attacks and staying within budget, tech pros’ training could focus on platforms that enable them to accomplish those goals. “Organizations need to take a holistic approach with threats like ransomware, because not only do they need security capable of stopping threats, but also recovering data if and when they get hit, which is only possible with a backup solution capable of efficient and granular recovery options,” Mathews said. As he also noted, deploying new environments, such as Azure or Amazon Web Services (AWS), usually introduces new training requirements. For smaller businesses where an in-house tech staff is limited, training should also enable employees to quickly switch between managing different, unrelated solutions. In this context, deploying solutions from a single vendor can allow staff to quickly familiarize themselves with multiple solutions, or even manage everything from a single interface.

Project-Based Learning

Joseph Carson, head of global strategic alliances at Thycotic, a provider of privileged account management solutions, suggested that IT training is ultimately important for every company’s future. It enables your average business to drive innovation, energize employees, and keep everyone moving towards goals. “IT training needs to be driven from the top of the organization, involve the executive team and should be built into the employees’ time,” he said. When training has an executive sponsor, it helps create a feedback loop between employees and leadership that ultimately benefits everyone. With all this in mind, companies should consider implementing project-based learning, in which training focuses on overall problems or challenges as opposed to individual products or use-cases. “A great way to get teams engaged is to use the idea of hackathons that allow problems and challenges to get several ideas, involves cross-team learning, creates competition between teams and helps meets the companies vision and goals,” Carson said. Peter Nguyen, director of technical services at security firm LightCyber, thinks that, while training and educating employees about security is an important and unending process, humans will always be the weakest link, making user-owned devices and user accounts the initial source of a compromise. One of the best examples he’s seen that underscores the gravity of an individual’s personal responsibility to corporate security was at a medium-sized company in Silicon Valley, which set up a monitoring screen with a behavioral detection solution. That screen was located directly across from the main employee lunch area; if a user account or machine had been compromised and an attack went active, everyone could see it. “The level of awareness as well as collegial responsibility has been tremendous,” he said. “It makes employees be more careful with their security practices and more attentive to security education.” Training is about more than security, of course; but integrating the lessons and impact of tech into the office environment can help the lessons stick.