I recently had the opportunity to engage in conversation with Jonathan, a lead analyst at Rapid7, where our discussion led to the internal technical training that he gives to their new analysts.
These more passive learning approaches failed to engage the participants, leading to disinterest in the training and lower knowledge retention.
Drawing inspiration from a method that was effective for him, Jonathan decided to adopt a more active and engaging approach: Capture the Flag competitions.
Capture the Flag competitions can offer exposure to a wide range of cybersecurity concepts or drill into a particular skill set through carefully crafted puzzles.
CTFs foster an active learning environment by encouraging participants to apply their critical thinking skills and knowledge in a practical context.
The gamified nature of CTFs leads to more excitement and motivation to participate, and active engagement and problem-solving allows a deeper understanding and retention of cybersecurity concepts.
Traditional training excels at comprehensively covering topics in a structured matter, while CTFs offer a better environment to apply skills practically and can be built to mimic real-world scenarios.
The nature of CTFs may not be suitable for teaching specific skills in a predetermined manner, as participants may creatively approach challenges from various angles.
Participants will only learn what is needed to solve the challenge.
Carefully crafted challenges can offset this disadvantage to some extent, but they may not fully address this drawback.
Despite the limitations, CTFs shine at getting participants to retain knowledge because they foster active learning.
How puzzles are designed greatly influences the effectiveness of CTFs. Developing good challenges is a very time-consuming process.
A senior analyst can teach a lecture in an ad-hoc matter, but all CTFs require a large preparation time.
The puzzle must be balanced and give participants a good starting point and prompt to prevent a knowledge blockade or feel overwhelming, but it still must be challenging and teach a specific skill set.
After introducing CTFs into his training plan, Jonathan noted that he witnessed a significant improvement in the analysts' ability to recall and apply the new knowledge.
Being able to use the skills practically in an engaging and rewarding context seemed to give the participants a deeper understanding of the concepts and how to employ them when problem-solving.
Jonathan comments that debating why the traditional classroom training failed is a discussion unto itself and has merit in researching it further.
He did ultimately find that CTFs provided a workable alternative that helped fix the retention issue he was facing.
Integrating Capture the Flag challenges into internal training can give tangible improvements to participants' ability to retain and apply the knowledge being covered in training sessions.
Combining CTFs with traditional training methods can help cover the drawbacks of either methodology at the cost of more preparation time.
This Cyber News was published on isc.sans.edu. Publication date: Mon, 18 Mar 2024 00:43:06 +0000