SafeBits by Luci

Training

Whatever the reason, from staff retention, to increased productivity or as an information security measure, training is not just a necessity, but can also be a remarkable investment.

Having a subject-matter expert on your side can measurably improve the odds of that happening.

Training

What I can do for you

It all starts with a discussion to help me understand what your requirements are and we can agree on any of the following:

  • providing support, as a subject-matter expert, in the development of a training program;
  • creating course material or evaluation methods tailored to your organisation’s needs;
  • expanding your in-house instructors' subject fields through train-the-trainer activities;
  • delivering training sessions to your staff directly, either remotely or in-person.

I have experience training both technical and non-technical staff and will adapt to the experience level that the audience is at. Keeping the desired goal of the endeavour in mind, I promote an environment of in-depth understanding and subsequent self-sustainability. Where I take the role of the trainer and this is aligned with the company’s policy, I encourage the learners to feel comfortable expanding on the taught topics in order to gain as much knowledge as possible.

Outcome focus

The topics covered by my training services can be classified based on the desired outcome:

  • technical knowledge transfer;
  • security threat mitigation.

Some topics can fall into either category, but establishing the goal of the program will allow each phase to focus appropriate resources and maximise the success rate.

For example, defensive programming techniques lends itself to either goal. But, in the case of knowledge transfer, promoting an educational climate where staff in-depth understanding can thrive would be the focus. On the other hand, for the threat mitigation case, minimising the possibility that people would make mistakes in the future is imperative, while their abilities to advance their professional expertise only comes second.

Areas of expertise

In order to better exemplify the topics that my services can be provided for, the intended audience is split in two categories: IT and non-IT staff. Even if you don’t find the specific area that you are interested in here, feel free to enquire.

For IT staff:

  • information security controls implementation;
  • secure use of cryptography;
  • understanding vulnerabilities;
  • defensive programming techniques;
  • networking;
  • network programming and network protocols;
  • VoIP;
  • GNU/Linux;
  • cloud technologies;
  • hybrid architectures.

For non-IT staff:

  • protecting online identities and credentials;
  • protecting against phishing threats;
  • protecting against malware;
  • data protection strategies;
  • information security management.

Professional instructor vs. expert

There are two major schools of thought:

  • that you cannot train people on a topic without being an expert, or at least highly knowledgeable in that area;
  • that you mustn’t be a subject-matter expert to be a trainer, because it’s counter-productive in the delivery.

The argument of the latter is that an expert will not remember what it was like to not know a topic, hindering them in the explanations that they provide. While this effect cannot be ignored, it can be mitigated through an attentive and approachable attitude.

On the other hand, a professional instructor that knows just enough about the course material would not have the ability to answer follow-up questions which are not covered within it.

The trainings that I deliver are only in the areas that I have professional expertise in. For organisations with policies that adhere to the second school of thought, providing support in the development of a training program or adopting a train-the-trainer model would be more appropriate.