How does SANS Institute's expertise and reputation in the industry contribute to e2eassure's credibility as a cyber security organisation?
SANS are widely recognised as providing industry leading training, and the associated GIAC certifications are a true test of an analyst's knowledge and skills. The widespread recognition of SANS ensures that when talking to our customers, they understand and appreciate our credibility, as they know the quality of the SANS training and the rigorous nature of the GIAC certification.
SANS offers three key training modalities to deliver cyber security training. Which modality does e2e-assure find the most advantageous?
I don't think there is a single modality that is most advantageous for us. In fact, having the flexibility of all three delivery methods is what is most valuable, it allows the individual to pick the delivery method that best suits them. Within the e2eassure SOC, we have analysts that have used the different approaches of OnDemand, Live Online, and In-Person.
E2e-assure security team members who have trained with SANS collectively possess a range of GIAC certifications. Please explain why this is a benefit to the team as individuals, but also to the organisation.
Individuals gain an industry recognised cybersecurity certification, that reinforces the knowledge and skills they have acquired on the SANS training. This helps them to understand and benchmark their professional development and comprehend where they might next like to develop their skills thanks to the training paths mapped out by SANS.
For the organisation, having a breadth (as well as depth) of GIAC certifications allows us to provide a broader range of skilled, industry qualified experts to support our customers with their varied needs. While there are some core GIAC certifications that are commonly obtained in the SOC, we also have individuals specialising in Cloud and ICS, as well as the new GIAC applied knowledge certifications.
Why does e2e-assure use SANS as their cyber security training provider?
SANS is one of the many training providers that we use to support the professional training and development of our security team members. But the industry leading training and the recognition of the GIAC certifications makes them one of the preferred choices. The breadth of training courses means that there is likely a SANS course to cover virtually all professional development paths the security team are following. The variety of delivery methods that allow team members to choose what works best for them is also a significant influence.
Does having a team trained by SANS make a difference when it comes to supporting your clients?
Yes, the knowledge, skills, and professionalism that the team gain from SANS is directly applicable to supporting our customers and allows the team to provide a high calibre of service. It also allows us to achieve a consistent professional approach, as the team have a common methodology to call upon. Engaging with our clients, many of whom have SANS trained staff as well, allows us to take the engagement up a level, supporting their experts with our experts.
In what ways has the cyber security training taken from SANS contributed to the development of a strong cyber security culture within e2e assure?
Many of the security team return from SANS training (or while they're studying it on demand) excited to put what they've learnt into action as so much of the training is directly applicable to the job that we do. The enthusiasm and expertise of the SANS instructors is contagious, and really motivates the team to keep upskilling.
Do you feel the wide and diverse range of training offerings available from SANS cater to the varying levels of experience and expertise of cyber security professionals, from entry level to expert?
Yes absolutely, SANS offer training courses in many subjects at beginner, intermediate, and advance levels. This allows a new inexperienced analyst to benefit from a SANS course designed for their level of experience, while a more experienced senior colleague can benefit from a more advanced course in the same subject.
What benefits would you say e2e assure receives out of this kind of significant investment in staff development?
At e2e-assure we've always believed that investing in our staff's professional development is an important part of the company's continued success. We invest in our people to help them progress professionally, both internally within e2e and to bring benefit to the wider cybersecurity community. We know that offering this kind of investment in people helps them to achieve more in their role, gain confidence and experience more quickly, and ultimately helps e2e-assure to retain world-class talent.
Outside of the available training offerings at SANS, do you also take advantage of the complimentary resources and summits available? If yes, what do you gain the most from and why?
Yes, we will often take advantage of the summits particularly where these are available virtually as it allows us to more readily participate in the overseas events. There are always great talks and the team gain a lot from continuing their training in between specific SANS courses. There are also topical additional webinars that SANS provide in response to breaking cybersecurity events that allow the team to benefit from the concise knowledge provided by the SANS experts.
Looking towards the future, how does e2e assure envision leveraging the training and resources available from SANS to further enhance their cyber security capabilities and meet ever-evolving industry challenges?
SANS will continue to play an important part of our future staff training and professional development as we seek to stay current with the continuously evolving cybersecurity industry. By having a training path, but also allowing team members to specialise in areas of interest, will ensure that e2e-assure retain our world-class capabilities that we use to best serve our customer's needs