From Gaps to Greatness: Turning cyber skills data into strategic workforce readiness

In the third and final installment in our Cybersecurity Benchmarking Masterclass

Loading Preview...

If you missed the live version, don’t worry. Here’s a snapshot of what HTB’s Giacomo Bertollo

Loading Preview...

Watch on demand now

Skills benchmarking is only the beginning

Yearly assessments, a scattering of certs, and ad hoc learning—we all know they just aren’t cutting it anymore. “If we don't understand our weaknesses, we will never improve as professionals,” says Jack. “This is a very healthy thing to do in companies.”

This is the mindset shift today’s security leaders need to make: benchmarking isn't about exposing weakness. It's about building self-awareness into your cyber capability, so you can identify gaps and address them with purpose—not panic.

CTFs are strategic skill audits

CTFs have long been considered a fun, gamified way to keep your skills sharp. For analysts, it’s an engaging team activity that encourages healthy competition. For managers, it’s a way to assess your team’s skills in a more subtle way. 

“CTFs aren’t about showing off. They’re an opportunity to simulate real-world attacks, test response under pressure, and assess specific technical skills in a safe, structured way,” said Jamie Beck, Head of Customer Success at Hack The Box

The best teams now treat CTFs as an initial benchmarking mechanism—an entry point to understanding where skills stand across roles and teams.

Build your own CTF event

Remember, the goal is to create a personalized, data-driven approach to skill development that reduces single points of failure and keeps the team's capabilities continuously evolving. The key is to not just stick to linear training, but to adapt and alternate between learning modules and practical labs, making sure your team has the time squared away to apply what they've learned ASAP. 

Moving from CTF results to role-based training paths

So, your team ran a CTF. You’ve got the results. Now what?

“Let’s say we identified a gap around memory dump analysis and registry forensics,” Jamie explains. “That tells us where we’re exposed and gives us a starting point to build tailored learning paths.”

Here’s what that looks like in action:

1. Map CTFs to skills. Each CTF task corresponds to specific capabilities (e.g., memory forensics, persistence techniques, ransomware analysis).

2. Create learning opportunities. Use these insights to build targeted training paths focused on the skills the team needs to refine.

3. Mix theory and practice. Alternate between modules (to learn) and labs (to apply) in real time. “To me, it’s a brother-sister relationship,” Jamie said. “Don’t batch theory and then practice—blend them.”

Avoiding single points of failure

Skill gaps don’t just make for a weaker security posture; they can conjure up some dangerous dependencies.

“You could have an analyst who’s an all-star in one area. But if they’re out, you’re stuck. By identifying and addressing skill gaps, you create a well-balanced team that can absorb shocks.” —Jamie Beck, Head of Customer Success at Hack the Box

Operating in a landscape where you’ve got escalating threat complexity and less time than ever to respond, you need more than one person on hand who can handle critical tasks. Team redundancy is no longer a nice-to-have, but an operational necessity. 

Operationalizing your development plan

Insight is most valuable if it can be acted on consistently. “The number one objection we hear is: we don’t have time for training,” Jack notes. “But the teams that succeed make time, and they make it part of their culture.”

Here’s how teams are baking learning into their workflows:

• ‘Hack The Box Fridays’: Weekly collaborative sessions (e.g., Toyota’s model)

  Loading Preview...

  to work on new challenges together

• Lunch and learns: Informal, bite-sized learning woven into the work day

• Monthly cross-team exercises: Build collaboration and break down silos

• Transparent time expectations: Clarify how much time team members can realistically dedicate—and track it

“It shouldn't be a set-and-forget model,” highlights Jamie. “You benchmark, build, assess again—and elevate continuously.”

Try Sherlocks—our defensive-focused labs to keep your team sharp

Why personalization matters more than ever

It’s all too easy to throw generalized training at a team. But, as Jamie explains: “It doesn’t highlight actual skill deficiencies, and it doesn’t prepare you for what’s next.”

So what does effective training look like today? In a nutshell, it should be:

• Role-aligned: SOC, DFIR, red team, cloud—all have unique needs

• Gap-driven and backed by hands-on assessments

• Mapped to job frameworks (MITRE, NIST/NICE, DOD 8140)

• Linked to career growth: So teams grow, not just stay busy

And that last point matters more than you might think.

“Learning new skills is the number one factor keeping cyber professionals happy. More than vacation time, more than money. They want growth.” —Giacomo Bertollo, Head of Product Marketing at Hack The Box

🚨 TL;DR: What security leaders need to know

The bottom line is that if you're building your 2025 workforce readiness strategy:

• Benchmarking is a strategy tool, not just a reporting exercise

• CTFs can surface hidden skill gaps in a way other methods can't

• Skill data must lead to role-based, personalized learning paths

• Avoid dependencies by spreading capabilities across your team

• Embed learning into the schedule with realistic time expectations

• Track, assess, iterate. Continuous development beats one-off training

• Support retention by investing in professional growth

This isn't just about improving cybersecurity training. It’s about improving the way your security organization thinks, learns, and operates. Security isn’t static, and your training plan should reflect that if you want a truly threat-ready team. 

Want to get the full picture?

This blog captures the key messages—but the real value is in the full conversation. Hear the practical walkthrough, live demos, customer examples, and strategic frameworks shared by security leaders who are already putting this into play.

👉 Watch the full webinar on demand 👈

🗓️Book a call to get started

You'll come away with real tactics to build role-based learning paths that stick, use CTF results as your new training compass, and align skill development with real business risk. No fluff. No pitch. Just 30 minutes of useful insight you can start using today.