Why security teams struggle to train—and how to fix it

Cybersecurity teams struggle to train amid constant threats. This blog explores the challenges and solutions to making structured training a priority.

diskordia & Josh Robison, Mar 26,2025

Imagine jumping into a ranked Call of Duty match with a team that never practices—no strategy, no skill-building, just instinct and luck. You might win, but more often than not, you’d probably be left in the dust.

That’s how way too many cybersecurity teams operate—expected to train on their own time, without structured support, against an ever-evolving threat landscape.

And while they desperately want to train, constant security incidents, tight budgets, and a lack of confidence in hands-on exercises like CTFs

Loading Preview...

push it to the back burner.

Our most recent Cyber Attack Readiness Report

Loading Preview...

highlights the problem:

67% of security teams prefer structured training like certifications and labs.
20% rarely train, and 7.9% don’t train at all.
27.9% train quarterly or less, meaning most companies expect self-directed learning—despite overwhelming workloads.

Incidents don’t wait around for training to catch up, and teams stuck in reactive mode struggle to upskill. Adam Riccitelli

Loading Preview...

, who leads a cybersecurity team at S&P Global, knows this firsthand: “Like most security teams out there, we have a bit of a backlog of work—training always takes a backseat.”

Put your teams to the test - join our Global Cyber Skills Benchmark 2025 now!

And while CTFs are an excellent way to build real-world skills, many security pros avoid them—not due to lack of skill, but lack of confidence. “Even basic scripting intimidates people, making them hesitate to engage,” Adam explains. But CTFs aren’t just about coding—they’re about problem-solving, pattern recognition, and creative thinking.

So, how do we break the cycle, prioritize training, and make it stick? Let’s dive into some solutions.

4 ways to make the learning stick

1. Ringfence dedicated training time

Even elite professionals struggle to train without structured learning time. Security leaders must build training into the workflow—even if it’s just an hour a week.

Short, high-impact training sessions scheduled into calendars work better than “whenever you have time.”
Micro-learning opportunities can help; prioritise brief, focused exercises that fit into busy schedules.
Leadership should treat training like an operational necessity, not an optional side quest.

2. Make CTFs less intimidating

CTFs should be a safe space for learning, not a competitive deathmatch that strikes fear into participants. The aim is to build confidence, not break it.

Start with beginner-friendly challenges to help team members build confidence.
Encourage team-based learning—pairing experienced members with those who are hesitant.
Shift mindset from competition to skills development.

3. Use dynamic benchmarking to justify training costs

Without structured benchmarking, it’s hard to prove why training matters. Leadership responds to data. If you can show:

Where your team’s skills gaps are.
How those gaps impact security posture.
The measurable improvement over time.

And just like that, training stops being “nice to have” and becomes a business imperative.

4. Link training to real-world incidents

Training should feel immediately useful. Instead of treating it as an isolated activity, tie it directly to actual security events.
Run post-incident debriefs that link back to training.
Turn real-world attacks into hands-on exercises.
Use CTF-style challenges to simulate threats your team just defended against.

This approach makes training feel like an integral part of the job—not an optional extra.

It’s time to level up your training

Cybersecurity teams can’t afford to treat training like an afterthought. If we want professionals to be ready for real threats, we need to give them the time, tools, and confidence to train properly.