4 ways to implement a cybersecurity workforce development plan with HTB

Managers and technical leaders often encounter the problem of planning (and delivering) a skills development program that aligns with their business goals. The problem with traditional cybersecurity training—and why it is failing—lies in the lack of collaboration, personalization, and calibration to the industry job roles or latest trends. 

At Hack The Box, we challenge and rethink the approach to skills development with Enterprise Platform: a dedicated business environment for teams and leaders who take cybersecurity seriously.  

Our platform features are designed to serve the fabric of an organization and enable managers to identify practical learning outcomes for every activity. In the case of Toyota, a buddy system and “CTF Fridays” led to a massive knowledge improvement within 11 months thanks to continuous practice and assessments. Here is your not-so-secret way to develop and engage your cyber workforce with HTB!

Content search based on MITRE and NIST terminology

Organizations have the need to develop threat models, evaluate security tool efficacy, develop detection strategies, and prioritize security investments. For this reason, we carefully mapped our courses and labs to the MITRE ATT&CK and NIST NICE frameworks.

Managers using the HTB Enterprise Platform can easily search courses using MITRE terminology and assign them based on the techniques and tactics relevant to their teams.

This search feature works with specific MITRE tactics or techniques (for example, T1594 or Active Scanning) or with text keywords found in the course material. 

Easi, a European IT services partner with over 400 employees, successfully implemented a skills development program that directly applies to engagements with clients. The mapping of HTB Professional Labs to the MITRE ATT&CK matrix made it much easier to keep the training sessions as close to real-world scenarios as possible and empower a strong purple mindset. 

Flexible lab management and assignment

A great advantage of using HTB Enterprise Platform is that teams do not need to stick to pre-set learning paths. Managers have the capability to select and assign any of the 500+ labs to team members and define a tailored threat-connected development plan.

As an example, on October 3rd 2023, Qualys announced their discovery of CVE-2023-4911, otherwise known as Looney Tunables. The local privilege escalation vulnerability impacts the default installations of most major Linux distributions. 

Within a few days, the Hack The Box team released a Machine around this to help organizations remain threat-ready. Managers could assign this lab to team members with just a few clicks!

This flexible approach and lab management helped the RS2 team to achieve a 150% increase in training engagement, meet compliance needs, and operationalize intelligence within 6 months. 

Admin activity and progress tracking

How do we better understand if team members are making progress? The HTB Enterprise Platform activity tracker makes it easy for technical leaders to get a snapshot of the team's success by monitoring their engagement on a weekly and monthly basis.