14.9: Conduct Role-Specific Security Awareness and Skills Training
- Critical Security Controls Version 7.1:
- 17.2: Deliver Training to Fill the Skills Gap
Conduct role-specific security awareness and skills training. Example implementations include secure system administration courses for IT professionals, OWASP® Top 10 vulnerability awareness and prevention training for web application developers, and advanced social engineering awareness training for high-profile roles.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]