Training
Featured CourseView All Courses
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Preparing Your Organization’s Workforce for the Cybersecurity Threats of the Future

When skills are not used, they can become outdated in as little as six months.

Authored bySANS Institute
SANS Institute

Businesses across Europe, the Middle East, and Africa (EMEA) are increasingly being hit with advanced ransomware, supply chain disruptions, and artificial intelligence (AI)-driven attacks. To address these increasing threats, awareness isn’t enough: security teams need skills they can rely on when facing new threats.

We spoke with Brian Correia, Director of Business Development for GIAC at SANS Institute, about the role of continuous training, the skills professionals need today, and how SANS is preparing the EMEA workforce for the challenges ahead.

Continuous Training as a Cyber Defense Strategy

In critical infrastructure environments, cyberattacks don’t just affect systems; they can also impact physical processes, safety, and the economy. That’s where continuous training comes in.

When skills are not used, they can become outdated in as little as six months, notes Correia. That’s why cybersecurity professionals need hands-on training based on real-world incidents to stay sharp.

“Continuous training is not a luxury, it’s the foundation of resilience,” Correia says.

But training doesn’t end with technical skills. It also helps strengthen an organization’s security culture. Since humans are a leading cause of incidents, raising cybersecurity awareness across the organization is key. SANS does this by combining role-specific modules with alignment to frameworks like the NIST Cybersecurity Framework, CIS Controls, and ISA/IEC 62443.

Training for Every Role

Training across an organization must vary by role. Engineers and technicians, Correia explains, require scenario-based training that addresses their daily operations. Hands-on Industrial Control Systems (ICS) labs focused on real incidents help them protect the critical infrastructure we all rely on. Executives, meanwhile, need training that helps them see cybersecurity in the context of business mission and risk. A strong example is creating a cyber incident response plan that clearly defines leadership responsibilities and the roles of departments outside security, such as legal and communications. Courses like ICS418 help leaders build practical skills through real-world decision-making exercises.

While building and strengthening cybersecurity skills is important, validating them is equally important. That’s where GIAC certification comes in. Getting certified after training allows professionals to prove their knowledge and skills.

“We adapt our training to professionals at all levels by offering role-specific, practical content that aligns with the responsibilities of each group where skills are validated by our GIAC certification,” Correia explains.

External validation is also key. The 2025 SANS | GIAC Workforce Report found that over 65% of organizations require certification for reasons such as audit requirements, winning new business, or even reducing cyber insurance costs. This ensures that every member of the organization has the skills to help protect against cyber threats.

The Skills Cybersecurity Professionals Need Today

Correia notes that cybersecurity skills have changed drastically over the years. Organizations now require personnel skilled in intrusion detection, incident response, penetration testing, digital forensics, supply-chain security, cloud defense, and AI.

Soft skills are also important. Communicating clearly with non-technical stakeholders and framing issues so executives understand the risks are vital skills, especially as security leaders are increasingly expected to engage directly with boards and C-suite executives. Correia points to Bottom Line Up Front (BLUF) communications and tabletop exercises as ways professionals can refine these soft skills.

Organizations are also changing how they measure a prospective employee’s qualifications. According to SANS’s 2025 Cybersecurity Workforce Research Report, many companies now prioritize certifications over degrees or tenure. And as the talent gap widens, this shift has major implications for hiring and team development.

Preparing for AI and Automation

As AI and automation reshape cybersecurity, SANS has created new initiatives to address new AI threats:

  • GIAC certifications that include real-world lab-based testing with scenarios focused on AI and automation.
  • The “Own AI Securely” framework, which helps executives address governance and security when adopting AI.
  • Programs like the SANS AI Survey, AI Hackathon, and 2025 AI Summit, which bring the cybersecurity community and policymakers together.

Survey results show how important these initiatives are. While most cybersecurity professionals are worried about the threat of AI, less than half are actually using AI tools. This demonstrates the need for training that focuses on securely using AI. SANS is equipping professionals with certifications, training, and research, to help them face current and future AI-threats.

Building Cyber Resilience

Due to regulations like NIS2 and DORA, organizations are taking the need for cybersecurity training across all levels of their business more seriously. The SANS | GIAC Workforce Report notes that over 40% of organizations—and 50% in Europe—have already had to adjust their hiring and workforce practices in response to these directives, even though most have been in place for a year or less.

Correia says that the return on this investment is clear. Organizations that invest in training detect and respond to threats faster, reduce risk, and even see cost savings. SANS training, combined with GIAC certification, has already helped organizations across energy, finance, and the public sector reduce incident response times and downtime and improve cross-team collaboration.

Continuous training isn’t just about compliance; it’s about building teams that are ready for tomorrow’s threats.

Organizations that make continuous training a core part of their strategy will be better prepared to defend against cyber threats. SANS’s hands-on courses, real-world simulations, and GIAC certifications equip professionals with the skills they need to address these threats.

“There’s a real cost to not training and certifying those skills: higher turnover, increased exposure to incidents, and reduced strategic response capability,” Correia concludes. “Continuous training transforms security from a reactive function into a proactive, integrated part of daily operations.”

Explore upcoming SANS EMEA training events to see how your organization can improve its cybersecurity posture with continuous, hands-on training.

Meet Your Author

SANS Institute
SANS Institute

SANS Institute

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cybersecurity professionals with the practical skills and knowledge they need to make our world a safer place.

Read more about SANS Institute