Measuring employee trainings - Version 3

Written By Christian Henriksen

Abstract

This document presents a unified methodology for measuring cybersecurity training across individuals, teams, and organizations. Developed collaboratively by Campfire Security, SagaLabs, ICSRange, and Dansk IT, it builds upon the NIST NICE Framework and introduces a structured model that quantifies both skill level and learning effort. By integrating the Dreyfus Skills Model (levels 1–5) with a point-based system (5–100), the framework enables consistent tracking of training intensity, skill progression, and continuity. Visual tools like spider diagrams support the identification of skill gaps and goal-setting for competency development. The approach transforms cybersecurity training from ad-hoc awareness initiatives into a continuous process of professional growth, offering measurable insights that strengthen organizational resilience.

Link to the document:
https://www.cybertræning.dk/s/Measuring-employee-trainings-version-3-final-d8nd.pdf

Christian Henriksen
Previous

Best Practices and Guidelines for Cybersecurity Training (paper)
Next

Best Practices and Guidelines for Cyber Security Training - version 2