Here's where HR can transform the conversation: stop positioning cybersecurity training as compliance box-ticking and start framing it as essential professional development.