The field of information security is constantly shifting as new technologies, new techniques and new trends affect the industry. As a result, workers at every level of InfoSec — from the CISO to security analyst — need to be engaged with resources that can enhance their knowledge and skill.
Fortunately, InfoSec professionals can find all manner of useful tools for keeping their understanding and ability up to date. Here are some of the must-have sources of InfoSec information:
Books
Security in Computing
An essential InfoSec handbook, this time provides steps for executing almost every type of computer security, from preventing malicious code execution to authenticating users. Currently in its fifth edition, “Security in Computing” updates regularly to provide professionals with the most up-to-date security techniques.
Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan
Relying solely on security tools is a bad strategy for organizations of any size. This book provides practical guidance for developing effective plans for security monitoring and response that suit an organization’s needs.
Digital Resilience: Is Your Company Ready for the Next Cyber Threat?
Too many security professionals scramble to secure their organization against current threats yet fail to pay attention to threats that are only just emerging or anticipated in the future. This book focuses on the concept of resilience and how developing a resilient digital infrastructure is the key to maintaining security as the threat landscape evolves.
Offensive Countermeasures: The Art of Active Defense
For professionals looking to be more creative in their security roles, this book offers some interesting and often counterintuitive measures for ensuring network and data security. Security professionals eager to get back at cyberattackers will appreciate the legal tactics for attacking them back and discovering their identity.
Trainings
Cybrary
Offering free, hands-on experience in a variety of IT skills, this free training service is a must-have for security professionals who are just beginning their careers.
Information Assurance Support Environment (IASE)
The IASE provides security training courses appropriate for every level of InfoSec professional, all the way up to senior leaders. Many of the courses offered are developed by some of the most powerful agencies in the industry, like the Defense Information Systems Agency, which means they promise cutting-edge insight into quality security strategy. Â
InfoSec Institute
Most InfoSec positions require professionals to have a few key certifications. The InfoSec Institute provides fast and easy access to those certs as well as valuable courses that improve students’ knowledge and skill in critical areas.
Presentations
Hacking Is Child’s Play, Literally!
Famous for being one of the world’s youngest successful hackers, Reuben Paul explains in his presentation the mistake of prioritizing smart functionality over security. Fun and engaging — not least because it is presented by an 11-year-old — this presentation can remind InfoSec professionals about what matters in secure design.
Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
Many InfoSec professionals are not familiar with Game Theory — but they should be. This presentation examines how traditional game theory provides insights into human behavior and how it can guide InfoSec leaders to make responsible decisions in defensive philosophy.
Bootcamps
CISA Training Bootcamp
Offered by the InfoSec Institute, this five-day bootcamp focuses on the skill and knowledge areas required on the CISA exam. The leaders of this bootcamp are so convinced in its efficacy that they offer an exam pass guarantee, ensuring that every participant earns this valuable credential.
Cybersecurity Career Track
Along the cybersecurity career path, different roles demand different types of knowledge and skill. Fortunately, this boot camp provides a firm foundation from which to launch a successful InfoSec career in any direction.
Virtual Labs
Virtual Hacking Labs
InfoSec professionals do not need to know how to hack — but it helps them understand the tactics for infiltrating systems so they can devise better defenses against attack. Virtual Hacking Labs offer more than 35 different labs that simulate real-world scenarios for professionals to navigate.
Hera Lab
One of the most sophisticated virtual labs available to InfoSec professionals, Hera Lab was built by some of the most advanced IT security research teams and is used by thousands of security professionals across more than 130 countries.