Last month thousands of information security professionals and enthusiasts alike flocked to the Black Hat and Defcon conferences, also affectionately known as security summer camp, in Las Vegas. Unfortunately many of us in the industry (myself included) are unable to attend those events due to work commitments, family vacations, or financial reasons. That doesn’t mean there are no options for low cost (or even free) professional development close to or from your home.
Cybrary launched on January 13, 2015. Their goal is “to provide an opportunity to learn IT and Cyber Security, to anyone, anywhere, who wants that opportunity.” They offer a wide range of free online training in various information security specializations, for example:
- Ethical Hacking and Penetration Testing
- Computer and Hacking Forensics
- Python For Security Professionals
- Advanced Penetration Testing
- Post Exploitation Hacking
Irongeek.com is an excellent online resource that is run by Adrian Crenshaw of TrustedSec and Derbycon. He travels to conferences all over North America and records the talks, which he then posts for free on his website as a service to the infosec community.
Security B-Sides “is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.” B-Sides is a template conference design powered by grassroots organizers, that has spread to dozens of cities in several countries. It was born out of number of rejections to the CFP (Call For Papers) for Black Hat USA 2009. A number of quality speakers were rejected, not due to lack of quality but lack of space and time. Any constrained system must operate within the bounds to which it has defined itself. Conferences constrain themselves to the eight hours a day for however many days they run. B-Sides goal is to provide people with options by removing those barriers and providing more options for speakers, topics, and events. B-Sides events are usually free or low cost and almost always sell out quickly. *For the record, I’m also a B-Sides organizer.
SANS Cyber Aces Online makes available selected courses from the professional development curriculum offered by The SANS Institute. SANS goal in making these courses available as open courseware is to help grow the talent pool and accelerate the rate at which skilled cyber professionals can enter the information security industry – filling mission critical jobs currently going unfilled. The open courses are the same as those offered to information security professionals around the world and are focused on the fundamentals of cyber security.
Dell SecureWorks also offers security awareness training solutions, which include:
- OnDemand Security Training
- Security Awareness Needs Assessment
- Security Awareness Program Development
- Managed Phishing
- Managed Security Awareness Programs
This list barely touches the surface. With resources like these, information security professionals really have no valid excuse for not staying current with industry trends.
Now I just have to find the time.
This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. For more on these topics, visit Dell’s thought leadership sitePowerMore. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.