Cyber security may seem relatively new, but professionals have worked in the field since at least the late 1960s when corporations began adopting mainframe computing into their business models.
Now, everyone who uses a password to access email or social media understands how important computer protection is. And with the advent of mobile computing, the need for security has expanded exponentially. People conduct banking, gaming and many other personal activities on their mobile devices, creating even more opportunities for hackers to gain a foothold. There are even remote cyber threats to any device with a computer chip installed. Thus, refrigerators, cars and televisions are vulnerable to attacks. It may be ridiculous to think of someone hacking an ice maker, but when they disable a fleet of cars, the reality of mobile threats becomes all the more real.
Security breaches cost the government and private industry millions of dollars every year. Privacy Rights Clearinghouse states that $6 trillion was lost to hackers globally in 2022 and $10.5 trillion annually will be lost by 2025. $10.3 billion alone was lost in the U.S. Thus, information security experts may be in high demand, according to the U.S. Bureau of Labor Statistics (BLS).
The BLS expects 31.5% job growth for information security analysts through 2032 with a median annual salary of $112,000 in 2022. The median salary does not factor in elements such as bonuses, benefits or other compensation. (Based on national data, not school-specific information. Conditions in your area may vary.)
Cyber security is increasingly important to all avenues of society. Hackers are constantly working to breach firewalls or other security measures, creating even more need for IS professionals to keep their skills sharp and up-to-date. Professional associations, educational opportunities, certifications and social media contacts are great resources to tap in to.
This page is devoted to helping cyber security experts find the resources they need to grow and thrive.
Information Systems Security Association
ISSA connects members worldwide through a network of local chapters. Membership includes a subscription to a monthly journal and the association holds an annual conference.
National Association of State Chief Information Officers (NASCIO)
Formed primarily for those serving in state governments, NASCIO also welcomes private-sector CIOs and other leaders in the field of cyber security. Memberships are available at different levels.
National Initiative for Cybersecurity Careers and Studies
This is a great go-to repository for information about conferences, camps, trainings, workshops, competitions and speaker engagements. Participants can submit their own research, provided that it satisfies the NICCS standards.
United States Computer Emergency Readiness Team
US-CERT maintains a tip sheet that can help the cyber security professional educate laymen. Issues covered include: attacks and threats, email, an overview of the Internet, general guidelines for safety, mobile devices, privacy, browsing and various types of applications and their risks.
This government site provides information aimed primarily at consumers. Find information specifically geared toward educators, parents and small businesses, among others. Content includes how to safeguard your computer and protecting kids online.
Department of Homeland Security – Cybersecurity
The federal government remains vigilant about cybercrimes and the DHS' website is full of information related to cyber security. The website includes research information, job listings as well as resources for training and education.
University of Albany MBA – Cyber Security
The University of Albany trains its business students to have the skills to succeed, but also the savvy to protect corporate assets online. Since poor cyber security can mean instant ruin to private ventures, entering the job market with this sort of cross training can be vital to attaining and maintaining success.
Excelsior College – MBA Cybersecurity Management
Excelsior's online MBA program educates students in some of the most vital topics in today's online business environment. Students learn about cyber security laws, ethics, issues related to cloud storage, risk analysis and crime/terrorism.
Loyola University Maryland – MBA Cyber Security
Loyola's MBA program teaches students what responsibilities they need to delegate to their cyber security professionals. This program seeks to bridge the gap between corporate executives and the IT department. When graduates are able to speak the language native to cyber security, they can better implement programs and changes organizations need.
University of Washington – Tacoma
The cyber security program at UW-Tacoma takes an important interdisciplinary approach to the field. The Center for Information Assurance and Cybersecurity promotes a cross-departmental approach that educates students to how cyber security impacts economics, electrical engineering, computer science and law.
CYBER SECURITY CERTIFICATIONS & EDUCATION
CERT is a think-tank specializing in cyber security for over 30 years. A division of the Software Engineering Institute at Carnegie Mellon University, professionals can become certified in four specialty areas: insider threats, forensics, coding and security management. CERT also hosts meetings and conferences and provides online and other resources.
Certified Wireless Network Professional
Professionals who want a broader overview of wireless security without a product-specific focus become certified in one of the many areas offered by the CWNP. The organization offers proctored professional examinations in network administration (CWNA), wireless network design (CWDP) and network instruction (CWNT), among others.
Cisco Cybersecurity Specialist
Cisco networks are a large part of the IT market and so they offer special certifications on their products. Those who earn this certification are experts in monitoring, security analysis and incident response. To prepare, there is a specialized course that is offered both online and in classrooms worldwide, in a wide range of languages.
The Computing Technology Industry Association has been certifying professionals since 1992. They offer three certifications that address cyber security: Security+, CASP and SMSP (social media security). Their advanced security certification, CASP, builds on Security+, and is approved by the Department of Defense and complies with the Federal Information Security Management Act (FISMA).
Infotec trains professionals for a wide variety of certifications, including Cisco, CompTia, Cyber security and Wireless, among many others. In their cyber security track, you can learn to become a penetration tester, incident handler, security professional or security manager. Infotec offers courses at its Virginia locations, but also online.
McAfee is world-renowned for its anti-virus software, but it also offers certifications in cyber security. They offer a deep catalog of courses and certifications in specialties such as forensic investigations, retail crime, counter-intelligence threats, cyber intelligence and social media intelligence, among other areas.
FINANCIAL AID & SCHOLARSHIPS
FAFSA is the first place students should look when applying for financial aid. The information provided on the FAFSA form is sent to schools that are listed. Then, the schools will determine how much aid you can receive while attending school.
National Initiative for Cybersecurity Careers and Studies
The NICCS, part of the Department of Homeland Security, has a variety of scholarship opportunities for students. A few are only available in specific regions, such as Atlanta or upstate New York.
Scholarship for Service: The U.S. Office of Personnel Management offers scholarships that cover the entire cost of education for qualifying students. Scholarship winners also receive a stipend to help cover other costs related to school.
Center for Cyber Safety and Education
The (ISC)2 Foundation has a wide range of scholarship opportunities for students seeking to study cyber security. There are specific scholarships for women as well as both graduate and undergraduates.
Scholarships for Women Studying Information Security
The SWSIS scholarship bestows up to $10,000 to women who are seeking graduate or undergraduate degrees that pertain to information security. The SWIS was been able to increase its number of scholarships in the years 2014 and 2015.
U.S. Bureau of Labor Statistics
Search the BLS for the most up-to-date information on cyber security jobs. The BLS maintains fact sheets on thousands of jobs that provide salary information and projections on the growth of that particular sub-sector. Their website also provides information on the U.S. labor market.
U.S. News and World Report
This news magazine has evolved into one of the best resources for job rankings. They provide resources for those seeking education and employment. The site provides in-depth breakdowns for many jobs, but the database is still growing.
O*Net can help job seekers match their skills to a variety of jobs. Similar or equal occupations frequently have different titles or job seekers may not see all the possibilities their skill sets open up for them. O*Net provides resources to help focus a job search in the right direction.
Dice is an online jobs board that specializes in positions in the IT industry. Top companies post their employment needs to Dice, including Cisco, E*bay and Amazon. The site also includes resources to help job seekers hone their resumes and job search campaigns.
This site does not specialize in IT or cyber security, but a recent search provided 23 results for the keyword cyber security that was restricted to the Portland, OR area. A similar search for San Francisco resulted in 86 job openings.
Craigslist – Tech Jobs
Craigslist is a no-frills job search site where job seekers have been known to find real gems. Be sure to verify ads prior to sending a resume, however, as the listings are not regulated. Nevertheless, job seekers should keep Craigslist on their radar when looking for full-time, temporary and contract employment.
The Information System Security Certification Consortium, Inc., (ISC)2
The Information System Security Certification Consortium, Inc., (ISC)2, is a trade association that provides training and esteemed credentialing for information security professionals worldwide. Members receive many benefits, including opportunities to network with other security professionals, free online events, a members-only magazine and access to cutting edge research.
This security organization provides training and certification to over 165,000 professionals worldwide. Formed in 1989, the institute has amassed a significant library of research papers for members to peruse, and offers online trainings, too. Members can delve into subjects such as digital forensics, pen testing and software security.
Open Web Application Security Project
OWASP is an international non-profit organization that focuses on software security. Their goal is to make security transparent, so that users can make informed decisions about the true risks they take with particular software packages. OWASP hosts a wide range of events worldwide where security professionals can meet, collaborate and form new professional bonds.
Forum of Indicent Response and Security Teams
FIRST specializes in incident responses. Its members represent top security teams and experts in government, private business and academia. The collaboration encouraged by FIRST enables heightened security for everyone, as members are continually working towards the ultimate goal of ubiquitous cyber security.
Center for Internet Security
CIS is a partnership between public and private sector professionals dedicated to keeping the Internet safe and secure. They seek to create best practices for information security, provide solutions to incidents and engage in community building.
Information Security Forum
The ISF is a non-profit concerned primarily with private industry. Its membership is comprised mainly of Fortune 500 and 2000 companies that work together to create the methods for best-practices. ISF creates a safe environment in which the best minds in cyber security can collaborate and create solutions.
National Council of ISACs
ISACs work to disseminate information that pertains to security threats to all its members. Each Information Sharing and Analysis Center in the network is located in the private sector and are diligent in reporting threats immediately. The National Council reports that most of its member ISACs are at least 10 years old, and are all trusted sources of actionable reporting.
Internet Security Alliance
ISA works in collaboration with Carnegie Mellon University to be in the vanguard of cyber security. Formed in 2001, the organization seeks to positively influence public policy, laws and programs regarding information security. Their mission includes technology, policy and economics in the service of cyber security that can be sustainable over the long term.
International Association of Privacy Professionals
IAPP's mission is to improve the global cyber security industry. Their credentialing programs are recognized worldwide. In addition to their educational mission, the IAPP holds annual conferences whose discussions and debates are eagerly anticipated by top professionals.
ISACA is involved in the development and implementation of cyber security policies and procedures. Formed in 1969, ISACA is one of the oldest information security associations that seeks to provide a centralized resource for professionals worldwide.
National Cyber Security Alliance
The mission of the National Cyber Security Alliance is "to educate and empower our global digital society to use the Internet safely and securely." The alliance offers trainings and seminars, many of which are free to the public, as a service of spreading good information about cyber security.
Federal Information Systems Security Educators' Association
FISSEA is dedicated to helping federal agencies with their cyber security training, education and certification. Formed in 1987, the association holds an annual conference and facilitates communication between its members. FISSEA also sponsors workshops and maintains website content for members.
Association for Executives in Healthcare Information Security
AEHIS specializes in serving information security professionals in the healthcare industry. They are the only industry association that serves healthcare information technology professionals. Membership is restricted to chief information security officers and other senior security officers.
Federal Bureau of Investigation
The FBI is heavily recruiting cyber security professionals. This site includes information on recent arrests and convictions the FBI has won as a result of their cyber crime efforts.
U.S. Department of State – Cyber Security Training
The U.S. State Department offers trainings to IT professionals throughout the federal government. They provide role-based training in a variety of learning environments. The online training occurs twice daily to accommodate those in different time zones. The online sessions are also recorded and archived for later viewing.
National Cyber Security Alliance
This non-profit organization seeks to educate society to use the Internet safely. They work with a variety of sectors including government, industry and academic. Find regular updates about the latest in cyber security news.
Author of the blog, TaoSecurity, Bejtlich espouses sage security knowledge on Twitter. Look for plenty of insight on digital security. Find him on Twitter @taosecurity.
Follow him on Twitter @BillBrenner70 and check in to find his posts on csoonline.com. He regularly posts on web security and heavy metal, if you are interested in a combo of the two.
Cluley responds quickly to the latest scares and hoaxes. Find him on Twitter @gcluley or read his blog at nakedsecurity.sophos.com. He's an award-winning security expert focused on security and privacy.
Follow this iconoclast on Twitter @joshcorman, then watch his Ted Talk on internet security. An outspoken contributor, he heads the Atlantic Council on security.
Find Kyle on Twitter @selenakyle for discussion on all things cyber, risk, infosec, fraud, and economics. Prides herself in keeping people and platforms safe from online threats.
Find Rudis on Twitter @hrbrmstr. Rudis is a chef and a data scientist, so enjoy data and cooking updates. Rudis is also a regular contributor to question and answer site Quora on cyber security topics.
This security consultant bucks conventional wisdom on Twitter and at his blog on secureconsulting.net. Find him on Twitter @falconsview.
Wysopal is a researcher and developer in the cyber security world. Follow him on twitter and then add his veracode.com/blog to your daily reading.
On Twitter @EHackerNews. Stay current with the latest news in cyber security, cybercrime, information security and more. Updates on plugin hacks and exploitation of systems.
NEWS & VIDEO
The Hacker News
White Hat hacker news, delivered to your inbox. If you are looking for a security newsletter that takes a serious spin, this is your magazine.
Huffington Post – Cyber Security
Keep posted on the most current news in cyber security through this trusted news source. Read Huff Post's Cyber Security section.
Tech News World – Cyber Security
Read Tech News World's Cyber Security section to keep abreast of current trends in the industry.
This specialty news outlet covers the full spectrum of issues in the industry, including: risk management, application security and cloud security.
Homeland Security News Wire – Cyber Security
The information branch of DHS includes full coverage of cyber security.
Security Magazine – Cyber Security News
A must-read news source for security professionals.
Pen Testers and other security professionals look to E-Hacking News for the latest on malware, security and cyber crime, among other topics.
NOVA PBS – Cyber Security 101
PBS' premier science and technology show introduces Cyber Security in this brief video. After the video, check out the NovaLabs website which includes a game to introduce laypeople to the world of cyber security.
Google Cyber Security
Google has curated educational videos about cyber security in an effort to spread awareness.
Deloitte – Cyber Security. Evolved.
Consultancy Deloitte has created informative videos for free use.
Stay Safe Online – Videos
To further their cause of educating the public to the realities of our digital world, the National Cyber Security Alliance has posted several informative videos to its website.
CSPAN – Cyber Security Hearings
C-Span continues working in the public best interest by archiving video of cyber security hearings.
PwC – Cyber Security Video Series
PwC has three videos in its cyber security series that introduce companies to the world of cyber threats.
CNN – Cyber Security
Bookmark this news site for the latest CNN coverage of cyber security.
Times of India – Cyber Security
The Times of India maintains constant coverage of the tech industry, including issues pertaining to cyber security. Given India's important role in IT, it is important to stay abreast of the news there.
Deloitte – Cyber Video: Companies Like Yours
Deloitte has created a helpful video that illustrates the issues surrounding cyber crime and how organizations can be affected.
Tech Techies – Cyber Security: The Basics
A general overview of cyber security and cyber attacks. This video is good for the casual user who is interested in learning more about the topic.
Columbia Business School – Cyber Threats and Cyber Security
This video shows an academic lecture concerning cyber threats and security. Complex in nature, this video delves deep into the issues surrounding information integrity.
Department of Defense – Cyber Security Panel Discussion
The U.S. infrastructure is continually facing threats. This panel discussion opens up the discussion for all to consider.
Stanford University – Cyber Security of Industrial Control Systems
Joe Weiss discusses security vis-a-vis industrial control systems.
Brookings Institution – Cyber Security and Cyber War
The think tank, Brookings Institution, hosts Peter Singer and Allan Friedman, authors of "Cybersecurity and Cyberwar: What Everyone Needs to Know."
Chautauqua Institution – Peter Singer: Cybersecurity and Cyberwar
Singer discusses the ethics of privacy in this Chautauqua Institution lecture.
Chautauqua Institution – Jeffrey Rosen: The Ethics of Privacy
Rosen gives a lecture on our right to privacy in a constitutional context.
Ted Talks – Glen Greenwald: Why Privacy Matters
Constitutional lawyer, writer and journalist Glen Greenwald gives a Ted Talk on the importance of privacy in the modern, digital era.
Microsoft's resource site for IT professionals.
CIO (magazine), "IT Career Burnout"
This article discusses how to cope with burnout in the IT sector.
Anita Borg Institute
Seeks to help women find their peers in technical fields, including cybersecurity and IT.
Women in Cyber Security (WiCyS)
This initiative from Tennessee Tech seeks to recruit and advance women in the field of cyber security. The WiCyS community is an important networking tool for women in a field heavily dominated by men. Though their year culminates in an annual conference, WiCyS members continually have access to each other and the initiative's resources.