Security Awareness & Training Resource Center

Join the CISA team as they discuss the state of ransomware, prevention guidance and free tools to help you reduce risk.

A panel of experts answers questions about effective diversity, equity and inclusion (DEI) hiring processes in this episode of Cyber Work Live.

More than 300,000 organizations will be affected by the new CMMC Framework. Learn how your organization will be affected.

Can your employees wrangle the Wild Wild Net’s most wanted cybercriminals?

Learn how Infosec IQ can help educate and empower your employees to be one of your greatest cybersecurity assets in this instant demo.

Learn how Infosec Skills can help close your organization’s cybersecurity skills gap in this instant demo.

Infosec Skills keeps your team's security skills fresh year-round with hundreds of courses mapped to the NICE Cybersecurity Workforce Framework.

Download our free calculator, input your organization's costs and measure your return on security awareness training.

Alyssa Miller of S&P Global Ratings discusses the easiest pentest she ever ran on an app and the importance of diversity of hiring, not just “diversity of thought.” She also gives some of the best advice we’ve heard yet on picking your cybersecurity path.

0:00 - Intro
2:44 - Miller’s origin story
5:53 - Experiences working while at school
8:20 - Pursuing a degree
10:57 - How has cybersecurity changed?
12:58 - Coming into cybersecurity from a different perspective
13:55 - Moving to pentesting versus programming
18:52 - Penetration testing through the years
20:46 - A big change in your industry
25:27 - Specifics of a business information security officer
29:09 - Skills for a business information security officer role
32:34 - “Cyber Defenders’ Career Guide” book
35:08 - What surprised you about writing the book?
41:46 - Equity and inclusion in cybersecurity
47:11 - Who is doing equity correctly?
49:12 - Long term equity strategies?
52:45 - Final cybersecurity career advice
55:40 - Outro

Learn how to prove your security awareness efforts are reducing human-born cyber risk.

Learn how to use the Cain and Abel password cracker to conduct both a brute-force password attack and a password dictionary attack.

Jonathan Tanner of Barracuda talks about his time moving up the ladder at Barracuda, how he still enjoys computer science competitions like DEFCON Wireless Capture the Flag (CTF), and Barracuda’s revolutionary malware detection ATP platform he built.

0:00 - Intro
3:04 - Origin story in cybersecurity
5:45 - Major accomplishments and moving up with Barracuda
7:55 - Daily work as senior security researcher
10:36 - Was this always what you were interested in?
12:42 - How did you expand your skills and position
14:30 - Cyber security resume tips
17:20 - Becoming a cybersecurity professional
19:01 - How can hackathons and conferences help you?
22:33 - Improving the hiring process
25:33 - How to prepare for cyber security interview
27:46 - Working long term with a tech company
29:27 - What’s next for you at Barracuda?
30:26 - Where should security professionals begin?
33:46 - What’s happening at Barracuda
34:33 - Where can I find out more about you?
35:06 - Outro

French Caldwell of The Analyst Syndicate talks about his role as founder and chief researcher of the group. We also talk about Caldwell’s time at Gartner research, and his passion for cybersecurity research as a whole.

00:00 - Intro
03:43 - Caldwell’s background in cybersecurity
07:25 - Knowledge management
09:55 - Protecting digital trash
12:33 - Risk assessment and day-to-day work life
18:00 - How has research changed since 1999?
22:48 - Founding The Analyst Syndicate
26:45 - What is your day like at the Syndicate?
28:11 - What is your research like now?
29:33 - Disruptive technology and public policy
31:09 - Disruptive trends
34:30 - Advice to students in disruptive technologies
38:58 - Tell us about your simulator
46:22 - Cyberterrorism and risk to municipalities and hospitals
50:18 - Learn more about Caldwell and the Syndicate
51:54 - Outro

Learn cybersecurity for free with our new hands-on Cyber Work Applied series. Whether you want to learn how cross-site scripting attacks work, set up a man-in-the-middle attack or walk through major breaches like Equifax, Infosec instructors will teach you these skills and show you how they apply to real-world scenarios. Best of all — it's free!

What is password hashing? How does a one-way hash function work? Mike Meyers uses his sophisticated hashing box to explain in this episode.

Get expert advice on developing security awareness programs, empowering your workforce and building a culture of security.

Get team skill development and training advice from experts at Booz Allen, JPMorgan, KPMG, NICE, Raytheon and more in this free ebook.

Dirk Schrader of New Net Technologies talks about healthcare security and legacy systems. We discuss the millions of pieces of health data left out in the open, the issues with closing these holes and the need for professional legacy system-whisperers.

0:00 - Intro
2:56 - What drew Dirk to security
4:46 - Did your Dad’s role inspire you?
5:55 - Stepping stones to your current job
9:35 - What is it like to be a security research manager
14:38 - Unprotected healthcare records
21:50 - Unprotected systems in the U.S.
25:20 - Using better security in hospitals
31:55 - Logistical issues of security for hospitals
37:48 - Best solution for hospital cybersecurity
39:30 - How to prepare for change
42:32 - What skills do you need for this work?
46:00 - Will people pursue these changes?
49:40 - Projects Dirk’s working on
52:10 - Outro

Learn cybersecurity for free with our new hands-on Cyber Work Applied series. Whether you want to learn how cross-site scripting attacks work, set up a man-in-the-middle attack or walk through major breaches like Equifax, Infosec instructors will teach you these skills and show you how they apply to real-world scenarios. Best of all — it's free!

Learn cryptography basics — from Caesar and Vigenere ciphers to cryptography algorithms and encrypting data using public and private keys.

Ginny Morton, project management professional at Dell and veteran in the U.S. Army, takes us through the practice of cybersecurity project management in both for-profit and military sectors on today’s episode. We talk about Scrum and Agile certifications, building the best team for the project and tapping into your personal power in your work.

0:00 - Intro
2:04 - Origin story
4:47 - What does a cybersecurity project manager do?
6:10 - Average work day as a project manager
7:40 - Best and worst parts of project management
9:30 - How does a PM improve cybersecurity work?
10:40 - Dell team management
12:50 - Being the team’s first manager
14:36 - Best project management certifications
21:02 - PM work for Dell versus the military
23:00 - Military clearances for PM work
24:08 - Skills and experiences necessary for high-level PM
22:52 - Skills and interests for a successful career
27:04 - Tips for those who want to transition careers
27:38 - Changes to PM work during COVID
28:40 - Adjustments to work from home
29:55 - Will PM work change?
31:04 - Outro

Learn cybersecurity for free with our new hands-on Cyber Work Applied series. Whether you want to learn how cross-site scripting attacks work, set up a man-in-the-middle attack or walk through major breaches like Equifax, Infosec instructors will teach you these skills and show you how they apply to real-world scenarios. Best of all — it's free!

This episode we welcome Rita Gurevich, CEO and founder of Sphere Technology Solutions. She talks about what it’s like to start her own company, why it is important to know your assets when setting policy, and what skills and experiences set applicants apart when they look to hire. Plus, she has plenty of data governance strategies to chat about.

0:00 - Intro
2:47 - Origin story
4:51 - The creation of Sphere
7:14 - Working solo at Sphere
9:12 - What would you change going back?
10:30 - Pricing your business activities
12:36 - Average day as a CEO
13:32 - Favorite parts of the job
14:50 - What is data governance?
17:40 - Factors driving data growth
19:28 - First steps to form data strategy
22:07 - Data governance best practices
23:40 - Time frame to get a master inventory
25:17 - What does good data governance do
26:12 - Skills I need for data governance and management
27:47 - Importance of collaboration and mentorship
30:26 - Skills and experiences for Sphere candidates
32:48 - Tips to get into cybersecurity work
34:06 - Outro

Learn cybersecurity for free with our new hands-on Cyber Work Applied series. Whether you want to learn how cross-site scripting attacks work, set up a man-in-the-middle attack or walk through major breaches like Equifax, Infosec instructors will teach you these skills and show you how they apply to real-world scenarios. Best of all — it's free!

You’ve just been breached or threatened with a cyberattack. Now comes a new extortion demand, pay up now — or it’s only going to get worse.

This episode we welcome Jeff Schmidt of Covail to discuss security and risk management, working at the FBI to create the InfraGard program, and what cybersecurity can learn from physical security controls and fire safety and protection.

0:00 - Intro
2:30 - Origin story
4:31 - Stepping stones throughout career
8:00 - Average work day
12:14 - Learning from physical security
17:18 - Deficiencies in detection
22:17 - Which security practices need to change?
24:15 - How massive would this change be?
27:37 - Skills needed for real-time detection
32:00 - Strategies to get into cybersecurity
34:30 - Final words on the industry
37:16 - What is Covail?
38:40 - Outro

Learn cybersecurity for free with our new hands-on Cyber Work Applied series. Whether you want to learn how cross-site scripting attacks work, set up a man-in-the-middle attack or walk through major breaches like Equifax, Infosec instructors will teach you these skills and show you how they apply to real-world scenarios. Best of all — it's free!

Study after study shows cybersecurity job descriptions lack clarity across most roles and industries — stifling talent recruitment, development and retention efforts. Infosec Institute and Aspen Cybersecurity Workforce Coalition will provide data-backed insights into how organizations are aligning job descriptions and training to tools like the NICE Framework, including what’s working and what’s not.

Learn how to measure your employees’ attitudes and perceptions towards security with the Infosec IQ Cybersecurity Culture Survey.