Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Security risks of cloud migration

An overview of cloud migration projects and the considerations for migrating applications to the cloud.
Read More
Article

Cybersecurity Weekly: CFAA prosecution reprieve, Top 10 behaviors hackers exploit, Spring cleaning your data and cybersecurity habits

Ethical hackers no longer under threat by U.S. DOJ, the top things you're doing that let hackers in (according to the FBI), and Microsoft patch breaks authen
Read More
Article

How to become an ethical hacker: Tips from Offensive Security CEO Ning Wang

Offensive Security CEO Ning Wang explains how the Try Harder mindset will help you succeed as an ethical hacker.
Read More
Article

CompTIA A+ Earning CPEs [Updated 2022]

Find out what you should know about the CEU system and what activities meet CompTIA’s requirements.
Read More
Article

GPEN vs. PenTest+: Which certification is better?

GPEN and PenTest+ are both excellent penetration testing certifications, but which one is best for your career goals?
Read More
Article

Chanthea Quinland: Bringing cybersecurity to her local community and beyond

Chanthea Quinland is a 2021 Undergraduate Infosec Scholarship winner, hoping to raise cybersecurity awareness in her local community and beyond.
Read More
Article

Electron Bot Malware is disseminated via Microsoft's Official Store and is capable of controlling social media apps

Learn about the high-level details of this malware and provide security measures to avoid threats of this nature.
Read More
Article

Cybersecurity Weekly: Novel phishing trick bypasses filters, Costa Rica declares a national emergency and an electronic cybercrime evidence swap.

A new novel phishing trick used to bypass spam filters, a national emergency in Costa Rica due to Conti ransomware, and US agrees to an international electro
Read More
Article

Shaking up security awareness: How one organization is building a culture of security

How to make security awareness training engaging and how this helps to build a security culture.
Read More
Article

ISC2 CGRC domain #3: Selection and approval of security and privacy controls

Learn about the importance of domain three of the Certified in Governance, Risk and Compliance certification.
Read More
Article

Average CGRC (Certified in Governance, Risk and Compliance) salary

The Certified in Governance, Risk and Compliance certification will help you gain a higher salary in your cybersecurity career.
Read More
Article

SockDetour: the backdoor impacting U.S. defense contractors

Learn how the SockDetour malware works and how to guard against it.
Read More
Article

ISC2 CGRC domain #2: Scope of the information system

Learn objectives for CGRC domain 2 and explain how to apply these learnings in your everyday work environment.
Read More
Article

Cybersecurity Weekly: Avoiding P2P payment scams, GitHub 2FA requirements, Tech giants committing to eliminating passwords

How to avoid falling victim to new P2P payment scams, GitHub announces 2FA requirement for code contributors, and tech giants such as Apple, Google and Micro
Read More
Article

Security Culture: TikTok CISO says this trend is here to stay

Thoughts from TikTok's Roland Cloutier on building a culture of security that you can use to meet the five levels of the CMMC program
Read More
Article

CompTIA performance based questions

Learn some of the questions to expect when you take the CompTIA exam.
Read More
Article

IT skills advice from IDC's IT education and certifications expert

IDC's Cushing Anderson breaks down the current IT skills landscape and how organizations can keep up as it evolves.
Read More
Article

Why information security professionals should learn about law

Security isn’t just about protecting important information. It also means knowing the legal issues around cybersecurity and privacy.
Read More
Article

For 2021 Infosec Scholarship winner Olivia Gallucci, proof that it is never too early to follow your passion

Olivia Gallucci, a 2021 Infsec Scholarship Winner, will continue to explore her passion for cybersecurity, technology and free and open-source software.
Read More
Article

HermeticWiper malware used against Ukraine

Learn the technical details of the HermeticWiper malware being used against Ukraine.
Read More
Article

Managing a security awareness program: Carrots, sticks, and repeat offenders

Learn important lessons on how to optimize staff engagement with your security awareness training program from an expert panel led by Infosec.
Read More
Article

Cybersecurity Weekly: BlackCat ransomware, Training employees in ransomware, most exploited vulnerabilities in 2021

The threat posed by BlackCat ransomware is bigger than we know, how training employees about ransomware can mitigate cyber risk and the 15 most exploited vul
Read More
Article

How ethical hacking and pentesting is changing in 2022

The cloud and new web applications are changing the world of ethical hacking and penetration testing.
Read More
Article

Hugh Shepherd: A career defined by service, persistence and growth

Hugh Shepherd is one of the 2021 Infosec Scholarship winners, demonstrating how far the right attitude and drive for professional growth can take you.
Read More