Security Awareness & Training Resource Center
Featured content
Deconstructing Human-Element Breaches | Infosec HRM
Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way.
Inside an Infosec Boot Camp: All your questions, answered!
You need to get certified, but is an Infosec Boot Camp the right choice for you — or your team? Find out in this live Q&A with two Infosec instructors.
Emerging trend checklist: Which certifications cover which new skills?
Boost your team's cybersecurity skills with the right certifications. Discover the most in-demand skills and the certifications that cover them in our free guide.
Security Awareness Outcomes with Infosec IQ
See security awareness and training outcomes from more than five million Infosec IQ learners.
Our resources
Keeping your inbox safe: How to prevent business email compromise
BEC scams cost organizations nearly $3 billion last year. See examples of business email compromise and how to prevent it in your organization.
After certification: Investing in employees' cybersecurity career pathways
Hear from two industry experts about how continuing education can be a differentiator in retaining and hiring cybersecurity professionals.
IT skills advice from IDC's IT education and certifications expert
IDC's Cushing Anderson breaks down the current IT skills landscape and how organizations can keep up as it evolves.
Twitter’s cybersecurity whistleblower: What it means for the community
The recent whistleblower complaint against Twitter highlights the disconnect between cybersecurity experts and executives in organizations.
Today’s IT job market: Beyond fear, uncertainty and doubt
You may have heard some buzz about layoffs in the cybersecurity sector. Let's look at what's really going on in the job market.
How to structure your CSIRT or SOC team
Learn how to structure your computer security incident response team (CSIRT) and security operations center (SOC).
SOC integration: Creating a well-built portfolio vs. a frankenstack
A security operations center (SOC) has two options when integrating cybersecurity products for a joined-up approach to incident response.
Privacy compliance and security: Are you collecting too much data?
With data storage so cheap, enterprises have been over-collecting consumer data. Now may be the time to re-evaluate that approach.
Common misperceptions about PCI DSS: Let’s dispel a few myths
Find out why your company should look into how payment card industry data security standards affect your business.
Working as a data privacy consultant: Cleaning up other people’s mess
What is it like to work as a data privacy consultant in the cybersecurity industry?
What are black box, grey box, and white box penetration testing? [Updated 2020]
Pentesters are apparently huge fans of colors. Different roles within pentesting assignments are designated as Red Team, Blue Team, Purple Team and others. G
The CPT certification and exam
An introduction to the Certified Penetration Tester (CPT) Certification So you want to be among the next generation of information security professionals an
The CEPT certification and exam
Introduction to the Certified Expert Penetration Tester Certification Are you looking to advance your pentesting career? Then a certification might be the r
Penetration tester career path
Are you interested in a career as penetration tester? If you have “a thorough understanding of pentesting methodologies and vulnerability assessments, as wel
The top security architect interview questions you need to know
Congratulations on securing an interview for the security architect role! Security architects design and configure systems to protect the infrastructure and
How to configure a network firewall: Walkthrough
Learn the basics of configuring a network firewall in this episode of Cyber Work Applied featuring Infosec Skills author Mike Meyers.
Network design: Firewall, IDS/IPS
There are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an atta
How to use the NICE Cybersecurity Workforce Framework to plan career progression: A practitioners’ guide
Introduction: An overview of the NICE Cybersecurity Workforce Framework In 2017, the National Institute of Standards and Technology (NIST) published Special
Two ways to build a secure software team using the NICE Framework
The NICE Framework can help you run your organization smoothly.
Two ways to build a cybersecurity team using the NICE Framework
Using the NICE Framework for Cybersecurity will help you structure your team against cyberthreats.
Passion and perseverance equal success for this inspiring scholarship winner
Scholarship winner Edelia McDaniel proves that anything is possible when you work hard and stay hungry.
How to specialize in cybersecurity: Find your path and your passion
Cybersecurity provides a variety of career opportunities. Bugcrowd CEO Casey Ellis shares how to kickstart your career — and how to find your niche.
IDS/IPS overview
A typical corporate network makes use of a number of networking devices for preventing attacks originating from the internet and maintaining the security of
How to build hands-on cybersecurity skills on a budget
Introduction Cybersecurity is a constantly changing field, so a passion for lifelong learning is a must for infosec professionals. Staying ahead of the bad g