Information security certifications, training and jobs
The information security careers, training and certification resource center provides the latest news, expert advice and learning tools to help you make informed career choices, learn about CISSP, SANS and CISA certification, and the training required for information security jobs.
Top Stories
-
Answer
08 Nov 2022
3 best professional certifications for CISOs and aspiring CISOs
While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs. Continue Reading
-
Tip
27 Oct 2021
5 IT security policy best practices
As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
-
Tip
27 Oct 2021
5 IT security policy best practices
As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
-
Quiz
30 Sep 2021
10 CIPP/US practice questions to test your privacy knowledge
Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
-
Feature
30 Sep 2021
How to prepare for the CIPP/US exam
The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
-
Definition
20 Sep 2021
CSO (Chief Security Officer)
A Chief Security Officer (CSO) is a C-suite executive responsible for a company's physical and digital security. Continue Reading
-
News
25 Aug 2021
HackerOne launches AWS certification paths, pen testing service
A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification. Continue Reading
-
Feature
12 Aug 2021
How privacy engineers promote innovation and trust
Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust. Continue Reading
-
Quiz
04 Aug 2021
Sample CompTIA CySA+ test questions with answers
Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
-
Feature
04 Aug 2021
How to prepare for the CompTIA CySA+ exam
The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
-
News
29 Jul 2021
Badmouthing of federal gov hurts cybersecurity recruiting
Government and businesses are struggling with cybersecurity recruiting because of a skills shortage. The federal government's problem is made worse by bad branding. Continue Reading
-
Feature
30 Jun 2021
What is the BISO role and is it necessary?
Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units. Continue Reading
-
Feature
02 Jun 2021
Post-pandemic cybersecurity conferences not to miss
In the shadows of the pandemic, threat actors got even more brazen. Security pros can fight back with the aid of expert insights and training at these upcoming conferences. Continue Reading
-
Definition
21 May 2021
ethical hacker
An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit. Continue Reading
-
Feature
20 May 2021
4 ways to handle the cybersecurity skills shortage in 2021
More than half of cybersecurity pros say their organizations could do more to manage negative effects of the skills shortage, such as overwork and burnout. Find out how. Continue Reading
-
Definition
12 May 2021
hacker
A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. Continue Reading
-
Guest Post
15 Apr 2021
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
-
Feature
12 Apr 2021
Advice on how to prepare for the CompTIA Security+ exam
The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more. Continue Reading
-
Guest Post
26 Feb 2021
6 ways to prevent cybersecurity burnout
Consider investing in training for new employees, offering mentoring and setting goals, automating where possible and more to help prevent cybersecurity burnout. Continue Reading
-
Feature
18 Feb 2021
IT certification vs. degree: Which is better for your career?
IT professionals can further their skills through degree programs and certifications. While certifications are a cost-effective option, degrees offer a more well-rounded education. Continue Reading
-
Feature
29 Jan 2021
The case for applying psychology in cybersecurity training
Chartered psychologist Rebecca McKeown describes how psychology in cybersecurity can improve incident response and makes the case for a research-based approach to training. Continue Reading
-
Quiz
23 Dec 2020
Endpoint security quiz: Test your knowledge
Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading
-
Guest Post
18 Dec 2020
How to address the skills gap of security and IT personnel
In part two of Jonathan Meyers' look at the skills gap challenge companies face in cybersecurity, he offers recommendations to consider when ensuring your teams have the skills needed. Continue Reading
-
Feature
08 Dec 2020
Ethical hacker career path advice: Getting started
Matt Walker, author of a Certified Ethical Hacker exam guide and practice exam book, offers advice to career hopefuls on the profession, CEH certification and more. Continue Reading
-
Feature
22 Sep 2020
Inclusive job descriptions key for infosec hiring
When seeking candidates for infosec job roles, it helps to think outside the box. Inclusive job descriptions and cutting back on unnecessary requirements are good places to start. Continue Reading
-
Guest Post
09 Sep 2020
Best practices for ethically teaching cybersecurity skills
Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry. Continue Reading
-
Quiz
20 Aug 2020
CISSP practice exam questions and answers
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill. Continue Reading
-
Quiz
03 Aug 2020
Test your cybersecurity knowledge with this quick ISM quiz
Read our August 2020 e-zine, and then take this short quiz to test your knowledge of cybersecurity awareness training and other issues -- from types of CISOs to talent recruitment. Continue Reading
-
Feature
03 Aug 2020
Which type of CISO are you? Company fit matters
Incompatibility between CISOs and their companies can lead to stress, frustration, burnout and rapid turnover. Identify your CISO style to target the ideal role and environment for you. Continue Reading
-
Opinion
03 Aug 2020
The case for cybersecurity by design in application software
Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it. Continue Reading
-
Feature
03 Aug 2020
10 tips for cybersecurity awareness programs in uncertain times
Explore the winning tactics and tools CISOs and other cybersecurity leaders are employing in their programs to raise employee security awareness -- and consider how they might work for you. Continue Reading
-
Opinion
03 Aug 2020
Develop internal cybersecurity talent to build your dream team
Cybersecurity duties have changed, with cloud and coding being essential knowledge now. But CISOs can still build their dream cybersecurity team through internal talent development. Continue Reading
-
Tip
03 Aug 2020
How to shift from DevOps to DevSecOps
A successful DevSecOps rollout requires software developers to be equipped with the proper security skills and tools. Learn how to transition smoothly from DevOps to DevSecOps. Continue Reading
- 03 Aug 2020
- E-Zine 03 Aug 2020
-
Opinion
03 Aug 2020
Importance of cybersecurity awareness never greater
Security awareness is more essential than ever, but in a world of increasingly sophisticated threats, making it a reality requires more than set-it-and-forget-it training. Continue Reading
-
Feature
22 Jul 2020
Minorities in cybersecurity face unique and lasting barriers
IT is facing renewed scrutiny into its lack of diversity. Explore the unique barriers minorities in cybersecurity face and why hiring approaches are ill equipped to address them. Continue Reading
-
Feature
07 Jul 2020
Why COVID-19 won't stop cybersecurity jobs and recruitment
The economy is struggling, and many careers are taking hits, but cybersecurity jobs and careers will likely stay in demand as companies need to keep data and customers safe. Continue Reading
-
Feature
16 Jun 2020
Invest in new security talent with cybersecurity mentorships
Cybersecurity mentorships provide a great opportunity for those just entering the industry who want a successful start. Having the right guidance is a must. Continue Reading
-
Feature
20 May 2020
IT and security teams collide as companies work from home
The new world of remote work has given rise to IT and security teams working more closely than ever before. They need to come together to provide excellent UX and security. Continue Reading
-
Quiz
20 May 2020
Use these CCSK practice questions to prep for the exam
Virtualization and container security are key topics in the Certificate of Cloud Security Knowledge credential. Test your knowledge with these CCSK practice questions. Continue Reading
-
Feature
20 May 2020
CCSK cert guide author's insights into cloud security credential
The author of a Certificate of Cloud Security Knowledge exam guide offers insights into certifications, top considerations for those pursuing the CCSK and more. Continue Reading
-
Quiz
06 May 2020
Test your cyber-smarts with this network security quiz
Show what you know about the topics covered in the May 2020 issue of Information Security magazine. If you get nine of 10 answers right, you'll also receive CPE credit! Continue Reading
-
Feature
01 May 2020
CISO stress and burnout cause high churn rate
The nature of the CISO role can take a toll, say industry vets, with frustration and stress contributing to high turnover rates and burnout. Learn how to make it work. Continue Reading
-
Feature
07 Apr 2020
Skill building is key to furthering gender diversity in tech
Gender disparities imperil the threat intelligence community. Shannon Lietz, leader and director of DevSecOps at Intuit, discusses current efforts to attract female talent. Continue Reading
-
Feature
26 Mar 2020
CISA exam preparation requires learning ethics, standards, new vocab
The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
-
Quiz
26 Mar 2020
CISA practice questions to prep for the exam
Ready to take the Certified Information Systems Auditor exam? Use these CISA practice questions to test your knowledge of the audit process job practice domain. Continue Reading
-
Feature
12 Mar 2020
ITOps security requires attention to training
Becoming fluent about IT security is critically important for numerous aspects of ITOps, yet many organizations fail to train their ITOps staff in security. Continue Reading
-
Answer
26 Feb 2020
Good cybersecurity thesis topics for a master's degree
Writing a master's thesis? A strong topic positions you for academic and professional success, while a weak one promises to make an already intensive process arduous at best. Continue Reading
-
Tip
19 Feb 2020
AI-driven cybersecurity teams are all about human augmentation
AI is often associated with technology replacing humans. In the case of AI-based cybersecurity teams, however, AI will augment its human counterparts, not supplant them. Continue Reading
-
Feature
28 Jan 2020
'Computer Security Fundamentals:' Quantum security to certifications
New topics, from security engineering to quantum computing, are covered in 'Computer Security Fundamentals,' but the book's author suggests readers review some basic topics, too. Continue Reading
-
Tip
22 Jan 2020
How to write a quality penetration testing report
Writing a penetration testing report might not be the most fun part of the job, but it's a critical component. These tips will help you write a good one. Continue Reading
-
Quiz
07 Jan 2020
CISM practice questions to prep for the exam
Risk management is at the core of being a security manager. Practice your risk management knowledge with these CISM practice questions. Continue Reading
-
Feature
27 Dec 2019
Editor's picks: Most pressing cybersecurity stories in 2019
As the year comes to an end, SearchSecurity takes a bird's-eye view of the sophisticated cyberthreat landscape and how it has changed over the past 12 months. Continue Reading
-
Answer
26 Nov 2019
What is the role of CISO in network security?
The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees. Continue Reading
-
Answer
21 Nov 2019
Do you have the right set of penetration tester skills?
Pen testing is more than just the fun of breaking into systems. Learn about the critical penetration tester skills potential candidates must master to become proficient in their career path. Continue Reading
-
News
08 Nov 2019
Microsoft cybersecurity training to become mandatory for its workers
Microsoft's cybersecurity training program, which uses AI-powered tools to reinforce learning, is mandated for all employees. It will also be launched in a version for customers. Continue Reading
-
Feature
06 Nov 2019
4 innovative ways to remedy the cybersecurity skills gap
Learn how companies should adapt to hire, recruit and retain top-notch employees during the current cybersecurity workforce shortage. Continue Reading
-
Opinion
01 Nov 2019
When cyberthreats are nebulous, how can you plan?
Security planning is tough when you're short-staffed and hackers have smart tech too. You'll need solid skills and, most of all, a willingness to use your imagination. Continue Reading
-
Feature
01 Nov 2019
A cybersecurity skills gap demands thinking outside the box
Today's security team shortages can't be filled using yesterday's thinking. Learn what other IT security leaders are doing to plug the skills gap and keep their organization safe. Continue Reading
- 01 Nov 2019
-
Infographic
01 Nov 2019
Enterprises feel the pain of cybersecurity staff shortages
It's hard enough keeping up with today's threats on a good day. But when your IT organization is spread thin, especially in terms of cybersecurity staff, the challenges mount. Continue Reading
-
Feature
25 Oct 2019
On a penetration tester career path, flexibility and curiosity are key
Becoming a pen tester takes more than passing an exam. Learn the qualities ethical hackers should embrace to achieve success on their penetration tester career path. Continue Reading
-
Feature
18 Oct 2019
DevSecOps model requires security get out of its comfort zone
Shifting from DevOps to DevSecOps isn't always easy, with the transition requiring changes to culture, processes and people. Here's how security can help lead the charge. Continue Reading
-
News
16 Sep 2019
DerbyCon attendees and co-founder reflect on the end
DerbyCon attendees and co-founder Dave Kennedy reflect on the legacy and future of the conference following its final event, which took place in Louisville, Ky. Continue Reading
-
Tip
12 Sep 2019
What it takes to be a DevSecOps engineer
To address security early in the application development process, DevSecOps requires a litany of skills and technology literacy. Learn what it takes to be a DevSecOps engineer. Continue Reading
-
Tip
29 Aug 2019
How to navigate the often challenging CISO career path
There's no clear-cut path to becoming a CISO. However, the right security certifications, an ever-questioning attitude and a strong network of CISO peers can help prepare you for the journey. Continue Reading
-
News
28 Aug 2019
Breaking into cybersecurity careers through nontraditional paths
Some DEF CON attendees discussed their nontraditional paths into cybersecurity and how networking and being eager to learn can bridge the gap between experience and job requirements. Continue Reading
-
Feature
12 Aug 2019
Cybersecurity automation won't fix the skills gap alone
Joan Pepin, CISO and vice president of operations at Auth0, says cybersecurity automation makes her job possible, but it can't replace the human talent her industry badly needs. Continue Reading
-
Opinion
01 Aug 2019
The must-have skills for cybersecurity aren't what you think
The most critical skills that cybersecurity lacks -- like leadership buy-in, people skills and the ability to communicate -- are not the ones you hear about. That needs to change. Continue Reading
- 01 Aug 2019
-
Feature
30 Jul 2019
Digital transformation redefines cybersecurity skills, careers
The move toward digital business processes has forced companies to reconsider how they find cybersecurity talent, but finding the right skills may be easier than CISOs think. Continue Reading
-
Feature
24 Jul 2019
Network teams spend more time than ever on network security issues
The workloads of network teams have evolved from their original objectives because of network security threats. Yet teams are still expected to maintain their initial goals. Continue Reading
-
Feature
23 Jul 2019
Portrait of a CISO: Roles and responsibilities
Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate. Continue Reading
-
News
18 Jun 2019
Gartner: Cybersecurity skills shortage requires a new approach
At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved. Continue Reading
-
Feature
14 Jun 2019
SANS security awareness credential paves new career path
The SANS Security Awareness Professional credential gives enterprises a new method to recognize and promote cybersecurity awareness in the organization. Continue Reading
-
Feature
15 May 2019
Women in cybersecurity work to grow voice in US lawmaking
To encourage more input from women in cybersecurity in the legislative process, the Executive Women's Forum went to Washington to discuss key issues with Congress. Continue Reading
-
News
10 May 2019
Effects of cybersecurity skills shortage worsening, new study says
The cybersecurity skills shortage is putting businesses at risk in a variety of ways, according to a new study. Experts suggest ways to combat the problem. Continue Reading
-
News
29 Mar 2019
Study: Cybersecurity professionals taking on more data privacy duties
At the SecureWorld Boston conference, ISSA unveils data that shows cybersecurity professionals are taking on more data privacy duties. Experts sound off on what it signifies. Continue Reading
-
Conference Coverage
07 Mar 2019
RSAC 2019: Coverage of the premiere security gathering
Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team. Continue Reading
-
Feature
01 Feb 2019
CISO tackles banking cybersecurity and changing roles
Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading
- 01 Feb 2019
-
News
19 Oct 2018
(ISC)2: Cybersecurity workforce shortage nears 3 million worldwide
With a workforce in short supply, the skills gap has affected the professional growth of security pros worldwide, an (ISC)2 Cybersecurity Workforce Study found. Continue Reading
-
News
09 Oct 2018
At (ISC)² Security Congress 2018, a congressman calls for action
Rep. Cedric Richmond (D-La.) outlined three key strategies for addressing cybersecurity policy and workforce gaps. Continue Reading
-
News
08 Oct 2018
(ISC)² Security Congress 2018 tackles industry challenges
Professional development will take center stage this week at the eighth annual (ISC)² Security Congress. Continue Reading
-
Opinion
02 Oct 2018
Kurt Huhn discusses the role of CISO in the Ocean State
A strategy focused on widespread training and education leads to progress against one of the state's biggest threats, says the Rhode Island CISO. Continue Reading
- 02 Oct 2018
-
Tip
22 Aug 2018
Find network security vulnerabilities by assessing risk
IT staff needs to regularly review network security vulnerabilities and security gaps to battle rising cybersecurity breaches and keep costs under control through risk assessments. Continue Reading
-
Feature
17 Aug 2018
Facebook cybersecurity: How the company is building a diverse team
Facebook director of security Aanchal Gupta sounds off on the need for diverse security teams and gives an overview of how the social media giant is working to make it happen. Continue Reading
-
News
14 Aug 2018
Amanda Rousseau on becoming a cybersecurity researcher
Cybersecurity researcher Amanda Rousseau discusses the relationship between the infosec community and law enforcement and how to create the next generation of white hat hackers. Continue Reading
-
News
02 Aug 2018
Black Hat 2018 survey: Cybersecurity staffing, budgets still lacking
According to a survey of Black Hat 2018 attendees, organizations are still struggling with insufficient cybersecurity staff and budgets to meet the current and emerging threats. Continue Reading
-
Opinion
01 Aug 2018
Fannie Mae CISO calls for more data on security incidents
Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender. Continue Reading
-
Survey
01 Aug 2018
Not enough information security analysts, despite higher wages
Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient. Continue Reading
- 27 Jul 2018
- 27 Jul 2018
-
Podcast
19 Jul 2018
Risk & Repeat: Closing the gender gap at cybersecurity conferences
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the under-representation of women at cybersecurity conferences and how it affects the infosec industry. Continue Reading
-
Feature
19 Jul 2018
Endgame's Devon Kerr on what it takes to be a threat hunter
Threat hunting goes beyond mere monitoring and detection. Endgame's Devon Kerr explains tomorrow's threat hunters and the keys to successful cyberthreat hunting. Continue Reading
-
Opinion
01 Jun 2018
Walmart's Jerry Geisler on the CISO position, retail challenges
A global CISO in charge of one of the world's largest cybersecurity programs got his start on the retail floor. He's arrived just in time for the digital transformation. Continue Reading
-
News
31 May 2018
New Walmart CISO discusses protecting the world's largest retailer
Walmart CISO Jerry Geisler talks about the retail giant's evolving cloud strategy, vulnerability management and risks the company is focused on across its environments. Continue Reading
-
Feature
30 May 2018
McAfee CISO explains why diversity in cybersecurity matters
Improving diversity in cybersecurity teams can help improve their ability to address cybersecurity challenges through diversity of thought, suggests McAfee CISO Grant Bourzikas. Continue Reading
- 29 May 2018
-
News
24 May 2018
Federal HR wants to modernize cybersecurity recruiting, pay
The U.S. Dept. of Homeland Security wants to modernize recruitment and management of its cybersecurity workforce. It is asking vendors to explain how DHS can achieve its goals. Continue Reading