"How do YOU stay current in this field..." is one of the questions I have been asked in job interviews, and that I have asked others when interviewing for positions in my organization. And as I used to tell my students when I was teaching at a tech school: "Your knowledge and skills will be obsolete three months after you leave here unless you stay current and engage in life-long learning."
Cybersecurity is a very rapidly evolving and ever-changing field. Whether you are a currently employed and practicing cybersecurity professional, just starting out on your road to cybersecurity education, or looking for a career change, one of the things you will find absolutely vital is staying current and informed in the latest information on current threats, new cybersecurity technologies. Continuously absorbing new information and making life-long learning a purposeful journey will help you to explore the world of cybersecurity and learn many new things.
The amount of information out there is overwhelming, to be sure. But life-long learning is a steady journey that can be taken a step at a time. Take it slow and remember that you won't be able to digest everything at once. Pick a niche or two within cybersecurity, and concentrate efforts in the areas that interest you. Don't try to become an "expert" in everything all at once.
Some things you can do:
- Listen to daily podcasts and read daily professional journal articles.
- Subscribe to listservs and alerts such as PatchManagement.org, SANS, or US-CERT.
- Join a local chapter of a group such as ISSA, ISACA, ISC2, or CompTIA.
- Form a local group through social media sites such as Facebook or Meetup.
- Take low-cost or free training from FedVTE, Udemy, the ICS-CERT Virtual Learning Portal, and your organization’s computer based training system.
- Some of the local groups as mentioned above often have many training opportunities.
- Volunteer to give training at one of the local groups above. This will force you to more thoroughly research and present on a topic.
- Earn certifications that force you to constantly stay current by getting Continuing Education Units (CEUs) in order to maintain the certification.
- If you’re an advanced practitioner in the field (yes, we need to stay current as well), seek opportunities to do some adjunct teaching at the junior college or university level.
- Mentor someone or ask someone to mentor you.
The cybersecurity field is a huge and rapidly growing field, and there are way too many available resources for me to mention here. But some of these links and resources will hopefully give you some ideas and pique your interest to search and pursue (or as I used to do with my students – send them on “Seek and Destroy” missions to find information). Again, and as I often told my students: your knowledge and skills will be obsolete in a very short time unless you stay engaged and pursue life-long learning. Excellence in this field is not a destination but an on-going journey.
Resources:
Industrial Control Systems Cyber Emergency Response Team (ICS-CERT):
https://ics-cert.us-cert.gov/Training-Available-Through-ICS-CERT
https://ics-cert-training.inl.gov/learn
Five Essential Cybersecurity Podcasts for IT Professionals:
https://www.techrepublic.com/article/five-essential-cybersecurity-podcasts-for-it-professionals/
Information Systems Security Association:
https://www.issa.org/
PatchManagement.org ListServ:
http://www.patchmanagement.org/
SANS Internet Storm Center:
https://isc.sans.edu/
United States Computer Emergency Readiness Team (US-CERT):
https://www.us-cert.gov/
National Initiative for Cybersecurity Careers and Studies (NICCS):
https://niccs.us-cert.gov/
IBM Security Intelligence: How to Stay Up-to-Date on Security Trends:
https://securityintelligence.com/how-to-stay-up-to-date-on-security-trends/
FEMA Emergency Management Institute:
https://training.fema.gov/is/