Careers and certifications
Security admins, pen testers and CISOs are a few of many potential cybersecurity careers. Get advice on making a career choice and finding the trainings and certifications -- such as Security+, CISSP and CCSK -- needed to land an infosec job, along with guidance on succeeding in a security profession.
Top Stories
-
Tip
31 Jan 2024
Cybersecurity career path: 5-step guide to success
Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity. Continue Reading
-
Tip
31 Jan 2024
10 must-have cybersecurity skills for career success in 2024
Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand. Continue Reading
-
Tip
31 Jan 2024
10 must-have cybersecurity skills for career success in 2024
Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand. Continue Reading
-
Tip
29 Jan 2024
Top 4 incident response certifications to consider in 2024
Cybersecurity professionals pursuing an incident response track should consider the following certifications to bolster their knowledge and advance their career. Continue Reading
-
Tip
29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
-
Feature
26 Jan 2024
The ultimate guide to cybersecurity planning for businesses
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
-
Tip
22 Jan 2024
5 essential programming languages for cybersecurity pros
Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals. Continue Reading
-
Tip
10 Jan 2024
10 cybersecurity certifications to boost your career in 2024
A consensus of industry professionals rank these 10 security certifications as the most coveted by employers and security pros -- plus links to 10 vendor security certifications. Continue Reading
-
Feature
08 Jan 2024
How to become an incident responder: Requirements and more
Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
-
Feature
05 Jan 2024
Top 8 in-demand cybersecurity jobs for 2024 and beyond
Cybersecurity is a challenging career path, filled with professional opportunities. Learn about the top cybersecurity jobs and the training and background they require. Continue Reading
-
Tip
04 Jan 2024
Top 12 online cybersecurity courses for 2024
Our panel of experts picked the best free and paid online cybersecurity courses for working professionals looking to advance their careers and for newbies breaking into the field. Continue Reading
-
Tip
02 Jan 2024
The 10 best cloud security certifications for IT pros in 2024
Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
-
Definition
19 Dec 2023
CISO (chief information security officer)
The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats. Continue Reading
-
Definition
14 Dec 2023
massive open online course (MOOC)
A massive open online course (MOOC) is a typically free web-based distance learning program that's designed for large numbers of geographically dispersed students. Continue Reading
-
Opinion
31 Oct 2023
How to overcome the beginner cybersecurity career Catch-22
The workforce gap constantly makes headlines, but that doesn't mean breaking into the field is easy. Get advice on how to start on an entry-level cybersecurity career path. Continue Reading
-
Feature
30 Oct 2023
What does an IT security manager do?
IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection. Continue Reading
-
Definition
06 Oct 2023
CSSLP (Certified Secure Software Lifecycle Professional)
CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC). Continue Reading
-
Tip
29 Sep 2023
How to land a corporate board seat as a CISO
Any CISO who aspires to a corporate board seat needs a strategic approach. Learn how security executives can position themselves to become top-level decision-makers. Continue Reading
-
Feature
18 Jul 2023
IT hiring picks up amid ongoing economic concerns
TechTarget's 2023 salary and careers survey shows most organizations are hiring for selected IT skills, making progress on DEI initiatives and offering workplace flexibility. Continue Reading
-
Definition
01 Jun 2023
NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers. Continue Reading
-
Feature
23 May 2023
How to become a bug bounty hunter: Getting started
Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter. Continue Reading
-
News
10 May 2023
CISOs face mounting pressures, expectations post-pandemic
Proofpoint's 2023 Voice of the CISO report shows deep concern among executives about impending data loss and exposure from negligent -- and malicious -- employees. Continue Reading
-
Definition
09 May 2023
Certified Cloud Security Professional (CCSP)
Certified Cloud Security Professional (CCSP) is an International Information System Security Certification Consortium, or (ISC)2, certification that covers cloud-based cybersecurity best practices. Continue Reading
-
Feature
08 May 2023
7 ways to mitigate CISO liability and risk
Recent civil and criminal cases have brought CISO liability questions to the fore. Learn how to understand and manage personal risk exposure as a security executive. Continue Reading
-
Definition
14 Apr 2023
International Information Systems Security Certification Consortium (ISC)2
(ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates. Continue Reading
-
Tutorial
13 Apr 2023
How to use the John the Ripper password cracker
Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
-
Opinion
11 Apr 2023
10 hot topics to look for at RSA Conference 2023
RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading
-
Feature
11 Apr 2023
Practice Microsoft SC-100 exam questions with answers
Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam. Continue Reading
-
Feature
11 Apr 2023
How to prepare for the Microsoft Cybersecurity Architect exam
Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more. Continue Reading
-
Feature
11 Apr 2023
How to use Azure AD Connect synchronization for hybrid IAM
Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
-
Feature
23 Mar 2023
8 cybersecurity conferences to attend in 2023
Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way learn about these trends for the best defense. Continue Reading
-
Tip
13 Mar 2023
Is cybersecurity recession-proof?
No field is totally immune to economic downturns, but flexible, practical and prepared cybersecurity professionals should be able to weather any upcoming storms. Continue Reading
-
Tip
30 Jan 2023
5 ethical hacker certifications to consider
From Offensive Security Certified Professional to GIAC Web Application Penetration Tester, learn about the certifications worth earning to begin your ethical hacker career. Continue Reading
-
Tip
23 Jan 2023
8 cybersecurity roles to consider
Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required. Continue Reading
-
News
16 Jan 2023
Judge dismisses Chris Hadnagy lawsuit against DEF CON
DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
-
Definition
29 Dec 2022
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². Continue Reading
-
Feature
13 Dec 2022
After the CISO role: Navigating what comes next
Former chief information security officers may have numerous career options available but no clear path forward. Here's how to navigate life after the CISO role. Continue Reading
-
Tip
12 Dec 2022
As a new CISO, the first 100 days on the job are critical
As a chief information security officer, you won't get a second chance to make a first impression. Learn how a CISO's first 100 days lay the foundation for a successful tenure. Continue Reading
-
Feature
07 Dec 2022
Understanding malware analysis and its challenges
Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
-
Feature
07 Dec 2022
Why is malware analysis important?
Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
-
Tutorial
06 Dec 2022
How to use the Hydra password-cracking tool
Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video. Continue Reading
-
Tip
01 Dec 2022
Top 5 key ethical hacker skills
Ethical hacking can be a rewarding career, but it requires tenacity, curiosity and creativity, among other traits. Oh, and you better be a good writer, too. Continue Reading
-
Feature
29 Nov 2022
How to maintain security with an understaffed security team
Unsurprisingly, many companies function without a complete security team. Security tasks often fall to others in the organization. Here's some advice for stand-in security members. Continue Reading
-
Definition
28 Nov 2022
Common Body of Knowledge (CBK)
In security, the Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. Continue Reading
-
Tip
16 Nov 2022
Reality check: CISO compensation packages run the gamut
A capable security executive is invaluable -- a fact organizations increasingly recognize. CISOs' salaries are generally trending up, but the range in compensation is wide. Continue Reading
-
Answer
08 Nov 2022
3 best professional certifications for CISOs and aspiring CISOs
While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs. Continue Reading
-
News
01 Nov 2022
Cisco Networking Academy offers rookie cybersecurity classes
Cisco's cybersecurity track equips students for entry-level positions, including cybersecurity technician, junior cybersecurity analyst, and tier 1 help desk support role. Continue Reading
-
Tip
01 Nov 2022
Ideal CISO reporting structure is to high-level business leaders
CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
-
Feature
28 Oct 2022
Equipment to include in a computer forensic toolkit
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit. Continue Reading
-
Feature
28 Oct 2022
Advice for beginner computer forensic investigators
For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence. Continue Reading
-
Feature
19 Oct 2022
Top 10 pen testing interview questions with answers
Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
-
Feature
19 Oct 2022
Top IT security manager interview questions
Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
-
Feature
05 Oct 2022
Top zero-trust certifications and training courses
Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
-
Definition
04 Oct 2022
STEM (science, technology, engineering, and mathematics)
STEM is an educational approach that prepares primary and secondary students for college, graduate study and careers in the fields of science, technology, engineering and mathematics (STEM). Continue Reading
-
Tip
27 Sep 2022
How to get into cybersecurity with no experience
Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door. Continue Reading
-
Guest Post
26 Sep 2022
Tips for developing cybersecurity leadership talent
Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
-
Tip
13 Sep 2022
How to become a CISO
The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job. Continue Reading
-
Quiz
09 Sep 2022
Sample CompTIA CASP+ practice questions with answers
Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
-
Feature
09 Sep 2022
How to prepare for the CompTIA CASP+ exam
Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
-
Tip
07 Sep 2022
7 CISO succession planning best practices
Nothing is certain except death, taxes and CISO turnover. Learn how to prepare for the inevitable and future-proof your security program with a succession plan. Continue Reading
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
-
Tip
19 Aug 2022
Top 10 cybersecurity interview questions and answers
Interviewing for a job in cybersecurity? Memorizing security terms won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them. Continue Reading
-
News
18 Aug 2022
Shunned researcher Hadnagy sues DEF CON over ban
Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations. Continue Reading
-
Guest Post
26 Jul 2022
3 ways to help cybersecurity pros avoid burnout
Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
-
News
20 Jul 2022
DOJ report warns of escalating cybercrime, 'blended' threats
The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading
-
Feature
05 Jul 2022
How to write a cybersecurity job posting
Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading
-
Feature
05 Jul 2022
A 'CISO evolution' means connecting business value to security
As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
-
Feature
05 Jul 2022
How to find your niche in cybersecurity
It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading
-
Tip
28 Jun 2022
Negotiating a golden parachute clause in a CISO contract
If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
-
News
20 Jun 2022
Cleveland BSides takes heat for Chris Hadnagy appearance
The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct. Continue Reading
-
News
17 May 2022
North Korean IT workers targeting US enterprises
North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
-
Feature
22 Apr 2022
Unethical vulnerability disclosures 'a disgrace to our field'
The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
-
Tip
07 Mar 2022
Top DevSecOps certifications and trainings
Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
-
Feature
28 Feb 2022
Tips for creating a cybersecurity resume
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
-
Feature
28 Feb 2022
How to manage imposter syndrome in cybersecurity
The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
-
Definition
16 Feb 2022
security clearance
A security clearance is an authorization that allows access to information that would otherwise be forbidden. Continue Reading
-
News
10 Feb 2022
DEF CON bans social engineering expert Chris Hadnagy
Hadnagy, an influential figure at the DEF CON security conference, was permanently banned following allegations of misconduct at the annual Las Vegas gathering. Continue Reading
-
Feature
02 Feb 2022
A day in the life of a cybersecurity manager
The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
-
Feature
02 Feb 2022
Top cybersecurity leadership challenges and how to solve them
Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
-
Feature
29 Dec 2021
Editor's picks: Top cybersecurity articles of 2021
As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
-
Feature
29 Nov 2021
The components and objectives of privacy engineering
Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives. Continue Reading
-
Feature
29 Nov 2021
The intersection of privacy by design and privacy engineering
Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how. Continue Reading
-
Guest Post
16 Nov 2021
How to create security metrics business leaders care about
Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
-
Feature
26 Oct 2021
5 cybersecurity personality traits for a successful career
In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
-
Feature
26 Oct 2021
How to start a career in cybersecurity from the human side
Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
-
Definition
05 Oct 2021
Certified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) is a certification and globally recognized standard for appraising an IT auditor's knowledge, expertise and skill in assessing vulnerabilities and instituting IT controls in an enterprise environment. Continue Reading
-
Definition
04 Oct 2021
Certified Information Security Manager (CISM)
Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program. Continue Reading
-
Quiz
30 Sep 2021
10 CIPP/US practice questions to test your privacy knowledge
Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
-
Feature
30 Sep 2021
How to prepare for the CIPP/US exam
The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
-
Guest Post
15 Sep 2021
CompTIA SYO-601 exam pivots to secure bigger attack surface
The latest CompTIA Security+ exam, SYO-601, tests skills and knowledge for dealing with an expanded attack surface and the latest forms of assault on cybersecurity defenses. Continue Reading
-
News
25 Aug 2021
HackerOne launches AWS certification paths, pen testing service
A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification. Continue Reading
-
Feature
12 Aug 2021
How privacy engineers promote innovation and trust
Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust. Continue Reading
-
Quiz
04 Aug 2021
Sample CompTIA CySA+ test questions with answers
Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
-
Feature
04 Aug 2021
How to prepare for the CompTIA CySA+ exam
The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
-
Tip
19 Jul 2021
Comparing top identity and access management certifications
In addition to learning security fundamentals applicable to identity and access management, the top IAM certifications can yield rewarding career and networking opportunities. Continue Reading
-
Feature
30 Jun 2021
What is the BISO role and is it necessary?
Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units. Continue Reading
-
Guest Post
15 Apr 2021
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
-
Quiz
14 Apr 2021
Sample CCISO exam questions on security project management
This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions. Continue Reading
-
Feature
14 Apr 2021
CCISO exam guide authors discuss the changing CISO role
Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape. Continue Reading
-
Feature
12 Apr 2021
Advice on how to prepare for the CompTIA Security+ exam
The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more. Continue Reading
-
Quiz
12 Apr 2021
Sample CompTIA Security+ exam questions and answers
The CompTIA Security+ exam covers a wide swath of topics, from threats to compliance to architecture. Test what you know about malware with these sample test questions. Continue Reading
-
Guest Post
26 Feb 2021
6 ways to prevent cybersecurity burnout
Consider investing in training for new employees, offering mentoring and setting goals, automating where possible and more to help prevent cybersecurity burnout. Continue Reading