Careers and certifications
Security admins, pen testers and CISOs are a few of many potential cybersecurity careers. Get advice on making a career choice and finding the trainings and certifications -- such as Security+, CISSP and CCSK -- needed to land an infosec job, along with guidance on succeeding in a security profession.
Top Stories
-
Feature
27 Jun 2023
The ultimate guide to cybersecurity planning for businesses
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
-
Feature
23 May 2023
How to become a bug bounty hunter: Getting started
Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter. Continue Reading
-
News
10 May 2023
CISOs face mounting pressures, expectations post-pandemic
Proofpoint's 2023 Voice of the CISO report shows deep concern among executives about impending data loss and exposure from negligent -- and malicious -- employees. Continue Reading
-
Feature
08 May 2023
7 ways to mitigate CISO liability and risk
Recent civil and criminal cases have brought CISO liability questions to the fore. Learn how to understand and manage personal risk exposure as a security executive. Continue Reading
-
Feature
17 Apr 2023
Top 8 in-demand cybersecurity jobs for 2023 and beyond
Cybersecurity is a challenging career path, filled with professional opportunities. Learn about the top cybersecurity jobs and the training and background they require. Continue Reading
-
Tutorial
13 Apr 2023
How to use the John the Ripper password cracker
Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
-
Opinion
11 Apr 2023
10 hot topics to look for at RSA Conference 2023
RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading
-
Feature
11 Apr 2023
How to use Azure AD Connect synchronization for hybrid IAM
Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
-
Feature
11 Apr 2023
Practice Microsoft SC-100 exam questions with answers
Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam. Continue Reading
-
Feature
11 Apr 2023
How to prepare for the Microsoft Cybersecurity Architect exam
Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more. Continue Reading
-
Feature
23 Mar 2023
8 cybersecurity conferences to attend in 2023
Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way learn about these trends for the best defense. Continue Reading
-
Tip
13 Mar 2023
Is cybersecurity recession-proof?
No field is totally immune to economic downturns, but flexible, practical and prepared cybersecurity professionals should be able to weather any upcoming storms. Continue Reading
-
Feature
13 Feb 2023
How to become an incident responder: Requirements and more
Incident response is a growth field that provides career growth options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
-
Tip
30 Jan 2023
5 ethical hacker certifications to consider
From Offensive Security Certified Professional to GIAC Web Application Penetration Tester, learn about the certifications worth earning to begin your ethical hacker career. Continue Reading
-
Tip
23 Jan 2023
8 cybersecurity roles to consider
Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required. Continue Reading
-
News
16 Jan 2023
Judge dismisses Chris Hadnagy lawsuit against DEF CON
DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
-
Tip
28 Dec 2022
10 cybersecurity certifications to boost your career in 2023
A consensus of industry professionals rank these 10 security certifications as the most coveted by employers and security pros -- plus links to 10 vendor security certifications. Continue Reading
-
Tip
21 Dec 2022
10 must-have cybersecurity skills for career success in 2023
Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand. Continue Reading
-
Tip
19 Dec 2022
The 14 best cloud security certifications for IT pros in 2023
Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
-
Tip
16 Dec 2022
Top 12 online cybersecurity courses for 2023
Our panel of experts picked the best free and paid online cybersecurity courses for working professionals looking to advance their careers and for newbies breaking into the field. Continue Reading
-
Feature
13 Dec 2022
After the CISO role: Navigating what comes next
Former chief information security officers may have numerous career options available but no clear path forward. Here's how to navigate life after the CISO role. Continue Reading
-
Tip
12 Dec 2022
As a new CISO, the first 100 days on the job are critical
As a chief information security officer, you won't get a second chance to make a first impression. Learn how a CISO's first 100 days lay the foundation for a successful tenure. Continue Reading
-
Feature
07 Dec 2022
Understanding malware analysis and its challenges
Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
-
Feature
07 Dec 2022
Why is malware analysis important?
Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
-
Tutorial
06 Dec 2022
How to use the Hydra password-cracking tool
Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video. Continue Reading
-
Tip
01 Dec 2022
Top 5 key ethical hacker skills
Ethical hacking can be a rewarding career, but it requires tenacity, curiosity and creativity, among other traits. Oh, and you better be a good writer, too. Continue Reading
-
Feature
29 Nov 2022
How to maintain security with an understaffed security team
Unsurprisingly, many companies function without a complete security team. Security tasks often fall to others in the organization. Here's some advice for stand-in security members. Continue Reading
-
Tip
16 Nov 2022
Reality check: CISO compensation packages run the gamut
A capable security executive is invaluable -- a fact organizations increasingly recognize. CISOs' salaries are generally trending up, but the range in compensation is wide. Continue Reading
-
Tip
10 Nov 2022
5 essential programming languages for cybersecurity pros
Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals. Continue Reading
-
Answer
08 Nov 2022
3 best professional certifications for CISOs and aspiring CISOs
While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs. Continue Reading
-
News
01 Nov 2022
Cisco Networking Academy offers rookie cybersecurity classes
Cisco's cybersecurity track equips students for entry-level positions, including cybersecurity technician, junior cybersecurity analyst, and tier 1 help desk support role. Continue Reading
-
Tip
01 Nov 2022
Ideal CISO reporting structure is to high-level business leaders
CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
-
Feature
28 Oct 2022
Equipment to include in a computer forensic toolkit
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit. Continue Reading
-
Feature
28 Oct 2022
Advice for beginner computer forensic investigators
For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence. Continue Reading
-
Feature
19 Oct 2022
Top 10 pen testing interview questions with answers
Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
-
Feature
19 Oct 2022
Top IT security manager interview questions
Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
-
Feature
05 Oct 2022
Top zero-trust certifications and training courses
Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
-
Tip
27 Sep 2022
How to get into cybersecurity with no experience
Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door. Continue Reading
-
Guest Post
26 Sep 2022
Tips for developing cybersecurity leadership talent
Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
-
Tip
20 Sep 2022
Cybersecurity career path: 5-step guide to success
Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity. Continue Reading
-
Tip
13 Sep 2022
How to become a CISO
The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job. Continue Reading
-
Quiz
09 Sep 2022
Sample CompTIA CASP+ practice questions with answers
Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
-
Feature
09 Sep 2022
How to prepare for the CompTIA CASP+ exam
Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
-
Tip
07 Sep 2022
7 CISO succession planning best practices
Nothing is certain except death, taxes and CISO turnover. Learn how to prepare for the inevitable and future-proof your security program with a succession plan. Continue Reading
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
-
Tip
19 Aug 2022
Top 10 cybersecurity interview questions and answers
Interviewing for a job in cybersecurity? Memorizing 100-plus security definitions won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them. Continue Reading
-
News
18 Aug 2022
Shunned researcher Hadnagy sues DEF CON over ban
Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations. Continue Reading
-
Tip
15 Aug 2022
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
-
Guest Post
26 Jul 2022
3 ways to help cybersecurity pros avoid burnout
Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
-
News
20 Jul 2022
DOJ report warns of escalating cybercrime, 'blended' threats
The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading
-
Feature
05 Jul 2022
How to write a cybersecurity job posting
Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading
-
Feature
05 Jul 2022
A 'CISO evolution' means connecting business value to security
As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
-
Feature
05 Jul 2022
How to find your niche in cybersecurity
It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading
-
Tip
28 Jun 2022
Negotiating a golden parachute clause in a CISO contract
If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
-
News
20 Jun 2022
Cleveland BSides takes heat for Chris Hadnagy appearance
The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct. Continue Reading
-
News
17 May 2022
North Korean IT workers targeting US enterprises
North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
-
Feature
22 Apr 2022
Unethical vulnerability disclosures 'a disgrace to our field'
The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
-
Tip
07 Mar 2022
Top DevSecOps certifications and trainings
Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
-
Feature
28 Feb 2022
Tips for creating a cybersecurity resume
Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
-
Feature
28 Feb 2022
How to manage imposter syndrome in cybersecurity
The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
-
News
10 Feb 2022
DEF CON bans social engineering expert Chris Hadnagy
Hadnagy, an influential figure at the DEF CON security conference, was permanently banned following allegations of misconduct at the annual Las Vegas gathering. Continue Reading
-
Feature
02 Feb 2022
A day in the life of a cybersecurity manager
The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
-
Feature
02 Feb 2022
Top cybersecurity leadership challenges and how to solve them
Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
-
Feature
25 Jan 2022
What does an IT security manager do?
IT security managers need to have a passion for learning and critical-thinking skills, as well as understand intrusion prevention and detection. Continue Reading
-
Feature
29 Dec 2021
Editor's picks: Top cybersecurity articles of 2021
As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
-
Feature
29 Nov 2021
The components and objectives of privacy engineering
Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives. Continue Reading
-
Feature
29 Nov 2021
The intersection of privacy by design and privacy engineering
Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how. Continue Reading
-
Guest Post
16 Nov 2021
How to create security metrics business leaders care about
Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
-
Feature
26 Oct 2021
5 cybersecurity personality traits for a successful career
In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
-
Feature
26 Oct 2021
How to start a career in cybersecurity from the human side
Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
-
Quiz
30 Sep 2021
10 CIPP/US practice questions to test your privacy knowledge
Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
-
Feature
30 Sep 2021
How to prepare for the CIPP/US exam
The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
-
Guest Post
15 Sep 2021
CompTIA SYO-601 exam pivots to secure bigger attack surface
The latest CompTIA Security+ exam, SYO-601, tests skills and knowledge for dealing with an expanded attack surface and the latest forms of assault on cybersecurity defenses. Continue Reading
-
News
25 Aug 2021
HackerOne launches AWS certification paths, pen testing service
A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification. Continue Reading
-
Feature
12 Aug 2021
How privacy engineers promote innovation and trust
Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust. Continue Reading
-
Quiz
04 Aug 2021
Sample CompTIA CySA+ test questions with answers
Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
-
Feature
04 Aug 2021
How to prepare for the CompTIA CySA+ exam
The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
-
Tip
19 Jul 2021
Comparing top identity and access management certifications
In addition to learning security fundamentals applicable to identity and access management, the top IAM certifications can yield rewarding career and networking opportunities. Continue Reading
-
Feature
30 Jun 2021
What is the BISO role and is it necessary?
Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units. Continue Reading
-
Guest Post
15 Apr 2021
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
-
Quiz
14 Apr 2021
Sample CCISO exam questions on security project management
This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions. Continue Reading
-
Feature
14 Apr 2021
CCISO exam guide authors discuss the changing CISO role
Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape. Continue Reading
-
Feature
12 Apr 2021
Advice on how to prepare for the CompTIA Security+ exam
The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more. Continue Reading
-
Quiz
12 Apr 2021
Sample CompTIA Security+ exam questions and answers
The CompTIA Security+ exam covers a wide swath of topics, from threats to compliance to architecture. Test what you know about malware with these sample test questions. Continue Reading
-
Guest Post
26 Feb 2021
6 ways to prevent cybersecurity burnout
Consider investing in training for new employees, offering mentoring and setting goals, automating where possible and more to help prevent cybersecurity burnout. Continue Reading
-
Feature
29 Jan 2021
The case for applying psychology in cybersecurity training
Chartered psychologist Rebecca McKeown describes how psychology in cybersecurity can improve incident response and makes the case for a research-based approach to training. Continue Reading
-
Quiz
30 Dec 2020
Review 6 phases of incident response for GCIH exam prep
'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' takes a deep dive into the six phases of incident response to help security pros with GCIH exam prep and certification. Continue Reading
-
Feature
30 Dec 2020
Preparing for GIAC Certified Incident Handler certification
The author of 'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' shares advice on how to prepare for the exam and why an incident response career can be so rewarding. Continue Reading
-
Guest Post
18 Dec 2020
How to address the skills gap of security and IT personnel
In part two of Jonathan Meyers' look at the skills gap challenge companies face in cybersecurity, he offers recommendations to consider when ensuring your teams have the skills needed. Continue Reading
-
Feature
24 Nov 2020
Compare 5 SecOps certifications and training courses
Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat monitoring and incident response. Continue Reading
-
Tip
24 Sep 2020
Cybersecurity team structure stronger with 3 new roles
Having the right cybersecurity team in place can help reduce how long it takes to control threats. Consider adding cloud security, third-party risk and digital ethics specialists. Continue Reading
-
Feature
22 Sep 2020
Inclusive job descriptions key for infosec hiring
When seeking candidates for infosec job roles, it helps to think outside the box. Inclusive job descriptions and cutting back on unnecessary requirements are good places to start. Continue Reading
-
Guest Post
09 Sep 2020
Best practices for ethically teaching cybersecurity skills
Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry. Continue Reading
-
Quiz
20 Aug 2020
CISSP practice exam questions and answers
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill. Continue Reading
-
Feature
03 Aug 2020
Which type of CISO are you? Company fit matters
Incompatibility between CISOs and their companies can lead to stress, frustration, burnout and rapid turnover. Identify your CISO style to target the ideal role and environment for you. Continue Reading
-
Opinion
03 Aug 2020
Develop internal cybersecurity talent to build your dream team
Cybersecurity duties have changed, with cloud and coding being essential knowledge now. But CISOs can still build their dream cybersecurity team through internal talent development. Continue Reading
- 03 Aug 2020
-
Feature
22 Jul 2020
Minorities in cybersecurity face unique and lasting barriers
IT is facing renewed scrutiny into its lack of diversity. Explore the unique barriers minorities in cybersecurity face and why hiring approaches are ill equipped to address them. Continue Reading
-
Tip
07 Jul 2020
Navigate the DOD's Cybersecurity Maturity Model Certification
The Cybersecurity Maturity Model Certification requires DOD contractors to achieve baseline security standards. Explore the five levels of certification and how to achieve them. Continue Reading
-
Feature
07 Jul 2020
Why COVID-19 won't stop cybersecurity jobs and recruitment
The economy is struggling, and many careers are taking hits, but cybersecurity jobs and careers will likely stay in demand as companies need to keep data and customers safe. Continue Reading
-
Feature
16 Jun 2020
Invest in new security talent with cybersecurity mentorships
Cybersecurity mentorships provide a great opportunity for those just entering the industry who want a successful start. Having the right guidance is a must. Continue Reading
-
Feature
01 May 2020
CISO stress and burnout cause high churn rate
The nature of the CISO role can take a toll, say industry vets, with frustration and stress contributing to high turnover rates and burnout. Learn how to make it work. Continue Reading