4 answers
2
Questions
Asked
248 views
What certifications or other educational materials can I get for my career in Cybersecurity?
I am majoring Computer Information Systems - Cybersecurity track in Baruch College/CUNY in NYC. I want to know what other things besides college I can learn to expand my knowledge.
Login to comment
4 answers
Updated
Adit’s Answer
Boosting your cybersecurity career while studying Computer Information Systems at Baruch College, with a special focus on cybersecurity, can be an exciting journey. You can enrich your learning by diving into various certifications and educational resources that go hand in hand with your coursework. Here are some friendly suggestions:
Certifications
CompTIA Security+: Perfect for beginners, this certification covers the basics of cybersecurity, risk management, and compliance. It's a fantastic way to showcase your skills and knowledge to future employers.
Certified Ethical Hacker (CEH): Brought to you by the EC-Council, this certification delves into penetration testing and ethical hacking methods. It's ideal for those eager to learn about proactive security measures.
Cisco Certified CyberOps Associate: This certification imparts knowledge on cybersecurity operations and incident response, crucial for roles in security operations centers (SOCs).
Certified Information Systems Security Professional (CISSP): Although a bit more advanced, CISSP is widely acknowledged and covers a wide spectrum of cybersecurity topics. It's an excellent long-term objective as you gather experience in the field.
Certified Information Security Manager (CISM): Tailored for those eyeing management roles, this certification concentrates on managing and governing information security.
Online Courses and Educational Resources
Cybrary: Provides a variety of free and paid courses covering different cybersecurity topics. It's a wonderful platform to delve into areas that pique your interest.
Coursera and edX: Both platforms offer cybersecurity courses from respected universities and organizations. Keep an eye out for courses like "Introduction to Cybersecurity" or "Cybersecurity for Business."
YouTube Channels: Channels such as NetworkChuck, Professor Messer, and CyberMentor offer free tutorials and insights into a range of cybersecurity topics, tools, and techniques.
Books: Consider diving into books like “The Web Application Hacker's Handbook” and “Cybersecurity Essentials” to broaden your understanding of practical cybersecurity applications.
Practical Experience
Capture The Flag (CTF) Competitions: Get involved in CTF competitions (like those on platforms such as Hack The Box or TryHackMe) to put your skills to the test in a practical setting.
Internships: Seek out internships in cybersecurity firms or IT departments. Hands-on experience is priceless and will help you put your theoretical knowledge into action.
Networking: Become a member of cybersecurity groups and forums such as the Information Systems Security Association (ISSA) or local meetups to mingle with professionals in the field.
By embracing these certifications and resources, you'll be well-prepared to broaden your cybersecurity knowledge and boost your career opportunities. For additional information on certification paths and available resources, CyberSeek and ISC2 are worth checking out.
Certifications
CompTIA Security+: Perfect for beginners, this certification covers the basics of cybersecurity, risk management, and compliance. It's a fantastic way to showcase your skills and knowledge to future employers.
Certified Ethical Hacker (CEH): Brought to you by the EC-Council, this certification delves into penetration testing and ethical hacking methods. It's ideal for those eager to learn about proactive security measures.
Cisco Certified CyberOps Associate: This certification imparts knowledge on cybersecurity operations and incident response, crucial for roles in security operations centers (SOCs).
Certified Information Systems Security Professional (CISSP): Although a bit more advanced, CISSP is widely acknowledged and covers a wide spectrum of cybersecurity topics. It's an excellent long-term objective as you gather experience in the field.
Certified Information Security Manager (CISM): Tailored for those eyeing management roles, this certification concentrates on managing and governing information security.
Online Courses and Educational Resources
Cybrary: Provides a variety of free and paid courses covering different cybersecurity topics. It's a wonderful platform to delve into areas that pique your interest.
Coursera and edX: Both platforms offer cybersecurity courses from respected universities and organizations. Keep an eye out for courses like "Introduction to Cybersecurity" or "Cybersecurity for Business."
YouTube Channels: Channels such as NetworkChuck, Professor Messer, and CyberMentor offer free tutorials and insights into a range of cybersecurity topics, tools, and techniques.
Books: Consider diving into books like “The Web Application Hacker's Handbook” and “Cybersecurity Essentials” to broaden your understanding of practical cybersecurity applications.
Practical Experience
Capture The Flag (CTF) Competitions: Get involved in CTF competitions (like those on platforms such as Hack The Box or TryHackMe) to put your skills to the test in a practical setting.
Internships: Seek out internships in cybersecurity firms or IT departments. Hands-on experience is priceless and will help you put your theoretical knowledge into action.
Networking: Become a member of cybersecurity groups and forums such as the Information Systems Security Association (ISSA) or local meetups to mingle with professionals in the field.
By embracing these certifications and resources, you'll be well-prepared to broaden your cybersecurity knowledge and boost your career opportunities. For additional information on certification paths and available resources, CyberSeek and ISC2 are worth checking out.
Updated
Nick’s Answer
CompTIA's Sec+ would be a great starting point, and help you get past the HR filter when applying for your first job. CySA+ is another great one if you're interested in becoming a security analyst. CEH doesn't hold as much weight as it's mostly theory and not a lot of hands on. HackTheBox is another great platform that will give you hands-on experience and get certifications showing that you've demonstrated the knowledge that you learned.
SANS certifications hold the most weight in the industry due to the experience of the staff they have on hand, how frequently they update the material, the number of hands-on exercises in their courses, and how difficult the exams are. Normally these courses cost $6,000 - $9,000+ BUT you can apply for a work study or teacher's assistant program which will allow you to pay a significantly reduced cost ($1,000 - $2,000), assist an instructor during a course, get free course materials, and a free exam attempt! This is a great way to get an amazing education and a solid certification you can use to leverage your first job.
Finally, you can create a home lab using virtualization, old hardware, or cloud services with a security tool stack, vulnerable machines, and network monitoring tools. This will allow you to get hands-on experience and you can create a blog outlining the work that you've done and the things that you've learned and you can include this when applying to potential employers showing that you have the hands-on experience that most entry level candidates lack because they've only taken courses on theory and memorized answers to a test, without actually ever having any real world experience.
One last point - NETWORK! The old adage, "It isn't what you know, it's who you know" applies to the cybersecurity field. People are more willing to take chances on an entry level candidate with no experience if they know them, see how hungry they are, and would like working with them. Look up local meetups in your area such as 2600 or DEF<your area code>, as well as any conferences or conventions. Go frequently, get involved, meet people, build your network, and tell them how much you want to get into the field. Before you know it, people will be asking you to interview left and right! A nice bonus to this is you'll already know someone in the company when you first start who can help show you the ropes.
Always stay up to date on emerging threats! This field moves quickly so you'll need to never stop learning, or you'll get left behind fast.
Good luck!
SANS certifications hold the most weight in the industry due to the experience of the staff they have on hand, how frequently they update the material, the number of hands-on exercises in their courses, and how difficult the exams are. Normally these courses cost $6,000 - $9,000+ BUT you can apply for a work study or teacher's assistant program which will allow you to pay a significantly reduced cost ($1,000 - $2,000), assist an instructor during a course, get free course materials, and a free exam attempt! This is a great way to get an amazing education and a solid certification you can use to leverage your first job.
Finally, you can create a home lab using virtualization, old hardware, or cloud services with a security tool stack, vulnerable machines, and network monitoring tools. This will allow you to get hands-on experience and you can create a blog outlining the work that you've done and the things that you've learned and you can include this when applying to potential employers showing that you have the hands-on experience that most entry level candidates lack because they've only taken courses on theory and memorized answers to a test, without actually ever having any real world experience.
One last point - NETWORK! The old adage, "It isn't what you know, it's who you know" applies to the cybersecurity field. People are more willing to take chances on an entry level candidate with no experience if they know them, see how hungry they are, and would like working with them. Look up local meetups in your area such as 2600 or DEF<your area code>, as well as any conferences or conventions. Go frequently, get involved, meet people, build your network, and tell them how much you want to get into the field. Before you know it, people will be asking you to interview left and right! A nice bonus to this is you'll already know someone in the company when you first start who can help show you the ropes.
Always stay up to date on emerging threats! This field moves quickly so you'll need to never stop learning, or you'll get left behind fast.
Good luck!
Edmond Momartin ☁️
Public Cloud Security & Compliance AT&T | MBA InfoSec | OWASP-LA Board
75
Answers
Updated
Edmond’s Answer
One of the best ways to augment your knowledge is to get involved with non-profit organizations in the same field. Notable ones are OWASP, ISSA, ISC2, Cloud Security Alliance, ISACA, etc. Each specialize in a different area of cybersecurity but all have local chapters which hold free/low-cost monthly meetings.
There no shortage of cybersecurity themed conferences and events which are another great option. Most offer student discounts which you can take advantage of.
These also have the added benefit of offering networking opportunities that are as important to your career as the technical knowledge.
There no shortage of cybersecurity themed conferences and events which are another great option. Most offer student discounts which you can take advantage of.
These also have the added benefit of offering networking opportunities that are as important to your career as the technical knowledge.
Updated
Angel’s Answer
That’s an exciting field to be in! Besides your degree, consider pursuing certifications like CompTIA Security+, Certified Ethical Hacker (CEH), or Cisco's CCNA Cyber Ops. These can boost your resume and provide hands-on skills. Online platforms like Coursera, Udemy, and Cybrary offer courses on various cybersecurity topics. Additionally, engaging in Capture the Flag (CTF) competitions or joining cybersecurity clubs can provide practical experience. Networking through local meetups or conferences can also help you learn from professionals in the field. Keep exploring and building your skills—there's always something new in cybersecurity!