Could someone recommend foundation security training ideas for IT staff who is looking to train-up into a security operations analyst or engineer role. NIST CSF foundations? ISC2? CompTIA?

Security & GRC Security Operations Center (SOC)

17.1k views4 Upvotes4 Comments

Sort by:

Director in Finance (non-banking)6 years ago

Huge fan of SANS for security professionals, but for general entry level security or advanced awareness for non-InfoSec we recommend having folks work through CompTIA Security+. If they have trouble with the networking part we usually recommend Network_ as an optional precursor

Director Certifications in Education6 years ago

ISACA International has a CSX (Cyber Security) subscription program that is very good, but pricey (~$2500 for a year subscription). You work at your own pace in a lab environment.

CIO in Consumer Goods6 years ago

We have used a customised training program and that helped us to align with our organisation security strategy and on other hand it also prepared our employees to prepare for role they desired.

VPInternational Operations and IT and CIO in Education6 years ago

We use SANS and their curriculum https://www.sans.org/cyber-security-skills-roadmap/

Content you might like

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

We are considering a scanning solution for detecting Personal Information (PI) in our data assets, mainly AWS S3, DynamoDB, Salesforce, etc. We need the solution to detect PI, identify the type (e.g., infotype), and optionally map it to our own PI categories. We are currently considering BigID. Do you have experience with this tool or any other tools that can help us scan across different data platforms and technologies?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Are Web Application Firewalls (WAFs) as effective as they used to be?

Yes86%

No13%

Which of the following cyber-related initiatives are you planning to take as a direct result of the pandemic?

Increased training / awareness of cybersecurity across the full workforce13%

Increased cybersecurity investments / budgeting45%

Improved remote security operations30%

Real-time stress testing of systems6%

None at this time3%

Other (Comment below!)

View Results

Could someone recommend foundation security training ideas for IT staff who is looking to train-up into a security operations analyst or engineer role. NIST CSF foundations? ISC2? CompTIA?

Sort by:

Content you might like

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Are Web Application Firewalls (WAFs) as effective as they used to be?

Which of the following cyber-related initiatives are you planning to take as a direct result of the pandemic?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go