Careers and certifications

Security admins, pen testers and CISOs are a few of many potential cybersecurity careers. Get advice on making a career choice and finding the trainings and certifications -- such as Security+, CISSP and CCSK -- needed to land an infosec job, along with guidance on succeeding in a security profession.

Top Stories

Feature 15 Mar 2024
7 cybersecurity conferences to attend in 2024

Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way to learn about these trends for the best defense. Continue Reading
Tip 31 Jan 2024
Cybersecurity career path: 5-step guide to success

Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity. Continue Reading

Definition 22 Feb 2024

cybersecurity

Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats. Continue Reading
Tip 31 Jan 2024

Cybersecurity career path: 5-step guide to success

Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity. Continue Reading
Tip 31 Jan 2024

10 must-have cybersecurity skills for career success in 2024

Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand. Continue Reading
Tip 29 Jan 2024

Top 4 incident response certifications to consider in 2024

Cybersecurity professionals pursuing an incident response track should consider the following certifications to bolster their knowledge and advance their career. Continue Reading
Tip 29 Jan 2024

Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
Feature 26 Jan 2024

The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Tip 22 Jan 2024

5 essential programming languages for cybersecurity pros

Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals. Continue Reading
Tip 10 Jan 2024

10 cybersecurity certifications to boost your career in 2024

A consensus of industry professionals rank these 10 security certifications as the most coveted by employers and security pros -- plus links to 10 vendor security certifications. Continue Reading
Feature 08 Jan 2024

How to become an incident responder: Requirements and more

Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
Feature 05 Jan 2024

Top 8 in-demand cybersecurity jobs for 2024 and beyond

Cybersecurity is a challenging career path, filled with professional opportunities. Learn about the top cybersecurity jobs and the training and background they require. Continue Reading
Tip 04 Jan 2024

Top 12 online cybersecurity courses for 2024

Our panel of experts picked the best free and paid online cybersecurity courses for working professionals looking to advance their careers and for newbies breaking into the field. Continue Reading
Tip 02 Jan 2024

The 10 best cloud security certifications for IT pros in 2024

Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
Definition 19 Dec 2023

CISO (chief information security officer)

The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats. Continue Reading
Definition 14 Dec 2023

massive open online course (MOOC)

A massive open online course (MOOC) is a typically free web-based distance learning program that's designed for large numbers of geographically dispersed students. Continue Reading
Opinion 31 Oct 2023

How to overcome the beginner cybersecurity career Catch-22

The workforce gap constantly makes headlines, but that doesn't mean breaking into the field is easy. Get advice on how to start on an entry-level cybersecurity career path. Continue Reading
Feature 30 Oct 2023

What does an IT security manager do?

IT security managers need to have a passion for learning and critical thinking skills, as well as understand intrusion prevention and detection. Continue Reading
Definition 06 Oct 2023

CSSLP (Certified Secure Software Lifecycle Professional)

CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC). Continue Reading
Tip 29 Sep 2023

How to land a corporate board seat as a CISO

Any CISO who aspires to a corporate board seat needs a strategic approach. Learn how security executives can position themselves to become top-level decision-makers. Continue Reading
Feature 18 Jul 2023

IT hiring picks up amid ongoing economic concerns

TechTarget's 2023 salary and careers survey shows most organizations are hiring for selected IT skills, making progress on DEI initiatives and offering workplace flexibility. Continue Reading
Definition 01 Jun 2023

NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers. Continue Reading
Feature 23 May 2023

How to become a bug bounty hunter: Getting started

Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter. Continue Reading
News 10 May 2023

CISOs face mounting pressures, expectations post-pandemic

Proofpoint's 2023 Voice of the CISO report shows deep concern among executives about impending data loss and exposure from negligent -- and malicious -- employees. Continue Reading
Definition 09 May 2023

Certified Cloud Security Professional (CCSP)

Certified Cloud Security Professional (CCSP) is an International Information System Security Certification Consortium, or (ISC)2, certification that covers cloud-based cybersecurity best practices. Continue Reading
Feature 08 May 2023

7 ways to mitigate CISO liability and risk

Recent civil and criminal cases have brought CISO liability questions to the fore. Learn how to understand and manage personal risk exposure as a security executive. Continue Reading
Definition 14 Apr 2023

International Information Systems Security Certification Consortium (ISC)2

(ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates. Continue Reading
Tutorial 13 Apr 2023

How to use the John the Ripper password cracker

Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
Opinion 11 Apr 2023

10 hot topics to look for at RSA Conference 2023

RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading
Feature 11 Apr 2023

Practice Microsoft SC-100 exam questions with answers

Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam. Continue Reading
Feature 11 Apr 2023

How to prepare for the Microsoft Cybersecurity Architect exam

Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more. Continue Reading
Feature 11 Apr 2023

How to use Azure AD Connect synchronization for hybrid IAM

Organizations face many challenges authenticating and authorizing users in hybrid infrastructures. One way to handle hybrid IAM is with Microsoft Azure AD Connect for synchronization. Continue Reading
Tip 13 Mar 2023

Is cybersecurity recession-proof?

No field is totally immune to economic downturns, but flexible, practical and prepared cybersecurity professionals should be able to weather any upcoming storms. Continue Reading
Tip 30 Jan 2023

5 ethical hacker certifications to consider

From Offensive Security Certified Professional to GIAC Web Application Penetration Tester, learn about the certifications worth earning to begin your ethical hacker career. Continue Reading
Tip 23 Jan 2023

8 cybersecurity roles to consider

Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required. Continue Reading
News 16 Jan 2023

Judge dismisses Chris Hadnagy lawsuit against DEF CON

DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
Definition 29 Dec 2022

Certified Information Systems Security Professional (CISSP)

Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². Continue Reading
Feature 13 Dec 2022

After the CISO role: Navigating what comes next

Former chief information security officers may have numerous career options available but no clear path forward. Here's how to navigate life after the CISO role. Continue Reading
Tip 12 Dec 2022

As a new CISO, the first 100 days on the job are critical

As a chief information security officer, you won't get a second chance to make a first impression. Learn how a CISO's first 100 days lay the foundation for a successful tenure. Continue Reading
Feature 07 Dec 2022

Understanding malware analysis and its challenges

Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
Feature 07 Dec 2022

Why is malware analysis important?

Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
Tutorial 06 Dec 2022

How to use the Hydra password-cracking tool

Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video. Continue Reading
Tip 01 Dec 2022

Top 5 key ethical hacker skills

Ethical hacking can be a rewarding career, but it requires tenacity, curiosity and creativity, among other traits. Oh, and you better be a good writer, too. Continue Reading
Feature 29 Nov 2022

How to maintain security with an understaffed security team

Unsurprisingly, many companies function without a complete security team. Security tasks often fall to others in the organization. Here's some advice for stand-in security members. Continue Reading
Definition 28 Nov 2022

Common Body of Knowledge (CBK)

In security, the Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. Continue Reading
Tip 16 Nov 2022

Reality check: CISO compensation packages run the gamut

A capable security executive is invaluable -- a fact organizations increasingly recognize. CISOs' salaries are generally trending up, but the range in compensation is wide. Continue Reading
Answer 08 Nov 2022

3 best professional certifications for CISOs and aspiring CISOs

While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs. Continue Reading
News 01 Nov 2022

Cisco Networking Academy offers rookie cybersecurity classes

Cisco's cybersecurity track equips students for entry-level positions, including cybersecurity technician, junior cybersecurity analyst, and tier 1 help desk support role. Continue Reading
Tip 01 Nov 2022

Ideal CISO reporting structure is to high-level business leaders

CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
Feature 28 Oct 2022

Equipment to include in a computer forensic toolkit

Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit. Continue Reading
Feature 28 Oct 2022

Advice for beginner computer forensic investigators

For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence. Continue Reading
Feature 19 Oct 2022

Top 10 pen testing interview questions with answers

Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
Feature 19 Oct 2022

Top IT security manager interview questions

Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
Feature 05 Oct 2022

Top zero-trust certifications and training courses

Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
Definition 04 Oct 2022

STEM (science, technology, engineering, and mathematics)

STEM is an educational approach that prepares primary and secondary students for college, graduate study and careers in the fields of science, technology, engineering and mathematics (STEM). Continue Reading
Tip 27 Sep 2022

How to get into cybersecurity with no experience

Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door. Continue Reading
Guest Post 26 Sep 2022

Tips for developing cybersecurity leadership talent

Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
Tip 13 Sep 2022

How to become a CISO

The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job. Continue Reading
Quiz 09 Sep 2022

Sample CompTIA CASP+ practice questions with answers

Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
Feature 09 Sep 2022

How to prepare for the CompTIA CASP+ exam

Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
Tip 07 Sep 2022

7 CISO succession planning best practices

Nothing is certain except death, taxes and CISO turnover. Learn how to prepare for the inevitable and future-proof your security program with a succession plan. Continue Reading
Tip 01 Sep 2022

Cybersecurity budget breakdown and best practices

Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
Tip 19 Aug 2022

Top 10 cybersecurity interview questions and answers

Interviewing for a job in cybersecurity? Memorizing security terms won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them. Continue Reading
News 18 Aug 2022

Shunned researcher Hadnagy sues DEF CON over ban

Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations. Continue Reading
Guest Post 26 Jul 2022

3 ways to help cybersecurity pros avoid burnout

Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
News 20 Jul 2022

DOJ report warns of escalating cybercrime, 'blended' threats

The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading
Feature 05 Jul 2022

How to write a cybersecurity job posting

Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading
Feature 05 Jul 2022

A 'CISO evolution' means connecting business value to security

As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
Feature 05 Jul 2022

How to find your niche in cybersecurity

It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading
Tip 28 Jun 2022

Negotiating a golden parachute clause in a CISO contract

If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
News 20 Jun 2022

Cleveland BSides takes heat for Chris Hadnagy appearance

The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct. Continue Reading
News 17 May 2022

North Korean IT workers targeting US enterprises

North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
Feature 22 Apr 2022

Unethical vulnerability disclosures 'a disgrace to our field'

The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
Tip 07 Mar 2022

Top DevSecOps certifications and trainings

Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
Feature 28 Feb 2022

Tips for creating a cybersecurity resume

Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
Feature 28 Feb 2022

How to manage imposter syndrome in cybersecurity

The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
Definition 16 Feb 2022

security clearance

A security clearance is an authorization that allows access to information that would otherwise be forbidden. Continue Reading
News 10 Feb 2022

DEF CON bans social engineering expert Chris Hadnagy

Hadnagy, an influential figure at the DEF CON security conference, was permanently banned following allegations of misconduct at the annual Las Vegas gathering. Continue Reading
Feature 02 Feb 2022

A day in the life of a cybersecurity manager

The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
Feature 02 Feb 2022

Top cybersecurity leadership challenges and how to solve them

Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
Feature 29 Dec 2021

Editor's picks: Top cybersecurity articles of 2021

As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
Feature 29 Nov 2021

The components and objectives of privacy engineering

Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives. Continue Reading
Feature 29 Nov 2021

The intersection of privacy by design and privacy engineering

Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how. Continue Reading
Guest Post 16 Nov 2021

How to create security metrics business leaders care about

Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
Feature 26 Oct 2021

5 cybersecurity personality traits for a successful career

In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
Feature 26 Oct 2021

How to start a career in cybersecurity from the human side

Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
Definition 05 Oct 2021

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) is a certification and globally recognized standard for appraising an IT auditor's knowledge, expertise and skill in assessing vulnerabilities and instituting IT controls in an enterprise environment. Continue Reading
Quiz 30 Sep 2021

10 CIPP/US practice questions to test your privacy knowledge

Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
Feature 30 Sep 2021

How to prepare for the CIPP/US exam

The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
Guest Post 15 Sep 2021

CompTIA SYO-601 exam pivots to secure bigger attack surface

The latest CompTIA Security+ exam, SYO-601, tests skills and knowledge for dealing with an expanded attack surface and the latest forms of assault on cybersecurity defenses. Continue Reading
News 25 Aug 2021

HackerOne launches AWS certification paths, pen testing service

A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification. Continue Reading
Feature 12 Aug 2021

How privacy engineers promote innovation and trust

Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust. Continue Reading
Quiz 04 Aug 2021

Sample CompTIA CySA+ test questions with answers

Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
Feature 04 Aug 2021

How to prepare for the CompTIA CySA+ exam

The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
Tip 19 Jul 2021

Comparing top identity and access management certifications

In addition to learning security fundamentals applicable to identity and access management, the top IAM certifications can yield rewarding career and networking opportunities. Continue Reading
Feature 30 Jun 2021

What is the BISO role and is it necessary?

Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units. Continue Reading
Guest Post 15 Apr 2021

5 cybersecurity testing areas CISOs need to address

With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
Quiz 14 Apr 2021

Sample CCISO exam questions on security project management

This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions. Continue Reading
Feature 14 Apr 2021

CCISO exam guide authors discuss the changing CISO role

Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape. Continue Reading
Feature 12 Apr 2021

Advice on how to prepare for the CompTIA Security+ exam

The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more. Continue Reading
Quiz 12 Apr 2021

Sample CompTIA Security+ exam questions and answers

The CompTIA Security+ exam covers a wide swath of topics, from threats to compliance to architecture. Test what you know about malware with these sample test questions. Continue Reading
Guest Post 26 Feb 2021

6 ways to prevent cybersecurity burnout

Consider investing in training for new employees, offering mentoring and setting goals, automating where possible and more to help prevent cybersecurity burnout. Continue Reading