Useful Links

Student Security Operations Center (SOC) Program Foundations training!

This 3-hour training from Microsoft is designed to prepare upper high school and higher education students with the hands-on experience and practical knowledge needed to actively contribute to a Security Operations Center (SOC) at their school or institution.

Click here to begin your training

Info Credit: Ransford J. Annan

Oracle Training and Certification – Race to Certification 2025

Join the Race to Certification 2025, from July 1 to October 31, and accelerate your learning journey with free digital training and certifications in AI, Oracle Cloud Infrastructure, Multicloud, and Oracle Data Platform. Earn exclusive rewards and climb the ranks on the Leaderboard as you compete and learn.

Choose your training path and begin your journey!

US Cyber Challenge

Every year, the US Cyber Challenge conducts Cyber Quests – a free online competition where cybersecurity enthusiasts compete against thousands across the nation. Scores and rankings are publicized in real time over the course of several weeks during the competition. Top performers are then extended invites to official USCC Cyber Camps for a week-long training opportunities with some of the industry’s top instructors on new concepts and approaches to security. They also gain an opportunity to interact directly with C-suite executives, industry leaders and employers to explore career development.

Click here to find out more about the program.

Resource Credit: Paul Krzewinski

Microsoft Bug Bounty Program

Microsoft strongly believes close partnerships with the global security researcher community make customers more secure. Security researchers play an integral role in the ecosystem by discovering vulnerabilities missed in the software development process and sharing them under Coordinated Vulnerability Disclosure (CVD). Each year we partner together to better protect billions of customers worldwide.

Click here to check out the program.

Cybersecurity basics for non-security professionals

Knowing the fundamentals of cybersecurity is a first step toward protecting against cyberthreats. As a non-security professional, you can protect your data from cyberthreats and attacks by learning basic cybersecurity concepts and mitigation strategies.

Notably, the Security hub on Microsoft Learn provides technical guidance and resources for planning and implementing modern cybersecurity strategies, processes, and technologies for non-cybersecurity professionals. Ultimately, you can find resources and foundational training materials to build basic cybersecurity skills which will help you tackle various security challenges.

EDUCATING FUTURE INFORMATION SECURITY PROFESSION

ISC2 and its Center for Cyber Safety and Education are deeply committed to encouraging and supporting students pursuing a degree with a focus on cybersecurity, information assurance, or similar field. The scholarships, sponsored by ISC2, support students globally. Efforts like these can put students on a pathway to long term career success in a rewarding and critically-important field.

The scholarships are part of an effort to bridge the cybersecurity workforce gap—which stands at 3.4 million needed professionals—by providing future cybersecurity professionals across the globe with scholarships to prepare them for a rewarding career in this important field.

To access the scholarship application portal, visit the Center for Cyber Safety and Education website.

There are around 200 useful operations in CyberChef for anyone working on anything vaguely Internet-related, whether you just want to convert a timestamp to a different format, decompress gzipped data, create a SHA3 hash, or parse an X.509 certificate to find out who issued it.

To access this free resource, visit the CyberChef website. To learn how to use it, read the Tool Guide.

Resource Credit: Paul Krzewinski

Implementing ISO 27001:2022 for Startups and SMEs

Hannah Suarez, SSCP, takes us through the experience of implementing the substantially revised ISO 27001:2022 and upgrading from the 2013 version of the framework.

It’s been more than a year since the ISO 27001:2022 standards were released, replacing the 2013 version and including new and updated texts related to Cloud Security, Digital Trust and Cybersecurity Leadership. For startups and SMEs, these updates pose challenges around retrofitting their existing workforce to tackle the new standards – be it upgrading or implementing an ISMS (Information Security Management System). For organizations beholden to regulatory rules, the focus on third party and supply chain assessments will enable them to focus on securing business growth via the ISO 27001 certification process.

I’m writing this article fresh from finishing an ISO 27001:2022 implementation for a startup. I implemented their ISMS according to the previous standard, and now I want to share with the ISC2 community what it’s like to upgrade.

To access this free resource, visit the ISC2 website here

Free Tools for Cloud Environments

Free Tools for Cloud Environments provides network defenders and incident response/analysts open-source tools, methods, and guidance for identifying, mitigating, and detecting cyber threats, known vulnerabilities, and anomalies while operating a cloud or hybrid environment.

To access this free resource, visit the cisa.gov website here

The Business Case for Security

Amid competing financial priorities, investments in physical and cybersecurity measures are crucial for operational continuity and employee safety. This resource provides data and considerations for senior leaders as they prioritize budget items.