The Cybersecurity CommunityIn this article, we will explore communities and organizations within the cybersecurity field.
What we’ll be learning
The cybersecurity community is vast and offers abundant resources for professionals and job seekers to connect with one another, learn, take part in events, and even upskill. We will explore various types of resources within the cybersecurity field which can include professional organizations, peer groups, forums, events, and conferences. By familiarizing yourself with the cybersecurity community, you will discover new opportunities which can both help you get started and progress in your career. There are even more resources, outside of the ones on this list, so make sure to also explore on your own!
Websites, newsletters, and forums
In this section, we’ll discuss useful websites, newsletters, and forums for Cybersecurity professionals and enthusiasts. As a Cybersecurity professional, it’s important to stay up-to-date with the latest Security news and events.
Security Week provides cybersecurity news, featuring insights and analysis from leading experts in the field.
Key Areas of Focus: latest cybersecurity headlines and daily articles from experts in the field. It provides both technical and non-technical security content.
Intended Audience: cybersecurity, IT, risk, and compliance professionals at all levels.
Other Features: resources such as virtual cyber events, webcasts, and a CISO forum.
The Hacker News
The Hacker News is a cyber news platform with over 8 million monthly readers.
Key Areas of Focus: data breaches, cyberattacks, vulnerabilities, and malware.
Intended Audience: all types of cybersecurity professionals, security researchers, and technology enthusiasts.
Other Features: ebooks, courses, and training on various security topics.
Dark Reading is a cybersecurity news site and online community for security professionals
Key Areas of Focus: data breaches, cyberattacks, vulnerabilities, malware, insider threats, application and cloud security. There are ten different sections that cover a range of enterprise security topics.
Intended Audience: ranges from entry-level security professionals to CISOs.
Other Features: security whitepapers, reports, and content from leading cybersecurity vendors like Crowdstrike and Darktrace, and more!
Krebs on Security
Krebs on Security is a blog focused heavily on cybercrime and investigations. Brian Krebs, a former Washington Post reporter, is the author.
Key Areas of Focus: recurring themes include the latest threats, critical security updates, data breaches, and cyber investigations. It tends not to be as technical as some of the other popular security blogs and sites.
Intended Audience: security professionals at all levels.
Other Features: additional content and features are limited — it is mainly blog-oriented.
Cybernews covers wide-ranging cybersecurity content with more of a geopolitical focus.
Key Areas of Focus: nation-state threat actors, international cybercrime, major cyber news headlines.
Intended Audience: security researchers, cybercrime aficionados, international security enthusiasts.
Other Features: reviews of hardware and software providers, tools such as password generators and personal data leak checkers.
In this section, we’ll cover professional organizations for Cybersecurity professionals. It can be useful to join a professional organization because it offers abundant opportunities to network with peers, find out about the latest trends and developments in the industry, and explore different career pathways within the field!
The International Information Systems Security Certification Consortium, or (ISC)2, is an international association for cyber and information security professionals. They offer entry-level and advanced certifications such as the CISSP (Certified Information Security Systems Professional). With over 160,000 members, it is one of the leading cybersecurity organizations and provides great networking and learning opportunities.
The SANS Institute
The SANS Institute promotes cyber and information security thought leadership. It is a well-known resource for training, certifications, degree programs, and research. Its training and certification programs are widely recognized and accepted within the cybersecurity community. SANS newsletters are also a great way to stay abreast of current security news.
The Information Systems Audit and Control Association (ISACA) is a professional association focused on IT risk and governance. It serves 150,000 professionals in 188 countries, and its members hold positions within assurance, governance, risk, and information security. ISACA also provides regular research and resources on IT governance and risk topics. There are ten different certifications offered by ISACA, the most popular being CISA (Certified Information Systems Auditor) and CISM (Certified Information Security Manager).
The International Association of Privacy Professionals (IAPP) is considered the largest and most prominent organization for privacy professionals. Its CIPP certification is the global standard for understanding privacy laws and regulations. The IAPP also offers educational and professional development resources and holds annual conferences on data privacy and protection.
The Center for Internet Security (CIS) is a non-profit organization that promotes cybersecurity best practices and standards. It is more academically oriented than some of the other organizations mentioned in this article. Members include professionals from a wide range of backgrounds across the private sector, government, and research institutions.
Conferences & Events
Black Hat is one of the biggest security conferences in the world. It is mainly geared towards security researchers and ethical hackers. It brings together a diverse group of security professionals to discuss and present their latest threat and vulnerability findings. The conference features training sessions, networking, a big expo floor, and keynote speakers.
DEF CON is a premier hacking conference where you will find hackers, tech enthusiasts, gamers, students, journalists, and federal agents. DEF CON is a more technically oriented convention featuring speakers on computer software and architecture, hacking exploits, and hardware configurations. It features several real-time hacking competitions and red team exercises.
The RSA conference is prominent amongst cybersecurity professionals looking for access to the best experts in the industry. Speakers discuss current and future threats, and the latest technology in the industry is often showcased. RSA usually focuses on major security themes and features hundreds of exhibiting companies.
ISACA has an annual conference bringing together governance, IT audit, cyber, risk management, and privacy professionals. It features general and breakout sessions covering topics such as ransomware, security operations, blockchain, and cyber risk and regulatory changes. It is a great opportunity for networking with peers in different roles across the cybersecurity industry.
SANS Cyber Threat Intelligence Summit
At the SANS Cyber Threat Intelligence Summit , practitioners discuss case studies, lessons learned, new technologies, and innovative strategies to mitigate risk. The conference focuses heavily on cyber threats and tactics to defend against them. There are often workshops on career opportunities in the field and interactive discussions about how to hone one’s skills as a security analyst.
This article covered some of the more well-known educational resources, organizations, and events in the cybersecurity community. As you can see, there are many ways you can get involved in the cybersecurity field at any level. As you navigate your career path, be sure to explore any and all of the options here that best suit your particular skills and interests.