As we work to help aspiring cybersecurity professionals master the fundamentals and gain practical experience in the field through our online cybersecurity bootcamp, we’ve come across a trove of helpful free cybersecurity resources that will supplement your learning and keep you up to date on the latest industry trends, topics, and headwinds.
From blogs and webinars to easily accessible training courses and ebooks, keeping yourself well-versed on cybersecurity topics has never been easier. This list of free cybersecurity resources, courses, and other tools will help both newcomers and professionals stay informed, sharp, and secure.
And they won’t put a strain on your wallet.
Free Cybersecurity Resources and Courses
Launched in 2015, Cybrary aims to “provide the opportunity to learn Cyber Security, to anyone, anywhere, who wants that opportunity.” The result? A plethora of free cybersecurity courses and resources on all topics related to the field. The crowdsourced security and IT learning platform boasts two million users, providing a toolkit of resources like free practice tests, practice labs, and assessments to help you achieve your professional goals.
Whether you classify your information security experience as beginner, intermediate or expert, Cybrary will have courses and training tailored to your skill set. There are more than 150 courses in the catalog, including classes on cryptography, secure coding, advanced penetration testing, virtualization management, and more.
Will you soon start studying for a specific cybersecurity certification? If so, you may want to explore TechExams.net’s free certification preparation community. Members of this active online community have probably completed that same tech certification successfully; they can provide you with insightful perspective on the process and point you to new resources that weren’t already on your list.
In addition to test and certification prep, the community’s threads encompass topics like job searches and professional development, as well as timely tech-related news events. Pose a question in one of their forums and a user will likely answer quickly.
It’s no surprise that the U.S. Department of Homeland Security’s website offers an abundance of content and information on security. But perhaps a lesser-known fact about the site is that it also features free cybersecurity courses and training materials to those who want to broaden their knowledge of the security of industrial control systems.
You can access 11 courses that cover subjects from operational security for control systems to current trends in cybersecurity vulnerabilities that put industrial control systems at risk. And if you’re seeking an in-person experience, the agency also periodically offers instructor-led courses.
Developed by the SANS Institute, this free course aims to help alleviate the shortage of cybersecurity professionals by introducing students and professionals to the field. It is designed to provide novices with many of the core security principles needed to kick off a cybersecurity career.
Free Cybersecurity Books and White Papers
If learning about security issues from a book is more your style, then you should check out O’Reilly Media’s robust offering of free ebooks. The media company has an impressive roster of complimentary titles on cybersecurity, touching on topics like data lakes, the darknet, DevOps security and more. Note: accessing these e-books may require you to sign up for a free trial.
While white papers are often crafted with the intention to sway the reader’s opinion, they also can be filled with sound information and illuminating data. And for cybersecurity professionals, the Center for Internet Security’s website is a strong source of related white papers. The nonprofit—whose mission is to “identify, develop, validate, promote, and sustain best practice solutions for cyber defense”—also features other educational tools, webinars, and videos for those interested in keeping their organizations secure.
Although CompTIA is probably best known for its role in issuing IT certifications, the nonprofit trade organization is also a good resource for white papers, guides, and research on technology. The website has various cybersecurity-specific research materials that are worth a read. And after perusing those titles, you’ll likely want to check out the website’s other free tools and content.
Free Cybersecurity Videos and Webinars
TED Talks are known for their compelling delivery, informative nature, and 18-minute time limits. They’re also completely free to watch. Platforms like YouTube and the TED website host dozens of TED and TEDx speeches on cybersecurity. In this Springboard blog post, we rounded up 12 compelling TED and TEDx Talks that will appeal to professionals and those who are just curious about cybersecurity.
We don’t all have the credentials to earn a degree from the elite California university, but that doesn’t mean the school’s educational resources are out of reach. As part of its professional certificate program in advanced computer security, Stanford offers free cybersecurity webinars and a video talk series featuring some of the university’s computer security experts. The school also has a deep bench of free videos on computer science and security on its YouTube channel.
Hear from thousands of thought leaders and experts by tuning in to BrightTALK’s comprehensive stream of cybersecurity-related webinars. Thousands of videos are available in the IT security stream, which is constantly being updated. Especially useful for professionals who are further along in their cybersecurity careers, BrightTALK’s also includes options for non-English speakers.
Cybersecurity solution provider BeyondTrust provides a variety of products to help companies protect themselves against cyber threats. And it offers a wide breadth of educational resources like webinars, white papers, data sheets, and case studies. The firm’s webinars examine best practices, expert tips for closing security gaps, and other applicable concepts that help organizations guard against attacks.
On our blog, we’re continually breaking down topics on cybersecurity and sharing free information that professionals can use to advance their careers or break into the field. Whether it’s advice about which programming languages to learn or pointers on creating a cybersecurity resume, the blog is frequently updated with new tips and articles to keep you informed.
Schneier on Security consistently rates as one of the top cybersecurity personal websites in the blogosphere—and for good reason. Security expert Bruce Schneier is the author and is renowned in his field. He’s currently the chief technology officer at IBM Resilient, a fellow at Harvard University’s Berkman Center, and is constantly contributing to and quoted in media outlets.
On Schneier on Security, there are daily updates providing timely and insightful commentary on news articles. If you’re too busy to check Schneier’s blog regularly, you can subscribe to his monthly “Crypto-Gram” email newsletter, which provides a rundown of all the posts he’s published in the previous month.
Another consistently lauded cybersecurity blog, this one comes from Brian Krebs, who worked as a reporter for The Washington Post from 1995 to 2009 and authored more than 1,300 posts for the Security Fix blog. His interest in the topic grew after his home network was attacked in 2001. On his influential blog, recurring themes include online crime investigations, data breaches, and cyber justice.
Consume cybersecurity-related content anytime, anywhere by plugging in this podcast when you’re on the go. Launched in 2007, Risky Business stands out for its focus on current industry news and interesting guest interviews. (Bob Lord, the chief security officer of the Democratic National Committee, was interviewed on the podcast earlier this summer.) Hosted by journalist Patrick Gray, this podcast runs about 60 minutes and is an entertaining way for security professionals to stay on top of the latest news.
One of the longest-running cybersecurity podcasts, Security Weekly has been connecting the information security community since 2005. The main host is Paul Asadoorian, but he’s joined by a handful of others for news discussions, technical segments, and interviews. Each podcast is supplemented with detailed notes. And they’re broadcast live on YouTube and Facebook.
Available in audio and video formats, Security Now is a weekly podcast hosted by TWiT Netcast Network founder Leo Laporte and Steve Gibson, who created the first anti-spyware program (and is credited with coining the word spyware). The show runs about two hours and focuses on helping the audience ramp up their personal security, with topics like password security, firewalls, and VPNs.
If two-hour podcasts aren’t for you, check out the bite-sized daily updates from the SANS Internet Storm Center. These “StormCasts” distill the most important network security news of the day into five minutes or so, ideal for commuters.
Host Timothy De Block began his IT career as an electronics technician in the U.S. Navy. After leaving the military, he discovered an interest in security, eventually becoming an information security officer for a South Carolina state agency. On his weekly show, he shares his expertise and talks to infosec industry leaders about the latest news and trends.
Free Cybersecurity Tools and Other Content
A favorite of Springboard mentor Leonard Simon, this all-in-one cheat sheet from the firm DNS Made Easy is a perfect resource to bookmark. If you’re a network administrator or a professional studying for an exam that’s heavy on IP subnetting, be sure to keep this tool on hand.
Both budding and seasoned IT professionals should refer to this roadmap for guidance on how they can effectively climb the ladder and advance their careers. This infographic from CompTIA breaks down what certificates tech professionals, including those in the cybersecurity realm, need for advancement in particular job tracks. Whether you have a firm vision of your dream job or not, the roadmap can help steer you in the right direction.
These cheat sheets, tips, and checklists from cybersecurity expert Lenny Zeltser (an instructor at the aforementioned SANS Institute) are a handy reference for IT professionals to consult when they need a shortcut. A few of these templates are targeted toward a more general IT populace—for example, quick tips for communicating with colleagues—but many of them are security-specific.
Further, these guides can be bookmarked in your browser or downloaded as PDFs so you can print and post them in a convenient place at your workstation.
IT is full of jargon and confusing terminology. You may want to turn to Cybrary’s expansive glossary of cybersecurity vocabulary for help. The glossary covers basic cybersecurity language that non-IT folks would be familiar with—like phishing or Trojan horse—as well as more complex industry concepts, such as WHOIS and a TCP full open scan.
Is cybersecurity the right career for you?
According to Cybersecurity Ventures, the cybersecurity industry is expected to have 3.5 million high-paying, unfilled jobs this year. With Springboard’s comprehensive Cyber Security Career Track, you’ll work 1:1 with an industry-mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Learning units include subject-expert approved resources, application-based mini-projects, hands-on labs, and career-search related coursework.
The course will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers or use to demonstrate your technical knowledge in your job interview. The learning materials will also help prepare you to pass the globally-recognized CompTIA Security+ certification so you stand out when applying for cybersecurity roles.
Learn more about Springboard’s Cyber Security Career Track here.
This post was written by Melanie Lawder. Melanie is a Milwaukee-based freelance writer. She has reported for publications like the Milwaukee Business Journal and the Wausau Daily Herald. Follow her on Twitter @mel_lawder.