This document provides an overview of options for breaking into an information security career. It outlines common information security jobs, traditional education paths through universities and certification programs, and low-cost training options through networking, podcasts, open-source tools, programming tutorials, conferences, and documentation sites. The key advice is to stay curious, ask questions, and get involved in the information security community.
Security Training: Making your weakest link the strongest - CircleCityCon 2017Aaron Hnatiw
It is well known among security professionals that the weakest link in any organization's security is the employee- the so-called "human element". While endpoint security controls may mitigate this risk, they are nowhere close to removing it completely. This is where security training becomes essential. This talk will cover how to introduce and improve security training in any organization, along with industry best practices, and methods to keep knowledge retention high. The speaker will provide specific examples from his own experience of cases where a properly trained employee could have easily thwarted a devastating attack immediately. Will your employees be your weakest link, or your strongest asset?
The more your organization knows about potential threats, the safer your critical assets will be, but are traditional solutions, such as monthly scans and haphazard patching enough? What your scanner isn’t telling you are the critical vulnerabilities that should be fixed first.
The Presentation is about the Basic Introduction to Cybersecurity that talks about introduction and what is security means. Also the presentation talks about CIA Triad i.e confidentiality, integrity and availability
A presentation providing a high-level overview of the problems that organizations face with regards to cyber security and the available options to the,
Security is now important to all of us, not just people who work at Facebook. Most developers think about security in terms of security technologies that they want to apply to their systems, and then ask how secure the system is. From a secure systems perspective, this is the wrong way around. To build a secure system, you need to start from the things that need to be protected and the threats to those resources.
In this session, Eoin dives into the fundamentals of system security to introduce the topics we need to understand in order to decide how to secure our systems.
Security Training: Making your weakest link the strongest - CircleCityCon 2017Aaron Hnatiw
It is well known among security professionals that the weakest link in any organization's security is the employee- the so-called "human element". While endpoint security controls may mitigate this risk, they are nowhere close to removing it completely. This is where security training becomes essential. This talk will cover how to introduce and improve security training in any organization, along with industry best practices, and methods to keep knowledge retention high. The speaker will provide specific examples from his own experience of cases where a properly trained employee could have easily thwarted a devastating attack immediately. Will your employees be your weakest link, or your strongest asset?
The more your organization knows about potential threats, the safer your critical assets will be, but are traditional solutions, such as monthly scans and haphazard patching enough? What your scanner isn’t telling you are the critical vulnerabilities that should be fixed first.
The Presentation is about the Basic Introduction to Cybersecurity that talks about introduction and what is security means. Also the presentation talks about CIA Triad i.e confidentiality, integrity and availability
A presentation providing a high-level overview of the problems that organizations face with regards to cyber security and the available options to the,
Security is now important to all of us, not just people who work at Facebook. Most developers think about security in terms of security technologies that they want to apply to their systems, and then ask how secure the system is. From a secure systems perspective, this is the wrong way around. To build a secure system, you need to start from the things that need to be protected and the threats to those resources.
In this session, Eoin dives into the fundamentals of system security to introduce the topics we need to understand in order to decide how to secure our systems.
Monty McDougal, Cyber Engineering Fellow, Intelligence, Information and Services, Raytheon
Kid Proofing the Internet of Things
This presentation is intended to address the unique challenges parents face in securing their home networks both against their kids and in order to protect their kids from the evils of the Internet. It is particularly focused on the problems the Internet of Things brings to us as parents.
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...OpenDNS
Malware reversing is a conventional threat intelligence strategy that is being challenged to keep up with the fast-paced evolution of threats. To stay ahead of bad actors, the next generation security intelligence engine is big data, not malware reversing. An advanced generation of security intelligence teams has risen with mathematicians, algorithmic geniuses and big data researchers.
The buzz words sound impressive but what does this actually mean in practice?
On Jan 22nd, OpenDNS Security Researcher, Dhia Mahjoub, and Senior Product Manager, Dima Kumets, went under the hood of OpenDNS Security Research Labs. Their discussion included such topics as:
-What the OpenDNS Researchers actually do and why it's so different from traditional sample analysis
-The process of developing and improving learning machines as developed by Dhia and the Labs Team
-Insights gained from looking at Internet traffic as a whole
-The difference in Big Data insight vs Malware Reversing
-The latest threats OpenDNS Security Labs is mitigating
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
Corporate cybercrime is usually blamed on outsiders, but sometimes, your employees can represent the biggest threat to your organization’s IT security. In this presentation, Kaspersky Lab’s Mark Villinski, will provide practical advice for educating your employees about cybersecurity. Attend to learn:
• How to create efficient and effective security policies
• Overview and statistics of the current threat landscape
• The importance of keeping your employees updated about the latest threats and scams
• Security solutions that can help keep your systems updated and protected
Breached! App Attacks, Application Protection and Incident ResponseResilient Systems
Software applications, like outward facing Web applications, are consistently ranked as one of the top threat vectors. For example, according to a recent report from Trustwave, SQL injection was the attack method for 26% of all reported breaches. Indeed despite being a decade-old, well understood vulnerability, SQL injection flaws remain present in 32% of applications.
This webinar will first explain software application vulnerabilities and define their various types. It will also present recent research findings about the prevalence of these vulnerabilities and their impact. From there it will discuss what organizations can do to harden their applications. Finally, the webinar will cover best practices for responding to a successful application attack.
Our featured speaker for this timely webinar is Chris Wysopal, Co-Founder, CTO & Chief Information Security Officer at Veracode.
stoQ is an open-source DFIR analysis framework that
allows for plug and play automated analysis of threats into
a datastore of their choice. When combined with a data
exploration tool like Splunk, it allows analysts to simplify
the repetitive analytic tasks (running yara signatures,
running hashes against virustotal, XOR, ROT13, extracting
links from emails, and much more) and quickly correlate
against other data sources or threat intelligence offerings
to better visualize the threats to their network. In this
talk we will cover what stoQ is, how it works, and show
a demonstration of how you can leverage it’s capabilities
with Splunk. We will also be releasing a free Splunk app
that will allow anyone with Splunk to start leveraging stoQ
today. Attendees will learn: how to streamline the analysis
of malicious files and network traffic using a flexible opensource
DFIR framework; how to view that data and use it
in an incident; and how to install and configure the stoQ
and Splunk instance for use when they get back to their
own offices.
Open Source IDS Tools: A Beginner's GuideAlienVault
This SlideShare provides an overview of the various Open Source IDS tools available today. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, these are some great open source intrusion detection (IDS) tools available to you.
Take lessons from the world's best instructors and universities. Join Ethical Hacker (CEH) course with Certometer. Courses include recorded auto-graded and peer-reviewed assignments, video lectures, and community discussion forums. Join now in our courses having special features like
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKelly Robertson
Have you ever wondered why our web apps, and mobile web apps in particular, are hard to secure?
Be sure to read the speakers notes in this presentation
In this lengthy presentation, you will observe where researchers and hackers corrupt the developer's intentions...then, you will look at the Good, the Bad and the Ugly of Secure Software Development, WAF considerations, and Mobile Device Management...
This presentation will provide an overview of what a penetration test is, why companies pay for them, and what role they play in IT security.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
We are one of the top Cyber security training providers.
Cyber security includes both the technologies and processes used to protect digital devices and networks from digital attacks, hacking and unauthorised hacking.
There will be a 100% placement assistance after the completion of this course.
Monty McDougal, Cyber Engineering Fellow, Intelligence, Information and Services, Raytheon
Kid Proofing the Internet of Things
This presentation is intended to address the unique challenges parents face in securing their home networks both against their kids and in order to protect their kids from the evils of the Internet. It is particularly focused on the problems the Internet of Things brings to us as parents.
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...OpenDNS
Malware reversing is a conventional threat intelligence strategy that is being challenged to keep up with the fast-paced evolution of threats. To stay ahead of bad actors, the next generation security intelligence engine is big data, not malware reversing. An advanced generation of security intelligence teams has risen with mathematicians, algorithmic geniuses and big data researchers.
The buzz words sound impressive but what does this actually mean in practice?
On Jan 22nd, OpenDNS Security Researcher, Dhia Mahjoub, and Senior Product Manager, Dima Kumets, went under the hood of OpenDNS Security Research Labs. Their discussion included such topics as:
-What the OpenDNS Researchers actually do and why it's so different from traditional sample analysis
-The process of developing and improving learning machines as developed by Dhia and the Labs Team
-Insights gained from looking at Internet traffic as a whole
-The difference in Big Data insight vs Malware Reversing
-The latest threats OpenDNS Security Labs is mitigating
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
Corporate cybercrime is usually blamed on outsiders, but sometimes, your employees can represent the biggest threat to your organization’s IT security. In this presentation, Kaspersky Lab’s Mark Villinski, will provide practical advice for educating your employees about cybersecurity. Attend to learn:
• How to create efficient and effective security policies
• Overview and statistics of the current threat landscape
• The importance of keeping your employees updated about the latest threats and scams
• Security solutions that can help keep your systems updated and protected
Breached! App Attacks, Application Protection and Incident ResponseResilient Systems
Software applications, like outward facing Web applications, are consistently ranked as one of the top threat vectors. For example, according to a recent report from Trustwave, SQL injection was the attack method for 26% of all reported breaches. Indeed despite being a decade-old, well understood vulnerability, SQL injection flaws remain present in 32% of applications.
This webinar will first explain software application vulnerabilities and define their various types. It will also present recent research findings about the prevalence of these vulnerabilities and their impact. From there it will discuss what organizations can do to harden their applications. Finally, the webinar will cover best practices for responding to a successful application attack.
Our featured speaker for this timely webinar is Chris Wysopal, Co-Founder, CTO & Chief Information Security Officer at Veracode.
stoQ is an open-source DFIR analysis framework that
allows for plug and play automated analysis of threats into
a datastore of their choice. When combined with a data
exploration tool like Splunk, it allows analysts to simplify
the repetitive analytic tasks (running yara signatures,
running hashes against virustotal, XOR, ROT13, extracting
links from emails, and much more) and quickly correlate
against other data sources or threat intelligence offerings
to better visualize the threats to their network. In this
talk we will cover what stoQ is, how it works, and show
a demonstration of how you can leverage it’s capabilities
with Splunk. We will also be releasing a free Splunk app
that will allow anyone with Splunk to start leveraging stoQ
today. Attendees will learn: how to streamline the analysis
of malicious files and network traffic using a flexible opensource
DFIR framework; how to view that data and use it
in an incident; and how to install and configure the stoQ
and Splunk instance for use when they get back to their
own offices.
Open Source IDS Tools: A Beginner's GuideAlienVault
This SlideShare provides an overview of the various Open Source IDS tools available today. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, these are some great open source intrusion detection (IDS) tools available to you.
Take lessons from the world's best instructors and universities. Join Ethical Hacker (CEH) course with Certometer. Courses include recorded auto-graded and peer-reviewed assignments, video lectures, and community discussion forums. Join now in our courses having special features like
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKelly Robertson
Have you ever wondered why our web apps, and mobile web apps in particular, are hard to secure?
Be sure to read the speakers notes in this presentation
In this lengthy presentation, you will observe where researchers and hackers corrupt the developer's intentions...then, you will look at the Good, the Bad and the Ugly of Secure Software Development, WAF considerations, and Mobile Device Management...
This presentation will provide an overview of what a penetration test is, why companies pay for them, and what role they play in IT security.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
We are one of the top Cyber security training providers.
Cyber security includes both the technologies and processes used to protect digital devices and networks from digital attacks, hacking and unauthorised hacking.
There will be a 100% placement assistance after the completion of this course.
Which career, what skills to excel in cybersecurity. Check this out.
You will learn what covers cybersecurity, what are the various job domains, and what skills you should learn. I have share books, videos, and other cybersecurity suggestions as well.
While advancements in technology have greatly improved the speed, efficiency and capability of investment advisers’ and broker-dealers’ systems and workflows, these developments have also significantly increased operational and reputational risk. An isolated system intrusion can have dramatic consequences for a SEC or FINRA registrant including financial loss, ongoing liability to clients and investors and potential regulatory enforcement action. In today’s environment, if a “hacked” SEC or FINRA registrant has any hope of avoiding a regulatory enforcement action, it is imperative they can demonstrate that they have adequate policies and procedures to identify and test potential cybersecurity vulnerabilities and weaknesses. Such policies must also address the experience, security vetting process and the location of any external party performing such tests.
Video (at YouTube) - http://bit.ly/19TNSTF
Big Data Security Analytics, Data Science and Machine Learning are a few of the new buzzwords that have invaded out industry of late. Most of what we hear are promises of an unicorn-laden, silver-bullet panacea by heavy-handed marketing folks, evoking an expected pushback from the most enlightened members of our community.
This talk will help parse what we as a community need to know and understand about these concepts and help understand where the technical details and actual capabilities of those concepts and also where they fail and how they can be exploited and fooled by an attacker.
The talk will also share results of the author's current ongoing research (on MLSec Project) of applying machine learning techniques to information secuirty monitoring.
From Beer City Code Conference, Grand Rapids, MI - 2017
OWASP, SANS, Threat Modeling, Static Code Analysis, DevSkim, Burp Suite, WireShark, Fiddler, Agile, Use Cases, Code Review, Pull Request, Git, GitFlow, Red Team, Blue Team, Metasploit, NIST, TLS, Kali Linux,
Modernizing, Migrating & Mitigating - Moving to Modern Cloud & API Web Apps W...Security Innovation
This talk will help you, as a decision maker or architect, to understand the risks of migrating a thick client or traditional web application to the modern web. In this talk I’ll give you tools and techniques to make the migration to the modern web painless and secure so you can mitigate common pitfalls without having to make the mistakes first. I’ll be doing demos, and telling lots of stories throughout.
Making some good architectural decisions up front can help you:
- Minimize the risk of data breach
- Protect your user’s privacy
- Make security choices easy the easy default for your developers
- Understand the cloud security model
- Create defaults, policies, wrappers, and guidance for developers
- Detect when developers have bypassed security controls
My Presentation on Career Opportunities in Cyber Security presented at the North Cap University during the course inauguration ceremony, where I talked about different career paths to get into the cyber security domain.
Data Modeling for Security, Privacy and Data ProtectionKaren Lopez
Karen Lopez (@datchick/InfoAdvisors) 90-minute presentation on Data Security, Data Privacy, Compliance and how data modelers should discover, assess, and monitor these important data management responsibilities.
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Alex Pinto
We could all have predicted this with our magical Big Data analytics platforms, but it seems that Machine Learning is the new hotness in Information Security. A great number of startups with ‘cy’ and ‘threat’ in their names that claim that their product will defend or detect more effectively than their neighbour's product "because math". And it should be easy to fool people without a PhD or two that math just works.
Indeed, math is powerful and large scale machine learning is an important cornerstone of much of the systems that we use today. However, not all algorithms and techniques are born equal. Machine Learning is a most powerful tool box, but not every tool can be applied to every problem and that’s where the pitfalls lie.
This presentation will describe the different techniques available for data analysis and machine learning for information security, and discuss their strengths and caveats. The Ghost of Marketing Past will also show how similar the unfulfilled promises of deterministic and exploratory analysis were, and how to avoid making the same mistakes again.
Finally, the presentation will describe the techniques and feature sets that were developed by the presenter on the past year as a part of his ongoing research project on the subject, in particular present some interesting results obtained since the last presentation on DefCon 21, and some ideas that could improve the application of machine learning for use in information security, especially in its use as a helper for security analysts in incident detection and response.
Introduction to information security fieldAhmed Musaad
A short introduction to the various fields of Information Security, along with a brief description of each minor filed, the responsibilities for people working in that field, the skills needed for entering the field and what kind of knowledge should be acquired. This presentation serves as an introduction only, and shouldn't by any mean be taken as a definitive guide to those minor fields or the major filed of information security.
I used to get questions on what it takes to have a career in Information Security. Here are my thoughts on building a career in Security touching points like skills, job titles, are certifications needed etc
Similar to March 2014 B2B - Breaking into info sec (20)
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Raleigh ISSA
Invited speaker: "Growing Trend of Finding Regulatory and Tort Liability for Cyber Security Breaches ”
with Mark W. Ishman, J.D., Masters in Law in Information Technology and Privacy Law
2013-11 Raleigh ISSA Chapter Updates November 2013Raleigh ISSA
InfoSeCon 2013 recap, our largest event yet. Upcoming events including our December 5th meeting featuring beer and brats and a possible end-of-year social. Internet Summit Nov 14, discounts available, BOARD ELECTIONS coming in december- oveview of positions and contact info to nominate. Tonight's presentation “Growing Trend of Finding Regulatory and Tort Liability for Cyber Security Breaches” with Mark W. Ishman, J.D., Masters in Law in Information Technology and Privacy Law - an invited speaker.
2013-10 Raleigh ISSA Chapter Updates October 2013Raleigh ISSA
Board updates, the HALLOWEEN edition featuring Shei Shei. A statistical overview of meeting attendance, because WHO doesn't like graphs?! InfoSeCon event details and schedule live. Upcoming Events including Chapter Meeting Nov 7, Internet Summit Nov 14, Chapter Meeting Dec 5, BOARD ELECTIONS COMING in December. Tonight's Presentation: “Using Cisco ISE for Basic Access Control ” with Douglas Notini
2013-09 Raleigh ISSA Chapter Updates September 2013Raleigh ISSA
Board updates, jobs updates, treasurer report and more. InfoSeCon event details, why you MUST RSVP for meetings, Upcoming Events including Chapter Meetings, InfoSeCon, BSides Raleigh, instructions and how-to RSVP as a member. Tonight's Presentation: “Social Media Hacked – Analyzing the Art of the Attack” with Scott A. Wells, Ph.D.
2013-08 Raleigh ISSA Chapter Updates August 2013Raleigh ISSA
Chapter board reports, InfoSeCon call for papers, InfoSeCon updates, Back-to-Basics mini-trainings, why you should never Google "David Vaughn". Upcoming Events including Chapter Meetings 9/5 and 10/3, InfoSeCon 10/17, BSides Raleigh 10/18. Tonight's Presentation: YOU! Enjoy roundtables and group discussions with your peers
2013-07 How to Win with Customers - Keith PiguesRaleigh ISSA
In this engaging, challenging and thought-provoking session, D. Keith Pigues, co-author of Winning with Customers: A Playbook for B2B (Pigues and Alderman, Wiley & Sons 2010) will help participants:
- Understand why a focus on your customers’ profitability is the key to your company’s growth and profitability,
- Uncover the differential value customers receive from your company’s value proposition,
- Identify the most valuable opportunities to improve your customers’ business and make more profits for your business in return,
- Collect and utilize customer and competitive insight derived from the use of the Differential Value Proposition (DVP) to improve your organization’s decision-making, investments and results.
2013-07 Raleigh ISSA Chapter Updates July 2013Raleigh ISSA
Raleigh ISSA- July 2013 Chapter Updates. Upcoming events including "Back to Basics with Linux" mini-training, next chapter meeting August 1st, welcome Derrick to the adjunct board team as new Chapter Marketing Manager!
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
4. Jobs
• Computer Crime Investigator / Forensics Expert
• System, Network, and/or Web Penetration Tester
• Forensic Analyst
• Incident Responder
• Security Analyst, Engineer, or Architect
• Malware Analyst
• Network Security Engineer
• CISO/ISO or Director of Security
• Security Operations Center Analyst
Source: SANS: The 20 Coolest Jobs in Information Security
5. Traditional Approach
•Universities and Community
Colleges
• Campbell University
• Duke University
• ECPI
• ITT Tech
• NC Community College System
• NC State
• UNC
8. Networking
• Start Here… at the Raleigh ISSA Meetings
• Connect with People in the Field
• Mentors
• Warm
• LinkedIn
• Soft
• Twitter
• Tylerslab.com
9. PodCasts
• SANS Internet Storm Center
• SecurityNow
• Tenable (Nessus)
• Chet Chat: Sophos
• Paul’s Security Weekly
• The Southern Fried Security Podcast