Not really sure whether the reason is good or not but the cyber security topic is booming again since approx. 8 years. Eight years is also the timespan where IoT devices becoming more and more present in real use cases and being exposed to the real curiosity of hackers, white hats, or even just engineers with some knowledge in cyber security and not being only a theoretical test unit on the table.
Cyber Security Training is Important
A short look at google trends confirm my observations Google Trends. On the chart, you can see the interest of the online users for the topic "cyber security" from 2004 to end of 2017. By the way, I'm pretty curious about the peak in October/November 2009
Due to the fact, that the economy and politics is more sluggish then single individuals or groups, the cyber security awareness is rising the interest of bigger companies only since 2-4 years, smaller companies are more behind this trend.
Never then less the topic is present and cyber securtiy awareness training is the least what big companies offer the employes nowadays. Depending on the size of the company, the cyber security training variety is extended to something like cyber security in a development process, personal related data and cyber security, security engineering process and many more. While the big companies have resources and finances to provide an extensive training to his employees, the smaller one typically are more limited. Especially if employes, or even just persons are curious in this topic by them self the first step is often to check for free online cyber security training courses.
Why it is important to learn cyber security basics Currently, nearly all areas of daily life are digitalized and even the industry is doing big steps in this direction. Having a basic knowledge about digital hazards and be able to act in the way that you reduce the attack surface automatically in daily life as well as during your work is already a great first step.
Are the cyber security topics more present in your work due to the fact that your company takes the potential dangers more seriously than others, you are a lucky guy! Take the chance and structurize your work with the knowledge of the other security professionals. Every risk analysis, assessment or management strategy is based on structured and well-organized processes, and this is exactly what you will learn implicitly or explicitly during the cyber security courses.
This is exactly the task I’ve got from some of my friends and to be honest, even with my experience in the cyber security area it was not that simple. This is the reason why I decided to summarize my research in this article.
Below you can find a summarization of resources offering cyber security training, online, for free. Some of them require a registration but most of them are completely open and ready to be used.
My first but also an unusual resource for free cyber security courses is cybrary.it. The portal requires a registration but this is also the end of bad news. Cybrary offers an enormous amount of cyber security courses and classes for beginners as well as for experienced users. The courses are made interactive including an explanation video a lot of textual materials, tests, practical lessons and many more. To be honest, finding such a resource with cyber security trainings, online and free made this article more than worth it. I‘m pretty sure I will dive in for some weeks after I‘ve finished this article. Here is a short selection of some courses
CompTIA Security+ - a 9.5 h cybersecurity training for beginners focusing on general security concepts, basics of cryptography, communication security
Penetration Testing and Ethical Hacking - a 13.5h course for experienced users packed with topics like sniffing traffic, viruses and worms, social engineering, sql injection and many more
- Corporate Cybersecurity Management - a short course for executive positions facing the main management topics like legal, insurance, and financial impacts
Another training portal is cursera, also not specialized on cyber security training but providing a lot of courses for it. Cursera trainings are not all for free, you have to take care of the costs due to an alternative business model. Cursera offers you a time where you can do the course for free (7days), if you finish it you will get an official certificate like also for the paid course if not you can cancel the course or pay for it and continue. The courses itself are very detailed, interactive and insist on a video, readings and a practical part.
To give you an example I took the course Usable Security In sum you get 7 “weeks”, therefore 7 training sections with an estimated duration of more than 12 hours of work. If you can finish the training within 7 days you will get the course for free.
Below you can see a selection from a big number of courses
Udemy is, like cybrary, a training portal but not focused on cyber security courses, but also requires a registration. Therey you can find classes for every topic you want but also for cyber security. The most of the courses have to be paid, the prices are really low by the way, but some are also for free. The easiest way to get an overview is to search for a keyword and filter all of the trainings which are free. Below are some trainings which seems to be interesting:
Cybersecurity Awareness Training - Protect Against Social Engineering and Phising Scams with Social Media Security Awareness Training
The Practical Guide to Mac Security - How to avoid malware, keep your online accounts safe, and protect yourself from other disasters.
- Learn Complete Wordpress Security - A complete guide for building a secure WordPress website and preventing hack attacks
The training courses usually have a duration of ~1 h, some ar longer others shorter, and contain a video and often also additional materials. During the video course you also have interactive elements like quiz questions and the trainers share helpful documents like guids and tipps.
IASE – Information Assurance Support Environment
IASE is the primary web portal of the department of defense of the US, therefor decide for your self how to deal with this cyber security source. Neverthen less, the portal offers more then 30 free online cyber security curses in the form of an interactive web base training. The usage of the training resources do not require any registrations but are focused on the department of defense (DoD) users. For those who can generalize specific topics for his requirements, it is still a good source of cyber security trainings. You can find the full list here Below is a short selection with excerps:
DoD Mobile Devices - In this presentation users learn about significant security issues and vulnerabilities associated with unclassified mobile devices.
- Phishing Awareness - This interactive training explains what phishing is and provides examples of the different types of phishing, to include spear phishing, targeting specific groups or individuals, and whaling, targeting senior officials.
As you can see the training sections focus on beginners as well as on experienced persons in terms of cyber security.
NIH – National Institute of Health
The institute offers a small number of information security courses for beginners. Like it is the case for IASE, also for NIH you need to have the ability to generalize specific statements due to the fact that the courses are made for NIH users. The duration is varying between 15 min and 90 min. You can find an overview here NIH, here is a selection.