When is the last time you input your credit card information to make a purchase online? How about the last time you sent an email that had sensitive information like your home address or phone number? As more and more of our personal information is collected and stored online, the prevalence of data breaches and cyberattacks also grows.
In fact, USA Today reports that cyberattacks in 2018 increased 32% in the first quarter of the year and 47% between April and June when compared to 2017 data. In 2018, Gartner forecast that worldwide information security spending would exceed $124 billion in 2019 to combat growing threats like these.
This increase in cyberthreats has driven the demand for cybersecurity professionals — many of which don’t start out in a technology-related field. It’s possible to learn the basics of cybersecurity without a background in technology or IT, and even make a career out of it.
You might be interested in cybersecurity resources for beginners if you:
- Are fascinated by problem-solving
- Enjoy working with computers and technology
- Want to be constantly stimulated at work with new challenges
- Are interested in protecting critical organizations or business networks
Interests like these can lead to a meaningful career in cybersecurity, especially since demand for cybersecurity professionals is growing rapidly. According to the BLS Occupational Outlook Handbook, there are 28,500 new information security analyst roles expected to be added in the United States between 2016 and 2026. That’s a growth of 28% — much faster than the average for all occupations.
If you’re interested in learning how to enter the cybersecurity field with no experience, this introduction to cybersecurity is the perfect place to start. This list of resources for cybersecurity beginners is great for those who want to pursue a career in cybersecurity or a related field, but aren’t sure where to start.
With cybersecurity experts in such high demand, there are plenty of ways beginners can start gaining the experience and education they need to become a professional in this growing field. There are hundreds of free cybersecurity courses offered online, including courses with options to earn certifications upon completion. Check out some options below.
Infosec – Introduction to IT Security & Computer Forensics
This free 12-module course covers IT security and computer forensics, which relates to computer and digital storage media evidence. Modules touch on topics including forensic imaging, hacking Android and network analysis. Modules are video-based, with each module lasting around 10-15 minutes long.
Future Learn – Introduction to Cyber Security
This free introduction to cyber security course lasts eight weeks and requires about three hours per week of study to successfully complete the course. There are rolling enrollment dates. Students learn about online security, how to recognize online threats and how to reduce the likelihood of being a cybersecurity victim. Participants learn concepts including malware, network security, identity theft, viruses, trojans and more.
New York University – Introduction to Cyber Security
This free introduction to cyber security specialization is designed for everyone from technology professionals to total beginners. Students learn about the purpose of cyber security as a discipline, the basics of identification and authentication, and skills like cryptography and risk assessment. To successfully complete the course, you’ll need to finish a hands-on project, after which you’ll be eligible to earn a certificate.
University of Washington – Introduction to Cybersecurity
The University of Washington sponsors this Introduction to Cybersecurity course, a four-week course requiring 2-5 hours of study time per week. The course teaches key concepts and terms in cybersecurity, explains how to identify threats, teaches students how to match controls to threats, and explains how to describe differences among cybersecurity international agencies. You can take the course for free and add a verified certificate for $99.
SANS – SEC301: Introduction to Cyber Security
This course is an introduction to the fundamentals of cybersecurity and explains basic cybersecurity concepts, terms and principles. You can take the course in person or online, and it costs around $5,370 (which includes textbooks). Students learn topics covering the basics of computer networks, security policies, incident response, passwords and more.
The Open University – Introduction to Cyber Security
The free introduction to cyber security: stay safe online course by OpenLearn is 24 hours of study broken down into eight weeks. Students learn how to protect their digital lives, how to recognize threats to online safety and how to take steps to reduce the risk of data breaches. Students who complete the course will be able to understand concepts like malware, viruses, trojans, network security, identity theft and cryptography.
PBS – Cybersecurity 101
This basic nine-question course by PBS presents three-minute videos that teach the basic principles of cybersecurity. Viewers will understand concepts regarding cryptography, encryption and networks. After completing the quick course, participants can play a Cyber Lab game, in which they assume the role of chief technology officer of a startup tasked with protecting it against cybersecurity threats.
There’s always something new happening in the world of cybersecurity. From coverage of the latest cyberattack to cybersecurity trends pros should know, here’s a collection of blogs and podcasts run by cybersecurity experts and journalists. Many feature interviews with the world’s leading cybersecurity professionals across many different industries.
The Data Insider blog by Digital Guardian covers breaking news and trends in data protection, data security news and cyber threat research. The blog is updated several times a week to cover global cybersecurity topics like government regulation and lawsuit outcomes. Blogs are written by technology journalists with extensive backgrounds in cybersecurity.
- In May 2019, the National Institute of Standards and Technology updated the Federal Information Processing Standard to align with the international standard for the first time. This article covers that update and how it impacts the cybersecurity industry.
- This article on Verizon’s 2019 Data Breach Investigations Report breaks down trends in more than 40,000 security incidents.
- Learn what the most common pitfalls to data discovery and classification are, as cited by these 18 data scientists and security professionals.
Krebs on Security
Krebs on Security is a blog by Brian Krebs, an investigative reporter whose own experience being hacked led him to covering cybersecurity. Krebs features interviews with cybersecurity experts and in-depth coverage of cybersecurity events. With nearly two decades of experience covering cybersecurity, Krebs brings a unique first-person view to the topic.
- The post “Should Failing Phish Tests Be a Fireable Offense?” includes insights from cybersecurity professionals about whether or not employees should be fired for failing phish tests at work.
- In the post “Data: E-Retail Hacks More Lucrative Than Ever,” Krebs examines cybercrooks who are increasingly targeting e-commerce stores.
The blog WeLiveSecurity is powered by ESET, an IT security company, and features news, videos and interviews about cybersecurity. Blogs are easily navigable via categories like cybercrime, malware, kids online, hacking and social media. The website also includes research papers, white papers, how-to articles and conference materials.
- The survey “What Should Companies Do to Restore Trust Post-Breach?” includes insights from 2,000 people in the Asia-Pacific region on their perceptions of cyberthreats.
- This article covers research from ESET on fake cryptocurrency wallets emerging on the Google Play marketplace.
- This blog is a first-person account of what happened when the author experienced a personal data breach in which his account was used to launder credit card transactions into cash.
Dark Reading is a collection of 13 cybersecurity communities that features news about enterprise security challenges, including Analytics, Application Security, IoT and Threat Intelligence. Each community features timely articles with insights from researchers and industry analysts. The site also features recent comments posted in response to its articles so users can easily join discussions. Visitors must register to read (don’t worry, it’s free).
- The article “The Minefield of Corporate Email” examines how chief information security officers (CISOs) are dealing with corporate cybersecurity attacks.
- This article covers an economic study of cybercrime released at the Workshop on the Economics of Information Security conference.
Schneier on Security
The blog Schneier on Security is run by Bruce Schneier, an author and security technologist. The blog includes several updates a week, ranging from cybersecurity personal tips, to links to breaking news. Many of Schneier’s blogs are bite-sized, enabling readers to delve into further reading for topics that interest them.
- In the post “iOS Shortcut for Recording the Police,” Schneier links to how to create a Siri shortcut that leads to music being paused, “do not disturb” mode being turned on and iPhone’s front-facing camera being enabled.
- The post “The Human Cost of Cyberattacks” links to the International Committee of the Red Cross’ report on The Potential Human Cost of Cyber-Operations. It also includes links to a shorter blog post and commentary on the topic.
The Security Current collection of podcasts features interviews with cybersecurity experts, primarily CISOs. Listeners can gain insights into how cybersecurity affects everything from merchant services to public cities. Each podcast is about 10-15 minutes long.
- This podcast interview with Mastercard Executive VP and CISO Ron Green features insights into credit card security recommendations.
- In this podcast episode, Bay Dynamics CEO Feris Rifai explains how user behavior analytics are being used as a security tool.
- This podcast episode features an interview with San Diego CISO Gary Hayslip, who talks about cybersecurity protection for this “smart city.”
Security Now! is a weekly podcast where hosts Leo Laporte and Steve Gibson discuss personal computer security issues. They’ve been covering cybersecurity topics on their podcast since 2005, so the site provides a rich history of how cybersecurity has evolved. Each podcast is accompanied by a full transcript and lasts between 90 minute and two hours per episode.
- In the episode “Android ‘Q’,” the hosts discuss a flaw in the messaging app WhatsApp, an attack on Intel processors and new security features in Android Q.
- In the episode “Credential Stuffing Attacks,” the hosts discuss privacy issues around Facebook and Google, as well as seatback cameras on United Airlines flights.
Risky Business is a weekly information security podcast that features commentary on news articles, cyber attacks, cybersecurity opinions and more. The podcast also features interviews with industry experts by host and journalist Patrick Gray.
- This episode features co-host Alex Stamos, former Facebook chief security officer and Stanford adjunct professor. It covers security news including a Baltimore ransomware attack and Julian Assange’s espionage charges.
- In this episode, VMRay co-founder and CEO Carsten Williams discusses sandbox technology focused on automating malware reversing.
The Defensive Security podcast covers cybersecurity breaches and defense strategies. Hosts Jerry Bell and Andrew Kalat talk about recent security news and discuss lessons that could be applied to other businesses and organizations. Each podcast includes a list of links to related news and resources.
- This episode covers the details of a cloud storage attack, what cloud storage for organizations offers and vulnerabilities the cloud faces.
- This episode covers a hack of email servers in the United States and flaws discovered in password managers.
The CyberWire is a collection of podcasts covering cyberspace trends and topics. It includes CyberWire Daily episodes, which are daily podcasts covering the latest in cyberattacks. Other podcasts include practical cybersecurity tips for organizations, commentary on cybersecurity reports and discussions about cybersecurity research.
- The podcast “Applying Threat Intelligence Throughout Your Organization” discusses ways to integrate cyber defense strategies, including incident response and fraud protection.
- This podcast covers a variety of cybersecurity topics, including a recent Google security report on account hygiene and passive social engineering.
Sometimes you need to go beyond reading an article or listening to a podcast to fully understand a cybersecurity concept — you need to connect with the experts. With the forums listed here, you can sign up as a member, post questions or opinions, and hear from others in the know about what they think.
There are also in-person communities, like Meetup, that allow you to connect face-to-face with others who are interested in cybersecurity. If you’re looking to network or make new friends in cybersecurity communities, check out these resources.
CSIAC Cybersecurity Forum
CSIAC stands for Cyber Security and Information Systems Information Analysis Center, which is a Department of Defense Information Analysis Center. This forum includes more than 850 cybersecurity topics and more than 3,600 members. Topics covered include data privacy, network visibility and data breaches.
Wilders Security Forums
Wilders Security Forums includes sub-forums on cybersecurity topics like encryption, hardware, virtualization and mobile security. Visitors can join in discussions or post questions, or check out posts about security products and updates. There’s also a forum dedicated to privacy issues, like personal information exchange.
Comodo Discussion Board and Support Forums
Comodo is a cybersecurity solutions provider that presents forums on dozens of cybersecurity topics. Categories include security products and services, business/enterprise security services and products, and the latest in computer security. Users share news about virus attacks, share tips on firewall tests and more.
Information Security Forum
The Information Security Forum is a collection of cybersecurity resources and a community that includes professional cybersecurity-related brands, such as Huawei and IBM. Visitors to the community can check out cybersecurity research, tools, webinars, events and more related to cybersecurity. Businesses that become members gain access to a research report library, benchmark tools and more.
Hacker Combat Cyber Security Forum
The Hacker Combat Cyber Security Forum is a collection of forums discussing cybersecurity topics. Board topics include data security, network security, web security and more. Users can gain insights on topics like anti-virus spyware programs, HIPAA compliance, Linux programs and more.
The ITarian forum is a cybersecurity community bulletin board hosting online discussions about IT management. ITarian is an IT industry platform providing IT software, so many topics and discussions revolve around related ITarian products. Users can share log entries detailing events like crashes to get insights from other members.
The MalwareTips Community boasts more than 50,000 members, who post on forums discussing news on topics like security, technology and hardware. Members can get tips on computer security configuration, mobile security configuration and computer specifications. There are also extensive malware and threats discussions, including malware removal tips.
Quora – Computer Security
Quora is a question-and-answer site covering a variety of topics, including computer security. Quora members can ask questions and get community input, including background on the people answering each question. Members can upvote certain responses to push better answers up on each page.
Reddit – r/cybersecurity
Reddit is another online community where users can post questions and insights on topics they enjoy, including cybersecurity. Reddit members can join the community to see new posts on their Reddit home pages. Like Quora, responses to posts can be upvoted, which makes those responses appear more prominently.
Meetup – Cybersecurity
Meetup is a free service that connects people with the same interests so that they can meet in person in their local areas. The Meetup cybersecurity communities are local groups that connect to attend cybersecurity events or come together for social gatherings. You can use Meetup to find other people who are interested in cybersecurity in your local area and, like the name of the site suggests, “meet up” with them in person.
Games and labs provide valuable hands-on experience in cybersecurity in a safe environment. The ones mentioned here are based on real-world scenarios. Participants must navigate cybersecurity issues and balance those with business needs in order to find the best solutions. These activities are a way to gain cybersecurity knowledge in interactive and fun digital environments.
PBS – Cybersecurity Lab
The PBS Cybersecurity Lab has a lab simulation where players defend a company that is experiencing increasingly sophisticated cyber attacks. The lab site also has cyber video quizzes, a “meet the experts” section showing a day in the lives of diverse cybersecurity experts and a video library on cybersecurity basics. You can also join the lab community forums to share research ideas and ask questions.
Trend Micro – Targeted Attack: The Game
In this slickly produced game, participants get to watch videos and make decisions about a new fictional mobile payments app called “The Fugle,” which enables people to pay with their fingerprints. Each decision leads to a choose-your-own-adventure-type outcome affecting not just security, but the business as a whole. At the end of the game, participants get an explanation of what they did right or wrong, so they can go back and re-play the game for an even better score.
Texas A&M University – Keep Tradition Secure
In this cybersecurity simulation game, participants must stop the Bad_Bull hacker from infiltrating the Texas A&M University networks. Participants answer cybersecurity questions and receive explanations about whether their answers were right or wrong. Some Texas A&M traditions are included in the quiz, but if you fail a question, you’ll have the chance to try again.
Eukleia – Zero Threat
This cybersecurity training game includes questions regarding simulated risks, network attacks, phishing emails, insider threats and more. In the game, learners must make decisions regarding a network made up of both people and technology and thwart off cyberattacks. Those who want to play the game must request a trial from Eukleia, which provides training for cybersecurity topics.
IS Decisions – The Weakest Link
In this simple but enlightening cybersecurity game, you assume the role of a new cybersecurity professional at a company. Every decision you make affects your “security score,” which is updated in real time. Each answer you give includes an explanation as to why your answer is right or wrong. Related resources are provided for further research.
ISACA – CSX Virtual, Self-Guided Practice Labs
These virtual cybersecurity labs enable users to implement cybersecurity best practices in simulated environments, with levels including Beginner, Intermediate and Advanced. Labs must be purchased and are available for 6 months after purchase. Topics include network discovery, diagnostic capabilities, network scanning and HTTP packet analysis.
There are plenty of distinct cybersecurity careers to consider, and each one requires different education, skills and certifications. These resources explain which skills all cybersecurity professionals need to master, and also delves into specific role requirements. Many of these resources are interactive and provide insights based on the unique input of the reader.
Dice – Six Skills You Need to Succeed in Cybersecurity
This article provides cybersecurity professionals and aspiring cybersecurity experts with an extensive list of qualities that ensure success in cybersecurity roles. Skills expand beyond technical skills and include soft skills like solid work habits and clear communication. The article also includes a list of useful certifications to consider.
SANS – Getting Started in Cybersecurity with a Non-Technical Background
This article explains what people without a background in technology need in order to be successful in the cybersecurity industry. It includes suggestions for coding academies, systems to train on, applications to learn and thought leaders to follow. This article also provides tips for how to cultivate cybersecurity skills no matter what the reader’s current skill level is.
Computer Science Master’s Degrees – Cybersecurity Career Chart
Cybersecurity beginners can use this career chart to see what career outcomes they might be best suited for. The accompanying article explains common categories cybersecurity jobs fall into, including securely provision, protect and defend, and analyze. Each answer on the career chart leads to different outcomes that can help readers determine which cybersecurity specialization is right for them.
Computer Science Master’s Degrees – Cybersecurity Career Development Pathways
This collection of infographics shows readers how they can grow their careers in cybersecurity. Readers learn average financial outcomes, qualifications that are highly valued in the cybersecurity industry, and a typical career roadmap in cybersecurity. The infographics provide a way to begin goal-setting for a meaningful career in cybersecurity.
CyberSeek – Cybersecurity Career Pathway
This interactive career map provides insights about various cybersecurity careers. It shows readers how they can grow their career in various cybersecurity roles, with possible advanced career options for each role. Each role features the expected number of job openings and average salary. Readers can click on a role to learn more about education and skills required, certifications requested and more.
CompTIA – The Top 9 Cybersecurity Jobs and What You Need to Get One
This article covers nine of the most in-demand cybersecurity roles and examines education requirements, skills and certifications required for each one. Clicking on each role opens up a more in-depth article about the job title. You can learn about salary ranges, knowledge needed, typical job titles within each job title and more.
Information Systems Security Association – Developing Your Cyber Career Action Plan
This extensive 45-page guide explains how to create an action plan for a meaningful career in cybersecurity. It includes specific suggestions for cybersecurity groups to connect with, possible career paths and in-demand positions, how to find the right career fit and more. It includes sample case studies and career action plans to model.
ISACA – A Tool to Help You Develop Your Cybersecurity Career
This cybersecurity career roadmap tool analyzes the participant’s background, current skills and future goals to provide cybersecurity career recommendations. Based on background and skills, a number of potential careers are presented, both to pursue now and in the future. Users can learn more about each one, including job descriptions, certifications needed and recommended education and skills.
If you decide you want to pursue a career in cybersecurity, some businesses will require certain education, certifications and/or training. The following is a collection of globally recognized trainings that can teach you the skills you need to land and thrive in a cybersecurity role. Some courses are free while others that provide advanced education certificates require payment.
Associate of (ISC)² Program
(ISC)² is a reputable cybersecurity and IT security professional organization, whose certifications are widely recognized. This degree program provides participants with the opportunity to take (ISC)² certification exams without required work experience. Certifications include cybersecurity, cloud security and healthcare security and privacy.
GIAC Security Essentials
The Cyber Security Certification: GSEC is presented by the Global Information Assurance Certification (GIAC), an organization providing cybersecurity skill validation since 1999. This certification confirms that the certification holder is qualified for hands-on security roles with IT systems. The exam consists of 180 questions, and a minimum score of 73 percent is required to pass.
Certified Ethical Hacker
The Certified Ethical Hacker certification confirms the certificate holder is adept at identifying vulnerabilities and weaknesses in target systems. The credential sets standards for identifying professional information security specialists who engage in ethical hacking. The accompanying training program for the certification trains participants how to think like a hacker, giving them the tools and knowledge they need to hack and secure their own systems.
The CompTIA Security+ certification validates baseline skills needed to perform cybersecurity functions and pursue a cybersecurity career. The test emphasizes practical hands-on skills and relates to the latest trends in cybersecurity, spanning risk mitigation and threat management. When studying to obtain the certification, participants learn about architecture and design, cryptography, threats and attacks, and more.
Cybrary – Free Cyber Security Training
Cybrary is a collection of free and payment-required cybersecurity trainings that help participants learn skills needed to pass certifications and advance their careers. The site includes training on how to become a network engineer, how to become a penetration tester and more. Each course includes a difficulty level and time required. Free on-demand video trainings cover topics such as an introduction to Amazon Web Services and how to install and troubleshoot LAN services for networks.
EdX – Cybersecurity Courses
EdX provides a collection of free online cybersecurity courses, which allow students to pay for a certificate upon completion. Topics covered include how to build a cybersecurity toolkit, threat detection and how to determine a cybersecurity career path. Courses are taught by universities, cybersecurity institutions and businesses like Microsoft.
Microsoft Professional Program – Online Cybersecurity Courses
This 10-course program helps participants identify cybersecurity threats and minimize breach impacts. Each course takes about 8-12 hours to complete, runs for three months and starts at the beginning of a quarter. Topics covered include security incident response, how to use code to enhance security and identity management. The course is free, or participants can purchase Verified Certificates from edX.org.
University of California, Berkeley – Online Master of Information and Cybersecurity (Sponsored Program)
Our partner, The University of California, Berkeley, offers an online Master of Information and Cybersecurity program. The program consists of 27 units and provides anywhere-access learning. It’s designed for working professionals with a technical background and programming experience and takes 20 months to complete.
Syracuse University – Online Master of Science in Computer Science (Sponsored Program)
Our partner, Syracuse University offers an online Master of Science in Computer Science program consisting of 30 credit hours. It takes about 15 months to complete. The course includes weekly live classes that are available 24/7 through the online campus. Students learn how to incorporate emerging technologies into new system designs and develop expertise in areas like advanced programming and computer architecture.
With or without a background in technology, cybersecurity can be a rewarding career for anyone who loves solving problems. If you want to protect critical networks and help businesses and organizations keep their data safe, a career in cybersecurity might be right for you.
Learn about what you can expect from online master’s in cybersecurity programs that can help you achieve your cybersecurity career goals.
Online Cyber Security Programs
Browse online graduate cyber security programs nationwide.