Resource Guide

Cybersecurity Organizations Directory

Here’s a partial list of various organizations which have been created in the past 20 years which illustrates just how robust the industry has become – and how many different groups think that hacking is a big problem, in direct response to the attacks the world is facing from hackers.

Government Agencies

• • CISA (Cybersecurity and Infrastructure Security Agency)
• • NIST (National Institute of Standards and Technology)
• • DHS (Department of Homeland Security)

Research Institutions

• • CERT (Computer Emergency Response Team)
• • SANS Institute
• • MITRE Corporation

Industry Organizations

• • ISC2 (International Information Systems Security Certification Consortium)
• • CompTIA
• • SANS Security Institute
• • ISACA (Information Systems Audit and Control Association)

Training Resources

• • Coursera Introduction to Cybersecurity Fundamentals (FREE)
• • Cybersecurity for Everyone: University of Maryland, College Park (FREE)
• • ISC2
• • Google Cybersecurity Certificate
• • Microsoft Security Operations Analyst

Conferences & Trade Shows

• Black Hat Security Conference: A more corporate and professional event that focuses on in-depth security briefings and technical training sessions from top researchers and experts.
• BSides: A global network of community-driven, non-profit conferences that provide a platform for security professionals to share and learn outside of mainstream venues.
• DEF CON: A highly popular, grassroots hacker convention known for its hands-on “capture the flag” competitions, technical talks, and a counter-culture atmosphere.
• Gartner Identity Summit: A more specialized, analyst-driven event for leaders in identity and access management (IAM) to discuss trends and best practices.
• Hacker Halted: A global series of conferences presented by the EC-Council with the objective of raising awareness about cybersecurity education and ethics.
• Identiverse: A conference specifically dedicated to the digital identity industry, bringing together professionals to discuss and advance ideas and solutions in identity management.
• InfoSec World: A conference and expo designed for security executives and practitioners to learn new strategies and tools to manage cyber risk.
• RSA Security Conference: The premier global event where the cybersecurity community, including vendors, researchers, and government agencies, gathers to discuss the latest trends, threats, and solutions.
• S4 OT Security Conference: A conference specifically for early adopters and pioneers in operational technology (OT) security, focusing on industrial control systems and critical infrastructure.
• Women in Cybersecurity (WiCyS): A conference and non-profit organization focused on the recruitment, retention, and advancement of women in the cybersecurity workforce.

Websites & Magazines to Follow

• • Bleeping Computer – Community-supported website with cybersecurity news and technical help
• • CSO Online – Strategic guidance for IT security professionals
• • Cybercrime Magazine – Focuses on the economics of cybercrime
• • CyberScoop – Cybersecurity news for technology decision-makers
• • Dark Reading – Cybersecurity news and analysis for enterprise professionals
• • Help Net Security – Independent publication for enterprise security since 1998
• • InfoSecurity Magazine – Global publication with news and expert commentary
• • KrebsOnSecurity – Investigative blog by Brian Krebs on cybercrime
• • Security Week – Daily news and analysis for cybersecurity professionals
• • The Hacker News – Breaking coverage of global cyber threats
• • Wired – Technology magazine with cybersecurity coverage

Organizations (Standards and Best Practices)

• • NIST, National Institute of Standards and Technology
• • OWASP Open Worldwide Application Security Project
• • International Standards Organization
• • Cybersecurity and Infrastructure Security Agency (CISA)
• • Sans Institute
• • Cloud Security Alliance
• • Information Systems Audit and Control Association (ISACA)
• • Center for Internet Security (CIS)
• • National Cybersecurity Centre (NCSC) – UK
• • Information Systems Security Association (ISSA)
• • North American Electric Reliability Corporation (NERC)