3 Approaches to Continuous Cybersecurity Learning
3 Approaches to Continuous Cybersecurity Learning
Autodidacts Assemble
Why is continuously learning so important when it comes to Cybersecurity?
Learning is part of the game, and the moment you take on the mindset of an autodidact is when things will shift.
With Cyberattacks becoming more frequent, we have to be aware of the latest techniques and tools that we can help protect ourselves and others. This means constantly adapting to new learnings.
I previously discussed this in this post.
Doing this will require a certain level of natural curiosity and autodidacticism, and I believe other fields will follow this model of learning vs the traditional education path.
So, how can you stay current in Cybersecurity? Let’s take a look at three ways we can do this.
Cybersecurity Blogs and Newsletters
1) Read Cybersecurity blogs and newsletters
This one has really picked up steam in the past few years as a way to learn.
Subscribing to Cybersecurity blogs and newsletters is a simple and efficient way to stay updated on the latest news and trends in the field.
My newsletter, for example, provides you with curated Cybersecurity topics and insights to keep you informed. Although this it’s not a reporting newsletter on the latest cyber news, you will find a lot of relevant write-ups to learn from within Cybersecurity and Detection Engineering.
Just a few newsletters in the space that are worth checking out are:
Infosec Monitor Coverage on what's going on in Cybersecurity. No fluff
Krebs on Security (Cyber Crime news based)
The Cybersecurity Pulse (curation of Security Startup content)
Participate In Communities
2) Participate in online communities
Joining online communities, or Cybersecurity forums, can provide you with a platform to ask questions, share knowledge, and learn from others.
If you have a question, there is a high chance someone else has asked that same question, and this a place for that.
Subreddits, Discord or Slack channels, are great resources to learn more within the field. There is some curating to do, but that’s always part of the job in Cybersecurity.
Sometimes just talking out your problems statement with someone is enough to get the gears going and in the right direction.
I would recommend going this route before going to conferences, as online Cybersecurity communities are usually free.
From here, you can build rapport with others in the community, and learn from those who are maybe a few steps ahead of you in their path.
Conferences and Meetups
3) Attend conferences or meetups
Attending conferences or meetups is another way to connect with other Cybersecurity professionals and learn about the latest trends and in the field. It’s a good opportunity to hear talks from experts in the field. I would start with meetups, where it tends to be more close-knit and then try a conference.
For conferences, many offer workshops or CTF’s as well to practice hands-on skills.
Usually there is a cost factor with conferences, with an affordable option being BSides. There’s usually a BSides at any major metro city.
Detection meetups through the Meetup on app are many times free. This is another option to meet others in the field and make connections.
What I Read This Week
Microsoft Lost More Than Two Weeks of Cloud Customers’ Security Logs
This includes Entra, Sentinel and Defender for Cloud logs.
Datadog’s approach to Detection as Code
See their blog here
Dylan Williams discussing a framework on What Makes a "Good" Detection
Conclusion
The most important thing you can do to stay learning in Cybersecurity is to keep learning. Oversimplified maybe, but it’s the hard truth.
We want to be consistent but know our boundaries, and not burnout. We remember the Tortoise and the Hare don’t we?
Try the above suggestions, and see what works best for you.
Staying current in Cybersecurity is essential to succeed in a rapidly evolving field. There is always something to learn.
By following blogs, participating in online communities and attending conferences or local meetups, you'll be able to stay current with new and emerging threats and technologies.