Blog Categories Application Security Cloud Security Compliance Container Security & Orchestration DevSecOps General Professional Development SOC Threat Intel Threat Stack Subscribe Now x Subscribe to Our Blog! Cloud Security 2 Min Read How to Educate Yourself About Cloud Security Nathan Cooprider July 29, 2016 Given the constant changes affecting today’s security industry — whether it’s the explosion of big data, the global shift to cloud-based business models, or the hundreds of technical innovations that occur each day — keeping your security knowledge up-to-date has never been more important. Whether you’re a security professional, a security provider, or a security consumer, there’s a massive need for immediately available, ongoing education. I recently watched James Mickens’ presentation at NDC Oslo 2015. In that talk, Mickens lampooned many aspects of computer security, and also took a little detour to lash out at MOOCs (Massive Open Online Courses). The jab achieved its point by getting a chuckle out of the audience, but in my view it took an unfair shot at a very valuable resource. I admit that MOOCs do not provide a drop-in replacement for traditional education, and I also believe that experience through mentorship yields the best results. Having said that, the problems of need, opportunity, and scale are ever present and have to be addressed. So while I don’t want to rehash arguments from a few years ago or try to bring about a second “year of the MOOC,” I do want to highlight some resources that are available to those of you who want to further your security education. Based on my own experience, I recommend taking a look at the following types of resources as a starting point: MOOCs Many organizations provide frameworks, tooling, and resources for MOOCs. Coursera, a Threat Stack customer, provides a whole category of courses and specializations on computer security and networks. I have done a few classes through them and found it a useful way to broaden my exposure. They are not the only MOOC provider, of course, and both edX and Udacity provide a cyber security course. Podcasts Although not actual MOOCs, podcasts can be wonderful educational tools as well. Unfortunately, finding shows that combine education, entertainment, and professionalism can be problematic. I am always looking for new shows to check out, but I suggest starting your search with Security Now and Security Weekly. Let me know what you find after that! Online Certification A number of online resources can help you earn a security certificate with credentials. This usually requires more commitment and focus than the previously mentioned individual classes. It also typically assumes that you have a little more background knowledge. LearnKey and ITProTV are two providers of this type of material, although many others exist. Everything Else Should you be stuck in the Windows world, Microsoft provides “courseware” for securing their stack. I listened to an excellent set of lectures on Thinking about Cybersecurity (from The Great Courses), although it was somewhat Beltway-focused and now a little stale. Even Khan Academy provides some coursework for cryptography. Listening to a couple of podcasts on the way to work each day may not make you a top-of-the-line pen tester; and taking a few online courses won’t make you an advanced cryptographer, but additional exposure to important security topics can only strengthen your ability to stay relevant in this digital age. We also have roles as teachers and coaches. As much as we need to keep ourselves up to date, it’s also important to pass on what we learn. Colleagues, prospects, and customers can then expand their knowledge and make better-informed decisions about security. Take a few minutes and check these things out. Of course, we at Threat Stack want you to become more educated about security because the more you know, the more you’ll appreciate what we have to offer! Tags:Ongoing EducationProfessional DevelopmentSecurity Education About Nathan Cooprider Nathan Cooprider is a Senior Software Engineer working on the Threat Stack instance agent. Nathan comes to Threat Stack from the endpoint engineering team of Bit9 + Carbon Black. Prior to Bit9, Nathan led the signal processing software team for the MQ9 Predator drone at BAE. He received his BS in CS from Brigham Young University and his PhD in CS from the University of Utah. Nathan has over a decade of experience working with computer systems. This includes eight refereed publications on the static analysis of microcontroller applications written in C. He also wrote a paper on multivariate data visualization, co-authored a paper on multiple hypothesis tracking, and has supported language modeling research. Nathan's accumulated experience with various software engineering languages and tools includes C, C++, python, doxygen, Jenkins, OCaml, CIL, cmake, and many others. View more posts by Nathan Cooprider Request a Demo Share this Blog