It's a good time to take an online security course
We're more than a month into the coronavirus quarantine, and many of us have extra time on our hands. One way to put that time to good use is to get training to help advance your career. Computer security is a popular subject among training courses, because there's a great deal of demand for security professionals.
You may have taken in-person training in a classroom environment, but of course that's not an option right now. The good news is that technology training, including most security training, lends itself well to an online format.
First, we review the traditional professional certification-oriented kind, usually offered as in-person courses but often available online. Second, there are online courses that you can find for free (as in beer; that's a techie joke) online but that charge for a certification showing you completed the course. There are also online training companies that charge for subscription access to their courses but may have a free trial period or free limited course access.
As a general rule with training, if you pay for the course, a big part of what you're paying for is a certification you can cite to show you know the subject. Another thing to be on the lookout for is when you search for "free" courses online, you often find links to courses in a third category: They're free—sort of and up to a point. When you sign up for a free course, make sure you understand what you're getting for free. You won't be getting everything the paying students get.
Old school and really expensive
This article is about free training, but we're including conventional paid training for perspective and comparison.
Traditional security training courses are not cheap. Consider SEC401: Security Essentials Bootcamp Style from the venerable SANS Institute, a multiday, hands-on dive into IT security that attempts to be as deep as it can while covering a broad swath of security issues. The course itself costs $7,020, and there is an associated SANS certification, GSEC (GIAC Security Essentials Certification), which will cost you another $799. The time and expense involved are enough to ensure you take it seriously.
SANS has dozens of other courses and certifications touching on every corner of IT security, and there are other well-established private schools like SANS, all of which are attempting to offer their courses online now.
Many universities have gotten into the game, offering similar courses. Stanford University offers completely online security programs that include "a Stanford graduate or professional certificate." The University of Pennsylvania School of Engineering and Applied Science offers an online master of computer and information technology hosted on Coursera for the low, low price of $25,000 (tuition) plus $1,300 (online services fees).
Other respected non-academic organizations offer training. One of my favorites is OWASP (the Open Web Application Security Project), which will be offering its Virtual AppSec Days April 2020 soon. It will include a one-day conference and two four-hour days of training, ending with a three-day capture-the-flag competition. There is no certification, but there is meaningful training, networking, and hands-on experience, and which at most will cost about $1,000.
Technical conferences are another major venue for security training. Shows like Black Hat and the RSA Conference offer high-end training for high-end prices, but you'll find training at just about every security conference.
Free and online
This may not be the time to shell out thousands of dollars, even if you think it is a wise investment. The options are more limited and the format more automated, but there are completely free security classes out there that can teach useful information to many people.
While there are sites that offer free courses directly, with added cost options for certifications, most of the free courses are available through independent online course platforms.
The gold mine in this area appears to be edX, which has thousands of courses from 140 institutions, including Harvard, MIT, Sorbonne, and Georgetown. Most, and all the ones I looked at, are free to audit. These are real live courses with an instructor, and so they are scheduled for certain dates. If you want a "verified certificate," to prove you took the course, that will cost some but not a lot of money. Paying for the certificate also means the instructor will grade your work, and it gives you access to the course materials after the course is over.
For instance, a certificate for Rochester Institute of Technology's Cybersecurity Fundamentals course costs $150. The Cybersecurity Capstone ("demonstrate the knowledge and skills acquired in the [RIT] Cybersecurity MicroMasters Program") certificate will set you back $600, which is still not a lot if you are actually taking the degree program. And the course is free, although it does not include graded assignments or unlimited course access. Don't just limit yourself to the security courses; the edX selection is so large that others are likely to be of interest to you or your friends and family.
In fairness, there are other training meta-sites like edX, meaning sites that collect links to other training sources, free or otherwise. Some, like Class Central, link to edX and other meta-sites, like Future Learn, as well as to other free courses, including the university sites you can find through edX.
Microsoft Learn is another good example of flat-out free courses. The Azure Fundamentals course (free) will prepare you for the AZ-900: Microsoft Azure Fundamentals exam ($99), which, if you pass, makes you Microsoft Certified: Azure Fundamentals. The next step up is to take a series of free security courses, pass the AZ-500: Microsoft Azure Security Technologies exam, and become a Microsoft Certified: Azure Security Engineer Associate.
Training you pay for
Sometimes free things aren't worth what you pay for them. You can buy courses from Udemy cafeteria style. There is no membership, you pay per course, and the courses always seem to be offered at a deep discount. For instance, the Learn Ethical Hacking from Scratch course lists for $84.99, but if you act now, you can get it for $17.99—79 percent off! Similar language applies to just about every other course. It looks a bit fishy, but it also makes trying Udemy a low-cost proposition.
There is also a lot of training available on the Internet from services that charge a monthly subscription cost. The monthly cost is not expensive, and you can usually quit whenever you want.
One such service is the big online course platform Coursera, which I already mentioned above for hosting a master's degree from University of Pennsylvania. It also hosts courses for large vendors, such as the five courses in the Google IT Support Professional Certificate. A Coursera subscription costs $49 per month, and subscribers who complete courses get the certificate. It does offer a seven-day free trial.
Pluralsight has thousands of courses, most of which are focused on software development. Personal subscriptions start at $29 per month and go up to a $449 per year for a Premium membership, which also includes "access to exams, projects, and interactive courses." Pluralsight has a 10-day free trial, and even non-paying members get access to several free courses per week. For the month of April, it is offering "7,000-plus courses" for free.
A Cloud Guru bills itself as the "No. 1 learn-by-doing cloud training platform." The courses focus on cloud-oriented topics, and there are more than 1,000 interactive labs, which are online interfaces with which to experiment on platforms. The site costs $49 per month, but there is a substantial discount for buying annually and a free tier that provides "access to basic courses and features."
Future Learn has a hybrid model. There is a free tier that gives limited access to courses. It has a $249.99 per year unlimited tier, which gives complete access to everything, including certificates. But you can also "upgrade" on a per-course basis and get complete materials. You can upgrade its course Cyber Security Landscape for $64.
Don't limit yourself to free
If you view this training as something that can really help your career, then limiting yourself to the free options is probably unwise. That isn't to say free content is worthless but that you should consider the ones that have a small subscription fee and a large collection of options. The certifications don't carry the same weight as big-time ones, like the (ISC)2 CCSP (Certified Cloud Security Professional), but they do give you something to notice on your LinkedIn page. In any case, this is the time to do it.
- The manager's guide to evaluating employee training
- Most valuable certifications for infrastructure pros
- Virtualization certifications: Where the jobs are (and how to train for them)
This article/content was written by the individual writer identified and does not necessarily reflect the view of Hewlett Packard Enterprise Company.