According to the Bureau of Labor Statistics, there are over 209.000 unfilled cyber security positions, the number of positions has increased 74% in the past five years, and the number of cyber security jobs is expected to increase 53% by 2018. The movement to the cloud, mobility, and the Internet of Things, coupled with increased hacking, malware, and advanced persistent threats are all increasing the need for highly trained security professionals.
In the past, cost and time have been major barriers to getting the skills required to enter this growing field. Bootcamps can cost from $2,000 to $5,000 a week, and require students to take time off of work. Massive Online Open Courses (Moocs) like EdX and Coursera have only addressed information security in the periphery, and are slowing adding options that have effectively raised prices. University Programs in CyberSecurity are often very costly, requiring a two year commitment. Until very recently, the only low cost option to get fully trained was to get a book and do it yourself, on your own time, or through a study group.
Cybrary (http://cybrary.it) is changing the game, by offering web based training for certification and advanced information security skills for the low cost of nothing. Zilch, free, as in beer, zero. Oh, yeah, there’s an app for that, too! !!Android only right now)
These are not just lightweight courses, they are for all levels of security proficiency. Some recommend that you bring to the counter multiple years of experience.
Cybrary currently offers the following security-related courses:
- CompTIA Security+
- Ethical Hacking and Penetration Testing , EC-Council’s CEH.
- Computer and Hacking Forensics CHFI certification from the EC-Council.
- CompTIA Advanced Security Practitioner (CASP)
- ISACA Certified Information Systems Auditor (CISA) –
- Certified Information Systems Security Professional (CISSP)
- Post Exploitation
- Social Engineering and Manipulation
- Python for Security Professionals
- Metasploit Malware Analysis and Reverse Engineering
- Advanced Penetration Testing
In addition, Cybrary offers courses in Network and Systems administration, rounding out their security offerings. All that’s required is registration to the site. The site also has an area which provides a user profile which has a list of completed classes. Most of the serious modules tend to be about a 1/2 hour in length. You’ll probably stop the slides once in a while to take notes. The instructors seem to know their stuff. One cool thing about the site is that there are options to earn points that can be used on the site by completing activities.
I spoke with Trevor Halstead, the Project Manager for Cybrary, at a recent Maryland CyberSecurity conference.
Trevor-first of all, why did you start Cybrary?
Cybrary was started around the most fundamental idea that education should be available for everyone for free. The cybersecurity industry is unlike any other. It is evolving at an unfathomable rate and is highly volatile. Our traditional education methodology is unaffordable, inaccessible, impractical, and simply does not allow us to keep up. We are seeing the effects of this evolution on the demand front, and feeling the impacts of our inefficient training programs when you look at our talent supply. By making information on, arguably, one of the most critically important industries, accessible; we are allowing people to feed their curiosity, and have access to information that can help, not only, protect them online, but also, kick-start a new or existing career.
I noticed that there were a number of donate buttons on the site. Are you planning on donations being the main source of revenue for Cybrary?
We have great connection to our users. We make a point to respond to every question or request, and interact with them on a daily basis. As a result, our users show their appreciation, of the service we are providing, by donating to our site. That being said, donations and ads can only go so far. Our plan is to grow into the daily active site for cyber security professionals; and with a site, at that level, there are more than a few ways to produce revenue. At the moment, however, we are currently focused on EDU and Enterprise platforms for larger organizations; as well as, building out our Talent Services division. With a quickly growing community, featuring over 260,000 registered users, we believe that bringing employers into the fold will help to curb the industry shortage. Our Talent Services platform will allow employers to post jobs and have access to the profiles and resumes (at a price, of course) of people from all around the world. In addition, we hope to be able to work with them to develop their own talent pipelines (those short of a certification, but actively working on the site to earn it, for example) which will be mutually beneficial to, both, employers and applicants, alike. While we are not there yet, we strongly believe that Cybrary will evolve from more than just a free cyber security training website, and into the premiere recruiting platform for cyber security talent.
The course quality is great, but I did not notice testing modules on the site. Was that something I missed? Is this a planned add-on?
Yes, we get asked about that on a pretty frequent basis. We are in the midst of developing end of module/end of course quizzes & tests. In addition, we are eyeing integrating full test simulations that our users will be able to take advantage of. While folks can find these elsewhere online, we want to provide our users all the tools they need to start and grow a career in cyber security. Even more we do have plans on integrating these “results” into our users’ professional profiles on Cybrary. This will help employers, searching for talent, have a better means for quantifying that professional’s knowledge and skill level.
What additions in course content can we expect to see in the coming months?
We have some really great course content in the pipeline. Within the next 30-60 days, we are looking to have classes posted on the Metasploit Framework, Malware Analysis/Reverse Engineering, and CSSLP (by ISC2). Quarter 1, we are eyeing Web App Pen Testing, Secure Coding, and Threat Intelligence.
Are you seeing investor interest in the project?
We launched, officially, in January 2015 and have just eclipsed 260,000 registered users; so, from a growth perspective, I’d say, we are a little past “project” status. In August, we received $400,000 in our seed round led by Justin Label of Inner Loop Capital. If you are not familiar with Justin, he has over 15 years of experience working with private companies as a venture capital investor and advisor. Prior to his current involvement in developing Cyber Security companies, along the Cyber Corridor (SourceFire, SafeNet, Mandiant, and Tenable…just to name a few), he worked at Bessemer Venture Partners in Silicon Valley, where he was involved in most of their cyber security investments. Justin has worked with and grown some terrific companies, and we are really excited to have his support in Cybrary.
You’ve got nothing to lose, and a lot to gain, by trying Cybrary. They currently host positions from 5 companies including: CyberPoint International, PRISM Inc, Raytheon Blackbird Technologies, Apex Systems Inc, and SAIC; and, are currently reaching out to companies, providing 1 complimentary posting, to show just how impactful posting a position in front of the largest online cyber security community can be. Give it a look at http://Cybrary.it . as well as their jobs pagehttps://www.cybrary.it/cyber-security-jobs/ and let me know your thoughts. Oh, do your LinkedIn techie friends a favor, and please share this article with them.