Security Certifications: Training on a Budget and Breaking Down the HR

Abstract: Anyone starting in the security industry gets quite overwhelmed on how to best obtain adequate training to perform their role. Novices need to understand what the best approach to security training is and how they can get enough to allow them to navigate through complicated paths of different courses provided by various vendors. Security managers and directors need to review and sign off on training budgets and get challenged by staff who wants the best and most expensive courses. There's really no one size fits all solution to this. A suggested approach would be to assist everyone identify how to get the maximum out of any budget that might be in place. A combination of vendor courses along with self-studying, on the job training and free courses offered by a variety of MOOC online universities and vendors can greatly aid in providing everyone suitable training. In fact, this can greatly aid anyone new to the security industry get their foot through the HR door and even experienced people to achieve their full potential. Various paths can be followed and working with each individual makes all the difference. Someone might want to be the best security analyst or incident responder while other people may need to focus on legal issues or management roles. Examples of such paths and how to progress along each track will be analysed and concise approaches on how to customize training to each person's needs will be provided to ensure the best outcome is reached, while constantly remaining vigilant to budgetary concerns. Bio: Nick Mitropoulos is the CEO of Scarlet Dragonfly and has more than 13 years of experience in security training, cyber security, incident handling, vulnerability management, security operations, threat intelligence and data loss prevention. Nick is a certified ISC2 & EC-Council instructor, a GIAC advisory board member, a senior IEEE member, a Cisco champion and has an MSc (with distinction) in Advanced Security and Digital Forensics from Edinburgh Napier University. He has worked for a variety of companies (including the Greek Ministry of Education, AT&T, F5 Networks, JP Morgan Chase, KPMG and Deloitte) and has provided critical advice to many clients that want to improve their current security posture by creating new security operation centers and protocols, developing vulnerability management programs, managing third parties and security vendors, testing incident handling and forensic teams, redesigning perimeter security solutions, and developing custom-tailored training courses for company staff and specialised security teams. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Security BSides Athens 2020 CyberSecurity | InfoSec | Ethical Hacking | Computer Security | Evolving Threats | Threat Landscape | Privacy | Cyber Resilience Security BSides is a community-driven framework for building events by and for information security community members. These events are already happening in major cities all over the world! We are responsible for organizing an independent Security BSides-Approved event for Athens, Greece. More: https://www.bsidesath.gr Follow on Twitter: @BSidesAth