Continued Learning Resources

Your Malware & Monsters experience is just the beginning of your cybersecurity learning journey. This guide provides curated resources, learning pathways, and community connections to help you build on session insights and develop expertise in areas that interest you most.

Building on Session Foundations

Core Cybersecurity Concepts

Essential Knowledge Areas:
Based on common session topics, these foundational areas will enhance your understanding:

Threat Landscape and Attack Methods:

  • MITRE ATT&CK Framework: Comprehensive knowledge base of adversary tactics and techniques (Strom et al. 2018)
    • Website: attack.mitre.org
    • Start with: ATT&CK for Enterprise, basic tactics overview
    • Application: Maps to session Malmon behaviors and evolution patterns

Incident Response and Digital Forensics:

  • NIST Cybersecurity Framework: Industry-standard approach to cybersecurity management (Cichonski et al. 2012)
    • Resource: NIST Special Publication 800-61 (Computer Security Incident Handling Guide)
    • Application: Provides structure for the session’s discovery-investigation-response phases

Security Architecture and Controls:

  • Defense in Depth Principles: Layered security approach
    • Resources: SANS white papers on security architecture
    • Application: Explains the containment systems and type effectiveness concepts from sessions

Technical Skills Development

Hands-On Learning Opportunities:

Virtual Labs and Sandboxes:

  • CyberDefenders: Blue team challenges and incident response scenarios
  • TryHackMe: Beginner-friendly cybersecurity learning platform
  • VulnHub: Vulnerable machines for practicing security skills
  • Application: Practice techniques and tools encountered during sessions

Home Lab Setup:

  • Virtualization Platforms: VMware, VirtualBox, or Hyper-V
  • Security Tools: Open-source SIEM, network monitoring, malware analysis
  • Practice Networks: Set up realistic environments for hands-on learning
  • Application: Replicate session scenarios for deeper understanding

Programming and Scripting:

  • Python for Cybersecurity: Automation, analysis, and tool development
  • PowerShell for Windows Security: System administration and incident response
  • Bash/Linux Skills: Command-line proficiency for security tools
  • Application: Automate tasks discussed during sessions, build custom tools

Role-Specific Learning Paths

πŸ” Detective (Cyber Sleuth) Development

Digital Forensics and Incident Analysis:

Foundational Learning:

  • SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
  • Volatility Framework: Memory analysis for malware investigation
  • Autopsy and Sleuth Kit: Open-source digital forensics tools
  • Application: Develop expertise in evidence analysis and pattern recognition

Advanced Skills:

  • Malware Analysis: Reverse engineering and behavior analysis
  • Timeline Analysis: Reconstructing attack sequences and evidence correlation
  • Log Analysis: Advanced SIEM queries and correlation techniques
  • Application: Enhance detective skills demonstrated during sessions

Certifications to Consider:

  • GCIH: GIAC Certified Incident Handler
  • GCFA: GIAC Certified Forensic Analyst
  • CISSP: Certified Information Systems Security Professional

πŸ›‘οΈ Protector (Digital Guardian) Development

Security Engineering and Defense:

Foundational Learning:

  • Network Security: Firewalls, IDS/IPS, network segmentation
  • Endpoint Protection: EDR, antivirus, application control
  • Security Architecture: Defense in depth, zero trust principles
  • Application: Build expertise in protective measures discussed during sessions

Advanced Skills:

  • Security Automation: SOAR platforms, automated response systems
  • Threat Intelligence: Integration of threat feeds with defensive systems
  • Red Team Thinking: Understanding attacker methods to improve defenses
  • Application: Develop proactive defense capabilities

Certifications to Consider:

  • GSEC: GIAC Security Essentials
  • GCED: GIAC Certified Enterprise Defender
  • CISSP: Certified Information Systems Security Professional

πŸ“‘ Tracker (Data Whisperer) Development

Network Security and Data Analysis:

Foundational Learning:

  • Network Protocol Analysis: Wireshark, tcpdump, network forensics
  • Security Information and Event Management (SIEM): Splunk, ELK Stack, QRadar
  • Data Analytics: Statistical analysis, machine learning for security
  • Application: Enhance data flow analysis and pattern recognition skills

Advanced Skills:

  • Threat Hunting: Proactive threat detection and analysis
  • Network Behavior Analysis: Anomaly detection and traffic analysis
  • Big Data Security: Analytics platforms for large-scale security data
  • Application: Develop sophisticated tracking and analysis capabilities

Certifications to Consider:

  • GMON: GIAC Continuous Monitoring
  • GNFA: GIAC Network Forensic Analyst
  • Data Science Certifications: Python, R, machine learning for security

πŸ‘₯ Communicator (People Whisperer) Development

Security Governance and Risk Management:

Foundational Learning:

  • Risk Assessment and Management: Frameworks, methodologies, reporting
  • Compliance and Governance: Regulatory requirements, audit processes
  • Security Awareness and Training: Adult learning, behavior change
  • Application: Develop skills in stakeholder communication and risk translation

Advanced Skills:

  • Crisis Communication: Managing communications during security incidents
  • Executive Reporting: Translating technical risks into business language
  • Change Management: Implementing security culture improvements
  • Application: Build expertise in human factors and organizational security

Certifications to Consider:

  • CISA: Certified Information Systems Auditor
  • CISM: Certified Information Security Manager
  • CRISC: Certified in Risk and Information Systems Control

⚑ Crisis Manager (Chaos Wrangler) Development

Security Leadership and Coordination:

Foundational Learning:

  • Incident Command System (ICS): Emergency management frameworks
  • Business Continuity Planning: Disaster recovery, resilience planning
  • Project Management: Coordination, resource management, timeline planning
  • Application: Develop skills in complex incident coordination and leadership

Advanced Skills:

  • Executive Leadership: Board-level security communication and strategy
  • Multi-Agency Coordination: Working with law enforcement, partners, vendors
  • Strategic Planning: Long-term security program development
  • Application: Build capability for large-scale incident management

Certifications to Consider:

  • CISSP: Certified Information Systems Security Professional
  • CISM: Certified Information Security Manager
  • PMP: Project Management Professional

🎯 Threat Hunter (Pattern Seeker) Development

Advanced Threat Detection and Intelligence:

Foundational Learning:

  • Threat Intelligence: Sources, analysis, integration, sharing
  • Advanced Persistent Threat (APT) Analysis: Nation-state and advanced actors
  • Behavioral Analysis: User and entity behavior analytics (UEBA)
  • Application: Develop proactive threat discovery and analysis skills

Advanced Skills:

  • Adversary Emulation: Red team techniques for blue team improvement
  • Threat Modeling: Systematic analysis of potential attack paths
  • Intelligence Analysis: Structured analytic techniques for cybersecurity
  • Application: Build sophisticated threat hunting and intelligence capabilities

Certifications to Consider:

  • GCTI: GIAC Cyber Threat Intelligence
  • GREM: GIAC Reverse Engineering Malware
  • Certified Threat Intelligence Analyst (CTIA)

Industry-Specific Learning

Healthcare Cybersecurity

Specialized Knowledge Areas:

  • HIPAA Compliance: Privacy, security, breach notification requirements
  • Medical Device Security: FDA regulations, device management, patient safety
  • Clinical Workflow Integration: Balancing security with patient care
  • Resources: Healthcare Information and Management Systems Society (HIMSS)

Financial Services Security

Specialized Knowledge Areas:

  • PCI DSS Compliance: Payment card industry security standards
  • Financial Regulations: SOX, GLBA, banking-specific requirements
  • Fraud Detection: Transaction monitoring, behavioral analytics
  • Resources: Financial Services Information Sharing and Analysis Center (FS-ISAC)

Industrial/OT Security

Specialized Knowledge Areas:

  • Industrial Control Systems (ICS): SCADA, PLCs, manufacturing systems
  • Operational Technology (OT): Air-gapped networks, legacy systems
  • Safety and Security Integration: Balancing cybersecurity with operational safety
  • Resources: Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)

Cloud Security

Specialized Knowledge Areas:

  • Cloud Architecture: AWS, Azure, GCP security models
  • Container Security: Docker, Kubernetes, microservices security
  • DevSecOps: Integrating security into development and deployment
  • Resources: Cloud Security Alliance (CSA)

Professional Development Resources

Building cybersecurity expertise requires alignment with established workforce development frameworks (Newhouse et al. 2017).

Formal Education Options

University Programs:

  • Graduate Degrees: Master’s in Cybersecurity, Information Assurance
  • Certificate Programs: Professional cybersecurity certificates
  • Online Programs: Flexible options for working professionals
  • Application: Structured learning path for career advancement

Professional Training:

  • SANS Institute: Hands-on cybersecurity training and certification
  • EC-Council: Ethical hacking and cybersecurity certifications
  • ISC2: Professional certification and continuing education
  • Application: Specialized skills development in specific areas

Self-Directed Learning

Online Learning Platforms:

  • Coursera: University-level cybersecurity courses
  • Udemy: Practical skills and tool-specific training
  • Pluralsight: Technology-focused learning paths
  • LinkedIn Learning: Professional skills and certification prep

Books and Publications:

  • Technical Books: In-depth coverage of specific topics
  • Industry Publications: Current trends and threat intelligence
  • Research Papers: Academic and industry research findings
  • Application: Deep dive into areas of interest from sessions

Conferences and Events:

  • DEF CON: Hacker conference with diverse tracks
  • BSides: Local security conferences in many cities
  • SANS conferences: Training and networking events
  • Industry-specific events: Tailored to specific sectors or roles

Community and Networking

Professional Organizations

General Cybersecurity:

  • ISC2: Global cybersecurity professional organization
  • ISACA: Information systems audit, control, and security
  • SANS Community: Training alumni and professional network
  • CompTIA: Computing technology industry association

Specialized Communities:

  • Women in Cybersecurity (WiCyS): Supporting women in the field
  • OWASP: Open Web Application Security Project
  • InfraGard: Private sector and law enforcement partnership
  • Industry-specific ISACs: Information sharing and analysis centers

Local Communities

Meetups and User Groups:

  • 2600 Meetings: Hacker/security enthusiast gatherings
  • OWASP Local Chapters: Application security focused groups
  • Security BSides: One-day security conferences
  • Professional meetups: ISACA, ISC2, and other organization chapters

Volunteering Opportunities:

  • Conference organization: Help with local security events
  • Educational outreach: Teach cybersecurity to students or community groups
  • Mentorship programs: Support newcomers to the field
  • Application: Give back while building professional network

Online Communities

Forums and Discussion Platforms:

  • Reddit: r/cybersecurity, r/netsec, specialized subreddits
  • Discord/Slack: Real-time chat communities
  • Professional LinkedIn groups: Industry-specific networking
  • Stack Overflow: Technical Q&A for cybersecurity tools and techniques

Social Media:

  • Twitter: Cybersecurity professionals, researchers, and news
  • LinkedIn: Professional networking and industry updates
  • YouTube: Technical tutorials and conference presentations
  • Application: Stay current with trends and connect with experts

Learning Management and Goal Setting

Personal Learning Plan Template

Assessment Phase:

  • Current skills and knowledge inventory
  • Career goals and aspirations
  • Time and resource availability
  • Learning style preferences

Goal Setting:

  • Specific learning objectives
  • Timeline and milestones
  • Resource allocation
  • Success metrics

Implementation:

  • Daily/weekly learning habits
  • Practice and application opportunities
  • Community engagement plan
  • Progress tracking methods

Continuous Learning Habits

Daily Practices:

  • Read cybersecurity news and threat intelligence
  • Practice technical skills in lab environments
  • Engage with professional communities
  • Reflect on and document learning

Weekly Practices:

  • Attend webinars, meetups, or online courses
  • Work on hands-on projects or challenges
  • Network with other professionals
  • Review and adjust learning goals

Monthly Practices:

  • Assess progress toward learning goals
  • Attend conferences or major training events
  • Contribute to community through teaching or writing
  • Plan next month’s learning priorities

Staying Current with Evolving Threats

Threat Intelligence Sources

Free Resources:

  • MITRE ATT&CK: Continuously updated threat knowledge base
  • CISA Alerts: US government cybersecurity alerts and advisories
  • Vendor Threat Reports: Annual reports from major security companies
  • Open Source Intelligence: Public threat intelligence feeds

Commercial Resources:

  • Threat Intelligence Platforms: Recorded Future, ThreatConnect, others
  • Research Organizations: Security research and analysis firms
  • Industry Reports: Specialized threat intelligence for specific sectors

Emerging Technology Learning

Artificial Intelligence and Machine Learning: - Understanding AI/ML applications in cybersecurity - Learning about AI-driven attacks and defenses - Practical experience with security analytics tools

Internet of Things (IoT) Security: - Device security and management - Network segmentation for IoT environments - Privacy and data protection considerations

Quantum Computing and Cryptography: - Post-quantum cryptography preparation - Understanding quantum threats to current encryption - Planning for cryptographic transitions

Building Your Cybersecurity Brand

Professional Portfolio Development

Documentation and Showcasing:

  • Project portfolios demonstrating applied skills
  • Certifications and continuing education
  • Community contributions and volunteer work
  • Speaking engagements and publications

Online Presence:

  • Professional LinkedIn profile highlighting cybersecurity expertise
  • Personal website or blog sharing insights and experiences
  • Contributions to open source projects or community resources
  • Thought leadership through writing and speaking

Career Advancement Strategy

Networking and Relationship Building:

  • Maintain connections from Malware & Monsters sessions
  • Build relationships with mentors and industry leaders
  • Participate actively in professional organizations
  • Seek opportunities to mentor others

Skill Development and Specialization:

  • Develop deep expertise in chosen specialization areas
  • Stay current with evolving threats and technologies
  • Build reputation for specific capabilities or knowledge
  • Demonstrate continuous learning and adaptation

Leadership and Community Impact:

  • Take on leadership roles in professional organizations
  • Contribute to industry standards and best practices
  • Advocate for inclusive and collaborative approaches
  • Help others develop cybersecurity expertise
The Learning Journey Never Ends

Cybersecurity is a field that requires continuous learning and adaptation. The collaborative skills, curiosity, and growth mindset you develop through Malware & Monsters sessions will serve you throughout your career as you navigate evolving threats, emerging technologies, and changing organizational needs. Embrace the journey of lifelong learning and help others do the same.

Remember: The goal isn’t to learn everything about cybersecurity - it’s to develop the skills, relationships, and habits that will help you continue growing throughout your career. Use these resources strategically based on your interests, goals, and opportunities, and always remember that the best learning happens when you’re helping others learn too.

References

Cichonski, Paul, Tom Millar, Tim Grance, and Karen Scarfone. 2012. Computer Security Incident Handling Guide. Gaithersburg, MD: NIST Special Publication 800-61 Rev. 2.
Newhouse, William, Stephanie Keith, Benjamin Scribner, and Greg Witte. 2017. β€œNational Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.” NIST Special Publication 800: 181.
Strom, Blake E, Andy Applebaum, Doug P Miller, Kathryn C Nickels, Adam G Pennington, and Cody B Thomas. 2018. β€œMITRE ATT&CK: Design and Philosophy.” The MITRE Corporation. https://attack.mitre.org.