Cybersecurity is such an enormous, rapidly changing field that it's hard to know where to start if you're new, looking to change fields or even just wanting to become more "cyber-literate."
- Job Aids
- Free downloads
- Working groups
Justice Clearinghouse Editors (JCH): Stacey, share a bit with us about the types of resources you’ve pulled together?
Stacey Wright: Chris, this is probably one of my favorite presentations to give because it includes a little bit of everything. Over the past decade, I’ve collected this list and the only thing everything on it has in common is that it’s all free!
I’ll be starting out talking about some of the national and federal resources and where you can call for assistance if something happens. Then I’ll point out some of the local groups you can join to learn more. From there I’ll go down the rabbit trail and try to include as much as possible about everything.
- Want to find training? I’ve got a couple resources included with training for everyone from executives to IT staff on everything from managing teams to writing code to study courses for certifications.
- Looking to hire for a new position? I’ve got a couple of resources that will help you write a job description, tailored to what you want the person to do, and help you figure out what certifications are appropriate and what pay scale.
- Worried about your agency’s cybersecurity? I’ve got a lot of resources listed that will help you secure your department, verify it’s done right, and keep it that way.
- Want to plan ahead for National Cyber Security Awareness Month (October) and educating your employees or working with your community? There are posters to download, brochures, newsletters, videos, and all kinds of things to help.
- Looking for more information about where to send victims after an incident has happened? I have several referrals for you.
- Or maybe you just want to make sure you stay in the know? I’ve got some newsletters and other services you can check out.
As I said, it’s a little bit of everything.
One of the hardest things to know
about cybersecurity is where to begin.
JCH: A lot of people get overwhelmed and intimidated by the technology. Do you need to be an IT geek or a coder to understand these resources?
Stacey: No. This list is geared toward everyone from executives and managers, to forensic specialists, IT geeks, and coders. The point of this presentation is to help you find what you need to succeed, not to explain the technology itself. If what you need is a technical resource, then you can get something highly technical. But if what you need is just enough to help you understand what questions to ask and where to point your co-workers or employees or anyone else who needs help, then I’ll do my best to make sure you know 2 or 3 good ways to make sure you get that knowledge. I hope the executives in the audience will take this as an opportunity to learn about resources that can help their people do their jobs better.
JCH: We hear a lot of talk about the increasing demand for cyber security people. Could these types of classes help people retool or shift career focuses?
Stacey: Absolutely! One of the hardest things to know about cybersecurity is where to begin. There’s a lot of information out there and a lot of different career paths. Fortunately, a couple of the resources I have included are designed to help you figure out what you want to do and what skills that takes. With that information, you can then go to the rest of the resources to make learning cyber part of your daily routine and, if this is the right path for you, take (free) courses in exactly what you want to do.
The point of this presentation is to help you
find what you need to succeed,
not to explain the technology itself.
JCH: What do you think the biggest misconception the average justice professional might have about cybersecurity or cyber threats?
Stacey: This one is always hard for me to answer and I’m not sure there is one answer. Obviously, there’s a misconception that cyber is hard to understand and too technical. I know a lot of folks will disagree with me when I say that’s a misconception, but I’m also a teacher and I firmly believe that with the right explanations anyone who wants to understand it, can. J
Barring that answer, I think there might be a misconception that cyber is one thing. It’s not, it’s many different things to many different people. Let me explain. Recently I was speaking with several law enforcement professionals who work cyber matters and as I listened to them talk, I realized the reason we didn’t agree was because we all worked different areas of cyber. We were all right, but we were having different conversations. I was thinking about the department’s cybersecurity and protecting this agency from the attacks I knew where coming, the officer was thinking about how this was going to affect his ability to catch the bad guy and do forensics, the Chief was thinking about how to deal with retraining the entire department and the legal quandaries, and the IT administrator was thinking about how this would change the network design. All of that was cyber, but it was all very different aspects to cyber.
Cyber isn’t just malware or hackers, it’s also flooding in the server room, BYOD policies, and your vehicle breaking. As someone recently asked, when was the last time anyone heard of a crime that didn’t involve something cyber-related – a laptop, smartphone, GPS, fitness tracker, social media account…? So rather than thinking about cyber as something unique, I suggest, why not think about it as just another aspect to everything you already do? It’s not a silo, but it is a part of everything. Thinking about as part of everything, rather than as something completely new, makes it a little less intimidating, I hope.
Click Here to Watch "What You Need to Know About CyberSecurity: Free Resources to Improve Your Understanding."