Many Varonis employees have obtained (ISC)2 certifications. Heck, our VP of Marketing is a CISSP. So it’s no surprise that we’re all keenly interested in keeping our certifications up, which means earning Continual Professional Education credits.
The list below focuses on Group A CPE requirements. Group A requirements are on topics closely associated with IT and Infosec topics. Group B activities are professional, but not in the security domain (ex: Business classes).
Before getting started you should review the official CPE Guidelines for your specific certification.
A consistent CPE plan makes the process much easier and our suggestion is to try and earn one CPE per week. This approach is helpful as:
Podcasts fall under the “self-study” category of CPE requirements. One hour of study (listening to the podcast) is considered one CPE. We’d recommend keeping a document recording when you listened to each podcast episode, it’s length and potentially even a short (approx 25 word) summary. Like any form of media, the actual content of a podcast can vary from lightly entertaining to incredibly educational and sometimes both at the same time.
Our general recommendation is to take your continuing education seriously and seek out the podcasts that you find are best at expanding your knowledge.
The Inside Out Security Show
Discussion of the security topics of the day and how they fit into the larger IT ecosystem.
Brakeing Down Security
Talking about security, privacy, legal, and compliance topics
Data Driven Security
Discovery and decision making through data in information security.
A cyber security podcast covering breaches and strategies for defense.
Developing Security Awareness
Security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.
Down the Security Rabbithole
A business perspective on the often insane world of information security.
Everything from network security, open source and forensics, to DIY modding and the homebrew scene.
Information Security from the group up
Highlights from the Open Web Application Security Project community.
Risk Science Podcast
Experiments in Risk Science.
Experiments in Risk Science
The Business take on InfoSec.
Latest information security news, research, hacker techniques, vulnerabilities, and technical how-tos
Southern Fried Security
An information security podcast that fills the gap between technical security podcasts and Security Now.
A security podcast for truth-seekers, mavericks and square pegs
Information on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.
Covers important issues of personal computer security
SANS Internet Storm Center Daily
A brief daily summary of what is important in cyber security.
Take 1 Security
Infosec news and analysis in just a few minutes, all in one take.
Keep up with interesting things we run into in the security industry – interview some awesome guests – and have fun with everything.
Virtualization Security Round Table
Discuss all things related to Virtualization, Virtual Environment, and Cloud Computing Security.
Seminars from one of the world’s leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure.
Context Aware, Policy based approaches to Security
Focus on approaches to securing systems using approaches that have declarative policies that factor in dynamically evolving context
Resilient, privacy-preserving, revocable and user-centric authentication
Seminar on a new biometric authentication method – Biometric Capsule.
Robust Secure Computation
“Can secure computation be based on imperfect building blocks?”
Big Data Security and Privacy
An approach to performing computation tasks atop encrypted data.
A Secure Communication Protocol for Drones and Smart Objects
Proposal for a new secure communication protocl to enable secure communications for IOT and Drones in a resource constrained environment.
Applying Formal Verification Techniques for Checking Compliance of Computer Systems and Protocols
Demonstrative examples of using formal verification techniques for compliance checking in a variety of settings.
Virtual Android Malware Detection and Analysis (VAMDA)
Seminar of a new platform for analysis of mobile threats.
Practical Confidentiality Preserving Big Data Analysis in Untrusted Clouds
Discussion of Cryptsis, a system that allows execution of MapReduce-style data analysis jobs directly on encrypted data.
Presentations from the Carnegie Mellon University Computer Emergency Response Team.
Building Security In Maturity Model (BSIMM) – Practices from Seventy Eight Organizations
Structuring the Chief Information Security Officer Organization
How Cyber Insurance Is Driving Risk and Technology Management
How the University of Pittsburgh Is Using the NIST Cybersecurity Framework
Capturing the Expertise of Cybersecurity Incident Handlers
After reading a whitepaper, write a 25 word summary of the paper and upload it with the author details to the ISC2 website.
Ponemon Institute Study
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Enterprise Search Report
Detecting Data Breaches in Real Time
User Behavior Analytics
Learn how to closely track user behavior and monitor how they are accessing unstructured file system data.
Online videos fulfill “self-study” requirements for earning CPEs.
6 Tactics for Preventing Insider Threats
Protecting against insider threats, whether malicious or accidental, is extremely difficult, especially when 71% of employees say that have access to information they aren’t supposed to see.
TechTalk: How to Detect and Clean Cryptolocker Infections
Learn what CryptoLocker does on your network and steps to limit the impact.
Self paced training courses count 1 to 1 hours to earned CPE.
Web Security Fundamentals
If you’re in any way responsible with information systems that touch the web, this course will give you an in-depth look at the top 5 risks you should be aware of and how to combat them.
Comprehensive Security Training for Developers