Cyber Training

There are lots of routes into a Cyber career and it is important you do lots of your own research to find out the route that is suitable for you – and in particular suitable for your style of learning. Not everybody is suited to a degree and many people like the more vocational style of an apprenticeship. Degree apprenticeships combine both worlds.

It is important to understand that in the world of Cyber careers development never stops. A degree or apprenticeship is only the first step and there are plenty of industry qualifications related to each role – such as CEH or OSCP for a Penetration Tester or Ethical Hacker; CISSP for a senior leader.

  • Degree
  • Gives the learner a very in depth understanding of the subject, the technology and how and why things happen
  • As well as the general Computer Science there are lots of specialist degrees are available focusing on specific career paths, such as Cyber Security
  • The National Cyber Security Centre has certified a number of degrees – NCSC Certified Degrees

  • Apprenticeship or Degree Apprenticeship
  • An apprenticeship combines both hands-on work for an employer with a partnered educational input to work towards an industry recognised qualification
  • May suit those who learn by doing
  • You get paid for the work you do
  • Starts building your employment CV


Industry Qualifications

The cyber security industry does not just rely on traditional qualifications and, indeed, even if you have a degree there is a need for ongoing continuous professional development. These are qualifications such as CISSP, CEH, etc… There are plenty of fast-track courses which can earn you these in a week or two. They’re not cheap, but you will quickly recoup the cost and be able to self-qualify for many careers.

Research what qualifications are used for the role you are interested in, and then explore online course offerings as well as residential fast track courses from big name providers.


Self-Development

There is lots of free online learning available for Cyber. It is important you validate the quality of the online platform for yourself by researching who the provider is and what they offer. Many do not charge until you want to sit an examination, when they may take a referral or examination fee. SEROCU can only endorse those provided by or on behalf of UK Government or Law Enforcement – others are mentioned for information only.


Challenge

  • Digital Cyber Academy
  • Available free to academic email addresses – .ac.uk or .edu
  • Available free to Military Veterans
  • Available free to those with a Neurodiverse condition
  • A set of 400+ browser based learning labs including challenges. Learn for yourself how to complete the lab, with some guidance.
  • New labs regularly released
  • Includes a job portal where the only application requirement is to complete labs chosen by the employer.
  • Free taster available
  • https://www.digitalcyberacademy.com/
  • Hack the Box
  • Online platform to test and advance penetration testing and cyber security skills…
  • You will need some skills to get past the invite challenge and get to the main event!
  • Hacking with permission (aka ‘White Hat’) to see how good you are
  • https://www.hackthebox.eu/
  • Cyber Security Challenge UK
  • Online competitions designed to test your cyber security skills. Free to participate, any age. Progress well and you might be invited to participate in the live finals where sponsor companies often cherry-pick contestants for jobs.
  • https://www.cybersecuritychallenge.org.uk/

Learning

  • FutureLearn
  • Free online learning courses provided by academic providers worldwide – managed by the Open University. Introduction to Cyber Security gives a good foundation knowledge.
  • https://www.futurelearn.com/
  • EdX
  • Free online learning courses provided by academic providers worldwide.
  • CS50 is a good introductory computer science course,
  • CYB001X a good cyber security introduction.
  • https://www.edx.org/
  • Cybrary
  • An open source cyber security and IT learning platform. Free courses which may prepare you for industry exams should you choose.
  • Paid for by adverts and referral fees when people sign up for exam tracks, or subscription packages
  • App available
  • https://www.cybrary.it/

Teaching Resources

  • Cyber Choices Lesson Plan
  • KS3 Year 7 and 8 lesson plan created by us
  • Teaches the Computer Misuse Act
  • Highlights Cyber Security as a career
  • Cyber Choices Lesson Plan
  • National Centre for Computer Education
  • Helping you to teach computing.
  • Government funded FREE online and face to face CPD for teachers of computing.
  • Bursaries may be available to release you from school to learn.
  • Includes teaching resources
  • https://teachcomputing.org/
  • PicoCTF
  • Cyber Security game targeted at Secondary School ages
  • Gamified problem solving / hacking
  • Teacher can create a classroom for their students
  • Can be played all year round
  • https://picoctf.com/
  • Digital Cyber Academy
  • Available free to academic email addresses – .ac.uk or .edu
  • A set of 400+ browser based learning labs including challenges.
  • New labs regularly released
  • Points based competition leaderboard
  • https://www.digitalcyberacademy.com/
  • STEM Learning
  • The STEM network offer lots of free teaching plans
  • Includes a lesson plan centred on the Computer Misuse Act
  • https://www.stem.org.uk/
  • Computing At School (CAS)
  • A national initiative to help teachers provide excellent teaching around computing.
  • Your regional hub can connect you with experts and provide CPD to enhance your skills.
  • https://www.computingatschool.org.uk/

Real World Activities


To Bug Bounty or Not…

Bug Bounty-ing is a controversial topic. It is the process of looking for and finding vulnerabilities in public facing systems, then disclosing the vulnerability to the organisation in the hope that they will pay a reward – the ‘bounty’. There are lots of issues around it, not least that if you do not have permission and you are not experienced and working to a framework it is easy to transgress beyond the acceptable into offending against the Computer Misuse Act (or other national legislation depending on where the servers are located). The activity has not been helped by ‘grey hat’ hackers who will behave ethically all the time they are receiving what they perceive as an acceptable reward, but will exploit or sell the vulnerability if not satisfied. This puts the data of real people at risk and is not just ‘punishing’ the company with the vulnerability.

There are a number of industry led schemes to try and encourage ethical disclosure in an organised and effective manner. Many companies offer open bug bounty programmes with a structure and an explanation of the permissions being given under the scheme. There are lessons available to those starting out.

Properly performed Bug Bounty can help to build a CV and demonstrate your ethical compass as well as skills.

  • hackerone
  • A global platform which can link White Hat hackers with organisations to perform ethical disclosure
  • Also manages the disclosure schemes for a number of companies
  • Brokered $21 million in bounties in 2018 – double 2017
  • Seven ethical hackers have reached the $million bounty mark
  • Handles UK Government disclosure via NCSC
  • https://www.hackerone.com/

What Next?

You will need to develop your own plan for where you want to go. Industry are looking for skills and abilities as well as qualifications and will often pay for you to gain many specialist qualifications once employed so you don’t need every qualification going before you get a job.

What they are interested in is those who have actively developed themselves… think about engagement at trade shows and online with companies in this field, explore how to get a paper about your work published and get noticed. Volunteering is never a bad thing – think about helping the next generation through Code Clubs and CoderDojos.

Once you are employed in the industry and have some experience, the UK Police community is always looking for talent to help out. Think about joining as a:

Cyber Specials Cyber Volunteers Logo

Are you still worried about activity online?

If you are still worried about what you or a loved one are doing online and you haven’t found what you need to know in these pages then please get in touch with the Cyber Prevent team.

We cannot be individual careers advisors but we can advise where the law stands and perhaps give some tips for the future.