Professional Development

Are you interested in professional development?

As a cybersecurity professional you get the opportunity to work in a constantly evolving environment, dealing with technologies and systems that go on to serve millions and millions of users. This ever changing threat landscape that security professionals work in requires them to have a broad skill set and continually improve their abilities.

On this page we outline some tips to help you continue your professional development and become an asset to your cybersecurity team. 

Jump start your security career

The Jump start your security career page provides information for individuals who have ever been interested in a security career. It provides tools and resources to learn more about the field and also where to acquire the knowledge to become an asset for any security organization.

Communications for security professionals 

The Communications for security professionals page provides a short video and informational series on the 6 key areas of communication. If you have ever been interested in improving your communication or soft skills this page will assist. 

Take Information Security Online Course

Take this course on information security and awareness to learn how to protect the information around you.

Other information security courses

This course covers what threat modelling is, and when one could use threat modelling in completing a Security Threat and Risk Assessment (STRA).  It also explains the difference between this and other STRA approaches. This course is particularly useful to technology service delivery units and security professionals and anyone who completes STRAs. Click here to view the course content.

This course covers what patch management is, why it is required, OCIO patch standard, benefits, and responsibilities. The course addresses priorities and lifecycle and talks about patch management software. Best practices are also discussed. This course is particularly useful to technology service delivery units and security professionals, and has applicability to all staff in the BC Public Service.           

 

Patch Management Course Introduction

Click here to view the course content, or if you are an employee of the BC Public Service and want to receive credit please start the course through the My learning system.Lock icon

What is Security Risk?

In this training video we cover basic concepts around what a security risk is.

What is a security risk?

Risk Assessment: Evaluating and Managing Risks - Are you feeling risky? 

Learn about risk assessment and see some real world examples in this informative talk from the Nov 2021 Security Day.

Presentation Slides

Risk Assessment: Evaluating and Managing Risks

Executive Overview

In this quick 15-minute training video we provide an executive overview of how the Province of British Columbia approaches Information Security Risk Management.

Executive Overview

Tutorial

In this detailed tutorial video, you will learn how the Province of British Columbia approaches Information Security Risk Management. You will learn about Security Threat and Risk Assessments and risk registers.

Tutorial

Understanding and completing the SOAR course

This training video covers the Province of British Columbia’s recommended reference process for conducting Security Threat and Risk Assessments (STRA). Once you have watched this you will better understand the steps required to complete an STRA from beginning to end.

Understanding and completing the SOAR course

Understanding the reference STRA process

A SOAR is the final artifact produced for a Security Threat and Risk Assessment. This training video will help you understand, in detail, how to complete a Statement of Acceptable Risks (SOAR). 

Understanding the reference STRA process

Corporate SOAR vs Corporate Systems

This short video will educate you on the differences between a Corporate SOAR and a Corporate System.

Corporate SOAR vs Corporate Systems

Tales from the Crypto: Part I - Introduction

Intro to Cryptology

Introduction - "A witch’s brew of ciphers"

Tales from the Crypto: Part II - PKI Concepts

PKI Concepts

Public Key Concepts - "Unlock the door to horror"

Tales from the Crypto: Part III - PKI Encryption

Public Key Encryption

Public Key Encryption – “Who has who locked in what cage” - Ray Bradbury

Tales from the Crypto: Part IV -  PKI Hash & Signing

PKI Hash & Signing

Public Key Hashing and Signing – "Math in a blender"

Tales from the Crypto: Part V -  PKI Certificate Authorities

PKI Certificate Authorities

Public Key Infrastructure – "Collector of souls (mainly their keys)"

Tales from the Crypto: Part VI - PKI Review

PKI Review

Public Key Concept Review – "You will survive"

 

The Ministry Information Security Officer (MISO) Guidebook

This guide is geared towards exploring in depth the key roles and responsibilities of the MISO. The guide contains information, tools and resources that will benefit MISOs in performing their role as well as organizations and individuals who intend to improve the security of their enterprise. 

What does professional development for a security professional look like?

The role of a cyber security professional requires a diverse set of skills, because of this there are many different professional training resources that can be utilized. CyberSecurity professionals looking to improve their skills may pursue training in a few key areas

  • A solid grounding in IT fundamentals (web applications, system administration)
  • Coding skills (C, C++, Java, Python,html, and more)
  • Understanding architecture, administration and operating systems
  • Technical Certifications (CISSP, CISM, CISA, and more)
  • Soft Skills (oral, written communication, leadership, negotiation)