Learn more about CSX

Cybersecurity Awareness Center

Welcome to the CSX Resource Center — Free Cybersecurity Resources and Tools

Cyber attacks are increasing in sophistication and frequency, yet the shortage of skilled technical professionals has continued to grow exponentially. ISACA's Cybersecurity Nexus™ (CSX) was created to help fortify the industry through practical, hands-on training and certification focused on real-world abilities. Our goal is to build a stronger, more informed workforce that can keep organizations and their information secure—now, and in the future.

To help you and your business stay secure, we have put together a number of helpful, free resources and tools.

View Cybersecurity Blog Posts in the CSX Newsroom >>

Cybersecurity Career Resources

A Risk-Aware Path to Cybersecurity Resilience and Maturity
Employing a New Cyber Mindset

Cybersecurity is typically approached, analyzed and managed from a functional point of view. Enterprises typically spend considerable time and resources analyzing their security programs—and by extension the countermeasures comprising them—through the lens of scope and function. But measuring coverage and utility is not enough anymore as cybersecurity is not about a series of tasks.

As demonstrated in this FREE ISACA-CMMI white paper, A Risk-Aware Path to Cybersecurity Resilience and Maturity, cybersecurity professionals must consider business strategy planning and performance capability. Analyzing the capability of cybersecurity within an enterprise means systematically and holistically analyzing the operational efficiency of actions taken, resiliency of the people/processes/technology in use, maturity of practices, gap analyses, and total cost of ownership, and more, together with effectiveness, and doing it comprehensively and consistently across the axis of risk.

This joint white paper from ISACA and CMMI outlines a path forward using a new mindset and new tools to assess cyber capability and create a new culture of cybersecurity. Recognize, prioritize and resolve capability gaps in your enterprise to improve cyber resilience and maturity—download your free copy today!

The Disclosure Debate Heats Up Again

There are some debates that just never go away: Coke vs. Pepsi, regular vs. extra crispy and, in the security world, full disclosure (or even the somewhat more restrictive responsible disclosure model) vs. limited disclosure. While there has always been a robust debate around how much to disclose about vulnerabilities (not to mention when and to whom), recent events have pushed the debate back to the forefront. It's a thorny issue, and one where the risk dynamics are not always clear.

To help gain perspective about both sides, we’ve asked 2 experts—each on opposite ends of the disclosure spectrum—to share their opinions about the issue. They are both passionate about their points of view and have decades of experience. It’s our hope that, by sharing both points of view, practitioners can both understand their own position better, think through the position of the other side and, ultimately, end up with a more nuanced understanding of the issue.

2018 State of Cybersecurity

Learn More

2018 State of Cybersecurity, Infographic

Learn More
Getting Started With Risk Management

NEW! Getting Started With Risk Management

Learn More

Better Tech Governance Is Better for Business

Learn More

Managing Ransomware: Now it is a Board Issue

Learn More

Vulnerability assessment is an integral component of a good security program

Learn More

Cyber Security Infographic: Dealing With Cyber Threats Requires Teamwork and Coordination

Learn More

Governance Report: A Report with Key Findings of the 2017 ISACA Tech Governance Research

Learn More

THREATS & CONTROLS

Learn More

Get a free, personalized career assessment and plan with our Career Roadmap Tool!

Learn More

State of Cybersecurity Implications for 2017

Learn More


Organization Training

ISACA offers a variety of enterprise training options, enabling you to enhance the skills of your workforce at your workplace or at a convenient location of your choice. Learn more about our Cybersecurity Nexus™ (CSX) Training Platform.

Learn more

The Enterprise of OT and IT

Learn More

Do More WithLess: 5 Steps to Maximize Your Cybersecurity Workforce

Learn More

Get the latest industry news and trends – sign up for our free newsletter!

Learn More

2017 Cybersecurity Skills Gap

Learn More

The Cyberresilient Enterprise: What the Board of Directors Needs to Ask

Learn More

Self-Paced Training for Individuals from Cybersecurity Nexus™ (CSX)

Enhance Your Technical Skills and Career—Save 50%+ off CSX Virtual, Self-Paced Training

Train hands on whenever and wherever you want online using real-world scenarios in a live network environment. Build deep technical skills essential for the role of professional cybersecurity first responder. See just how fast your career can grow.

Sign up for one or more CSX Practitioner Virtual, Self-Paced Training courses by 30 November and save 50% off—up to a US $1,500 value!

Plus, buy two courses and receive the third for FREE!

Learn more

Cybersecurity Training for Organizations

Bridge the Global Cybersecurity Skills Gap with Real-World, Enterprise-Level Cybersecurity Training

Our CSX Training Platform is the first on-demand, real-world training program created for organizations like yours:

  • Seeking to overcome the global shortage of cyber-skilled professionals.
  • Working to build, update and certify the real technical cybersecurity skills and knowledge of personnel and maintain regulatory compliance.

The CSX Training Platform is the only continually updated, subscription-based program that combines:

  • PRACTICAL, HANDS-ON LAB TRAINING
    in a live, dynamic network environment with performance-based evaluation.
  • CONTINUALLY UPDATED CONTENT
    based on complex, real-world scenarios that are relevant to your business.
  • A STRUCTURED WAY TO ASSESS TECHNICAL SKILLS
    and abilities for current and prospective employees.

Contact ISACA Enterprise Solutions team to schedule a demo.

Learn more