this post was submitted on 27 Apr 2026
37 points (74.0% liked)
Technology
84146 readers
3363 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Honestly one of the most interesting parts to me as I enjoy the concept but it can be tricky to filter out bad information from good. Do you have any recommended readings on the subject, any books or info you would consider to be biblical in their importance or fundamental?
Just start with the free CC cert from ISC2. It's basically just an introduction to Infosec theories and terminology.
From there you have to decide if you want to work in analytics or GRC (governance, risk, compliance). First is more tech oriented and second is more policy and documentation, although many roles combine the two.
If you want to go the tech route, get your A+, Network+ and Security+ from CompTIA, then you can pick one of many fields like networking security, systems security, and dev security.
For the GRC route, if you're in the US the NIST 800-53r5 publication is a great place to start, although it can be difficult to translate their vague wording into what work needs to be done.