focus notes
How to study information security?
table of contents
In 2020, in Japan,There will be a shortage of 200,000 security engineers.It is said that. Some people aim to become security engineers as a personal career, while more and more people are required to study security at the request of their workplaces. In this article,What are the ways to study security?I tried to summarize it.
Learn through qualification acquisition
The content that you should learn regarding information security is divided into a wide variety depending on your purpose, and even if you choose to focus on the content, it is not easy to set the scope of study by yourself.The goal is to obtain qualifications..
There are many qualifications, each of which has a role and allows you to acquire the knowledge necessary for that role, so by aiming to obtain the qualification,How much did you understand and what did you study?, can be used as a guide. Below we have summarized the qualifications for your reference.
Typical information security qualifications
Here, we will introduce typical information security qualifications."Information Security Management Exam" for managers and "Information Processing Security Support Specialist" for engineersIntroducing the qualifications of
Information security management exam
The "Information Security Management Examination" is a national exam that started in 2016 and is operated by the Information-technology Promotion Agency (IPA), an independent administrative agency.
This is a test that measures knowledge and skills regarding information security, but it is not aimed at engineers.It is a management exam, so the technical difficulty is not high..
Information processing security support specialist
"Information Processing Security Support Specialist" is a national qualification related to information security that began in 2017.
Before becoming an information processing security support specialist, there was a national qualification called an information security specialist. Compared to the information security management exam, a certain amount of technical knowledge is also required.This exam is for those aiming to become security engineers or system administrators..
If you want to study a more technical information security qualification
In addition, for those who would like to obtain more technical qualifications related to information security according to their job type, the following qualifications are also available.
Vendor qualification
Vendor qualifications are qualifications provided by each security product vendor. Generally, qualifications range from introductory basic level to highly specialized level, so if you study for the vendor exam, you will be able to acquire a certain technical level. Vendor qualifications provided by Cisco SystemsCisco Technician Certificationetc. are representative.
(ISC)² Certification
If you are aiming to become a professional security engineer, you should obtain the (ISC)² (International Information Systems Security Certification Consortium) certification.CISSP, SSCP, CCSP, CSSLPIt may be a good idea to study for such qualifications.
CompTIA Security+
It is a security qualification that is highly recognized and trusted around the world. About network security, vulnerabilities, applications, encryption, etc.Proof that you have acquired a certain level of knowledge, technology, and application skills as an engineer.It will be.
Network Information Security Manager (NISM)
This is a security qualification managed by Japan's Network Information Security Manager Promotion Council.The purpose is to develop information security experts.This is a qualification that allows you to acquire advanced technology that can respond to cyber attacks and security threats.
You can obtain a qualification by taking a 2-3 day course and then passing a certification exam.Qualifications for engineers who want to improve their skills and advance their careersis.
Other purpose-specific qualifications
If you are looking to understand the management of the Personal Information Protection Act, the Privacy Mark System, ISMS, etc., or to audit information security, please refer to the qualifications below.
- Personal information protection certification exam
- Information security manager
- Information security auditor certification seminar
- Certified Information Security Manager (CISM)
Use security training services
Some companies also offer training on information security. If your company wants to improve the security skills and knowledge of its employees, you may want to try using it. recently,Provide online video coursesIt seems that some companies do.
Also,Learning platform “udemy”You can find courses on information security at .
study without spending money
Even if you want to study without spending money or don't have the time to take the exam, it is of course possible to study security. You can study without spending too much money using the methods below.
Weblearn at
A lot of information is already posted on the website, so you can learn enough about information security. For example, the following content can also be found on the Internet:
- IPA Secure Programming Course
- Web Application Firewall (WAF) Reader
- How to create a secure website
- Linux Security Standard Textbook (Ver1.0.0)
- AWS cloud service usage materials collection
Participate in a study session
Also, these days, it is not uncommon for people to actually get together to hold study sessions and seminars on security. Some of them are free to participate, so why not give them a try if you have time?
There are also sites like the one below that summarize study session schedules and content, so we recommend searching for a study session that suits your goals.
lastly
When studying information security, the study method you should choose will vary depending on various factors, such as whether you want to learn technology or knowledge, whether your workplace will support you, and whether you can afford it. maybe.
Some studies are aimed at obtaining qualifications, while others are aimed at honing skills. Some people may learn by receiving a learning service, while others may need to learn on their own.Try different methods and find the one that suits you..
[Reference site]
・Information Security Management Exam │ IPA
・What is the national qualification “Information Processing Security Support Specialist (Registered Sequispe)” │ IPA
-
Use email and websites safely! Introducing malware infection countermeasures
-
What is a cyber attack? Explaining the types and examples
-
How many cyber attacks occur in Japan and what are their purposes?
-
What is unauthorized access? Explanation of damage details, causes, and countermeasures
-
Cyber attacks are increasing rapidly in Japan! Consider the reason
-
Invisible cyber attack! Introducing its visualization and countermeasures
Achievements left behind
48 years since its establishment.
We have a proven track record because we have focused on what is important.
It has a long track record in both the public and private sectors.
Number of projects per year
500 PJ
Annual number of business partners/customers
200 companies
Maximum number of trading years
47 years
Total number of qualified persons
1,870 people