Anytime you join a new IT industry, there’s always a learning curve. But many, if not most, would agree that the IT industry segment with the steepest learning curve is cybersecurity.

Terms and Acronyms

There are dozens of likely unfamiliar vocabulary terms and acronyms, such as (just scratching the surface):

• Vulnerabilities, patches, and exploits
• CVE & CVSS
• Threat signatures & indicators of compromise (IoCs)
• Two-factor & multi-factor authentication (2FA/MFA)
• BYOD, Shadow IT, IoT, OT
• Zero Day Vulnerabilities & Exploits
• Zero Trust
• Perimeter & DMZ

Threat Actors

There are five different types of threat actors you should understand, including:

• Cybercriminals / financially motivated threat actors
• Nation state threat actors
• Hacktivists
• Insider threats
• Hobbyists

Cyberthreats

There are dozens of types of cyberthreats in the wild, including:

• Viruses, worms & malware
• Trojans
• Phishing & spear-phishing attacks
• Drive-by downloads
• Watering-hole attacks
• Bots & botnets
• Distributed denial of service (DDoS) attacks
• Ransomware
• Web application attacks
• Zero-day attacks
• Advanced persistent threats (APTs)

Categories of Security Products and Services

Once you’ve been in the security industry for a while, you’re humbled to realize there are dozens and dozens of security product (and service) categories across the following high-level categories:

• Network security
• Endpoint security
• Datacenter security
• Virtualization and cloud security
• Security management and operations
• Identity and access management

IT Security Frameworks

There are IT security frameworks you should get to know, including:

• CIS Critical Security Controls (CSCs)
• NIST Special Publication (SP) 800-53
• ISO 27001
• COBIT

Industry Regulations

There are regulatory compliance standards your customers must meet, including:

• PCI DSS
• HIPAA
• FISMA
• NERC
• EU GDPR

And That's Not All...

There’s a bunch of “miscellaneous” stuff you need to know, including:

• Major and regional IT security trade shows and conferences
• Typical IT security job roles
• Common IT security professional certifications
• Popular IT security trade publications
• Strategies for targeting IT security buyers

Security Industry Bootcamp

Wouldn’t it be great if there was a one-day “crash course” on the IT security industry? And would it be great if it was a non-technical class intended for tech vendor marketing and sales personnel? Well, you’re in luck. There is! It’s called Security Industry Boot Camp. Taught by CyberEdge’s Founder & CEO, Steve Piper, this non-technical seminar affords students with a solid foundation for navigating the complex, ever-changing IT security industry. To learn more, visit https://securitybootcamp.net/ or email us at [email protected].

Pressed for time?

Check out Security Industry 101: A Crash Course for Cybersecurity Marketers—a one-hour, non-technical webinar also led by Steve Piper. It’s a fast, practical field guide to the entire security industry, created specifically for cybersecurity marketers.

The CyberEdge Advantage

You can’t market what you don’t understand. And in cybersecurity, the learning curve can be steep. Imagine if you had a content team that actually understood cybersecurity. Not just buzzwords, but the real challenges, the buyers, the market. With CyberEdge, you do. We connect you with industry-savvy pros who know the landscape, speak the language, and create content that hits the mark. Contact us today for a personalized consultation and bring instant expertise to your team.