My go-to solution for keeping up with CPE requirements is online webinars and podcasts. You can knock out an hour or two (1 to 2 cPE) a week for free from online sources such as SANS, CSIAC, SEI-CERT, US-CERT, Verizon, FIreEye, and many others.
One highly valuable source you may not have considered is C-SPAN.org. They are primarily known for broadcasting sessions of the U.S. Congress, British Parliament, and Canadian Parliament.
You may not know that C-SPAN also has several great lines of videos with rich, very current cybersecurity information: committee hearings and book author discussions. Search C-SPAN.org for cybersecurity to find thousands of hours of videos including Congressional committee and sub-committee hearings on cybersecurity, cybersecurity authors discussing their books, and even cybersecurity panel discussions by industry and government experts at major think tanks. For author interviews and talks specifically, check the C-SPAN service BookTV.
I just picked up 1.5 CPE by watching testimony before a House Homeland Security subcommittee on cybersecurity in the aviation area. Witnesses included the CISO of Tampa airport, a FireEye VP on threat intelligence, and the head of the aviation line information sharing committee. Great information an ddiscussion.
I think Varonis did a nice job putting together a list of free online resources to use for CPE's
Thank you. Yes, that is an excellent list. Not all-encompassing (e.g. no SANS, Cisco, Verizon, or FireEye) but definitely highly useful.
And, once more, I note that whining about CPEs because an employer will not send someone to a major conference or training program is a non-starter. Use all these free resources for one CPE per week to exceed the 120 / cycle need, and treat conferences and courses as gravy.
I can attest to your last statement. Because my current management only allows me to take free conferences paid on my dime (travel) or other resources, the free information out there has definetly help fullfill my CPE's per the requirements. In the end, I do NOT want to re-test for any of my (ISC)2 certs if I can keep current with the CPE's.