CIO’s security section is a repository of up-to-date industry articles on data breaches, hacks, attacks, new research and global developments.
Slideshows, blogs, news articles, white papers, interviews, opinion pieces – there is an incredible rich portfolio of security, risk and compliance resources available on CSO’s site.
Dark Reading covers top stories in information security & cyber security. Topics often include attacks, breaches, application security, mobile, IoT, and threats.
One of the largest newspapers in Britain, The Guardian offers the latest on information security & cyber security. Articles are usually targeted to humans from all industry verticals and business impact / business value.
Cybersecurity metrics are a big focus of this particular online publication. A number of topics that affect homeland security across all industry verticals and public life are covered.
A great online resource for the information security industry. The magazine contains news articles, white papers, and a list of upcoming events & conferences for the information security and cybersecurity industry.
SC Magazine (part of SC Media) supplies information security professionals with a wide range of business and technical information resources. You will discover news articles, product reviews, white papers, videos, interviews, opinion pieces and much more from this resource.
PC Magazine’s security section provides insights across a number of trending topics globally, including malware, mobile, threats, vulnerabilities and hacks.
Wired’s section on privacy, crime & security online contains insightful articles and resources. Many of the topics and stories covered focus from a national and international risk perspective.
By Josh More and Anthony Stieber. This practical guide to starting a cyber security career includes a “level-up” gaming framework for career progression, with a “Learn, Do, Teach” approach through three tiers of InfoSec jobs. You’ll also find examples of specific roles and career paths in each job tier so you can identify and max out skills for the role you want.
By Shon Harris. The go-to resource for CISSP exam prep. Constantly updated, the guide includes everything you will need to prepare – exam tips, practice questions, training module, in-depth explanations – and covers all 10 CISSP domains. Available in digital and print formats.
By Niels Ferguson, Bruce Schneier and Tadayoshi Kohno. A good foundational guide for those interested in practical cryptography. The authors cover many of the fundamentals – e.g. ciphers, message digests, key exchange, mathematics basics – and take a close look at the hardware, software and human issues involved in cryptography engineering. Advanced cryptographers will want to dig deeper.
By Bruce Schneier. Although it was first published in 2004, Schneier’s warnings are still relevant today. “Security is a process, not a product,” he reminds us, and people are invariably the weakest link. Do we have to sacrifice privacy for better security?
By Richard Clarke and Robert K. Knake. First published in 2010, Clarke and Knake’s book is a broadside against complacency in cyber defense. Clarke is the former National Coordinator for Security, Infrastructure Protection, and Counter-terrorism for the United States, and has much to say about cyber warfare, cyber terrorism and government policy.
By Kevin Poulsen. Kingpin is the “made for Hollywood” story of Max Butler, a misfit and hacker who ended up gaining access to more than 1.8 million credit card accounts. A former hacker himself (he served 5 years in prison), Poulsen provides insights & perspectives that truly only hackers would know.
By Glenn Greenwald, Greenwald is a columnist for The Guardian and was one of Snowden’s key contacts in the leaking of classified U.S. government secrets.
By Richard Bejtlich. A great technical primer with step-by-step instructions on how to deploy, build and run an NSM operation using open source software and vendor-neutral tools.
The U.S. Department of Defense awarded the University of Texas – Pan American $3.7 million to establish the Center of Excellence in STEM Education. The Center focuses on challenge-based instruction, and has excellent resources for students of all ages. For example, they hold a STEM summer camp, award scholarships, hold pre-college programs for young adults, and much more.
You’ll find a variety of helpful resources on Purdue’s Center for Education and Research in Information Assurance and Security website. These include an online collection of reports and papers, training products, an FTP archive and the Cassandra Vulnerability Tracking System.
CVE is a widely used dictionary of common identifiers for publicly known information security vulnerabilities and exposures. MITRE Corporation handles the system, with funding from the office of Cybersecurity and Communications at the U.S. Department of Homeland Security.
Created in response to the Li0n worm event in 2001, ISC is an all-volunteer effort dedicated to providing a free analysis and warning system to Internet users. To identify threats, every day ISC assembles millions of intrusion detection log entries from sensors covering over 500,000 IP addresses in over 50 countries.
On this webpage, you’ll find a list of academic institutions that have distinguished themselves in cyber security education. Look for this designation when you’re comparing schools.
OVAL is a community-developed language for determining vulnerability and configuration issues. Its goal is to standardize how to assess and report upon the machine state of computer systems throughout the world. Like CVE, OVAL is administered by the MITRE Corporation and funded by the office of Cybersecurity and Communications at the U.S. Department of Homeland Security.
Short for U.S. Computer Emergency Readiness Team, US-CERT is the 24/7 operational arm of the Department of Homeland Security’s NCCIC. It broadcasts vulnerability and threat information through the National Cyber Awareness System (NCAS), and operates a Vulnerability Notes Database.
The DHS’s section on cyber security includes the latest security testimonies from the House and Senate and a resource directory that includes statements and analytic reports.