You are currently viewing 9 books to learn more

9 books to learn more

Summer may be coming to an end, but technologists can still immerse themselves in reads on the beach that will help them self-educate or allow them to explore potential career moves, especially in terms of cybersecurity. .

Cybersecurity is an area of ​​technology that is both constantly changing and evolving, making ongoing training essential as attackers adjust their techniques and new vulnerabilities emerge. It is also a sector with abundant career potential, especially for professionals who keep up with the times and are interested in continuing education.

While there are plenty of cyber industry conferences to attend and certification courses to take, a good cybersecurity book (whether digital or print) helps technology and security professionals explore the changing cyber landscape, how new technologies are creating new opportunities, and why cybercriminals and nation-state actors are updating their techniques.

To help technologists choose from the thousands of cybersecurity titles available, Dice asked several experts and industry watchers what they read and how their summer reading lists were doing.

Where to start?

One of the biggest obstacles to creating an effective summer reading list is knowing where to start. For those who aren’t sure or like to browse a few dozen titles and authors before deciding on a starting point, Sounil Yu, CISO of security firm JupiterOne, suggests checking out the Cybersecurity Canon. This is a list of must-have books maintained and updated regularly since 2014.

What Yu likes about this list is how it covers a wide range of materials and is designed for security professionals as well as anyone interested in the subject.

“The Canon is a great resource for anyone looking to enter the field or level up,” Yu said. “It covers a wide range of categories, from fiction to non-fiction; technical to non-technical; and novice to experienced, all indexed to make it easy to find the right book for where you are today.

For those looking to explore a career in cybersecurity or for those looking for a promotion in the field, Jasmine Henry, Director of Field Security at JupiterOne (and colleague of Yu), recommends the Cybersecurity Career Guide by Alyssa Miller.

“This book is a great resource for individuals at all career levels, especially those looking to break into cybersecurity or make a career transition,” Henry said. “The book offers powerful self-analysis exercises and valuable ideas for improving, adapting, and becoming a sought-after cybersecurity recruit.”

Several experts have also recommended The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage. The 1989 book offers one of the first first-hand accounts of a hacking operation – in this case, a cyber-espionage operation the author uncovered that targeted the Lawrence Berkeley National Laboratory.

Management Readings

Books about management and how managers can improve employee efficiency and performance are always on summer reading lists, and cybersecurity is no exception.

For those following a managerial route (or considering one), Scott Gerlach, co-founder and chief security officer of security firm StackHawk, recommends The Qualified Sales Leader.

“It has some analogies to help the reader think about your cybersecurity project and tasks as a larger business issue and how to help mentor people in your security organization,” Gerlach said.

Nicole Schwartz, chief operating officer and chair of the board of directors of The Diana Initiative, a nonprofit organization that advocates for underrepresented people in the information security field, recommends Reinventing Cybersecurity, which advocates for greater diversity in the field of cybersecurity.

“Increasing diversity is not just about being fair. It is about embracing a wide range of people’s different approaches to problems and the diversity of knowledge available to them. This combination can make your security team terrifically effective,” Schwartz said.

Technical Reading

While many recommended summer reading books offer a story telling, some experts designate more technical tomes as must reads. Shashi Prakash, co-founder and CTO of Bolster, Inc., recommends Machine Learning and Security: Protecting Systems with Data and Algorithms, which offers an in-depth look at the intersection of machine learning and cybersecurity.

Some experts recommend books written by their colleagues. JuniperOne’s Henry noted that his colleague, Sounil Yu, wrote Cyber ​​Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape, which he considers a key reference document for thinking about building, managing and operation of security systems.

“It lives on hand, so I can frequently reference Yu’s metric maturity charts or situational awareness charts,” Henry said. “This is an especially valuable resource for those who are mid-level or higher in their careers, especially those hoping to succeed in safety conversations with business leaders or communicate more clearly about safety in slides.”

For those looking to learn how complex systems work, Michael Puterbaugh, chief marketing officer of security firm Pathlock, recommends reading Kim Zetter’s Countdown to Zero Day. The book offers a detailed account of the Stuxnet malware attack on Iran’s nuclear enrichment facilities.

“I think it’s a great read for anyone in a risk-centric role, as it not only discusses fundamental security, but also the multiple layers of risk present in a complex system. Nuclear centrifuges may be hyper-specific, but there are similarities to complex supply chains or business processes,” Puterbaugh said.

Readings of real (cyber)crimes

Few summer reading lists are complete without a good crime read.

Chris Furner, senior business engineer at security firm Blumira, suggests reading on cybercrime, including Nicole Perlroth’s This Is How They Tell Me The World Ends, which looks at cybercriminal activity and the growing use of zero attacks. -day.

“As a security professional, seeing ‘behind the curtain’ how the cybercrime industry works is very fascinating. In some ways, cyber warfare is the new nuclear arms race, but this time it’s happening in the shadows,” Furner said. “This book includes details of several high-profile attacks from recent years, and there are lessons learned and reminders of how the community must collectively step up efforts to strengthen networks against attacks.”

Bolster’s Prakash also recommends Spam Nation: The Inside Story of Organized Cybercrime by journalist Brian Krebs – from the global outbreak to your front door.

“This book does an excellent job of detailing the history of Internet crime, the people involved, and the motives behind this type of crime. Definitely a good choice for someone looking for an entry-level position in cybersecurity,” Prakash said.

Leave a Reply