Posted on Nov 5, 2019
We asked our staff about their favorite security-based reads, and they responded with a list of 15 books about cybersecurity. The list runs the gamut, from how-tos to histories to exposés, and covers topics ranging from fraud to social engineering to code breaking.
Sound interesting? Well, don’t take our word for it. Read on for our reading recommendations.
This book demonstrates how to modify a system at runtime to subvert a forensic live response. Readers will learn how to conceal their presence on a server, disable its security policies, sidestep group policy, maintain remote access, and covertly monitor system activity — all with the system administrator being none the wiser.
This book teaches information officers how to think like a top security guru. Using real-world examples, security expert Kevin Day explains how to reduce any security problem to a set of essential principles, making it easy to arrive at optimal solutions.
In this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. This new second edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited.
Combining the best of investigative journalism and technical analysis, this book by Rick Howard documents changes in the culture of cyber criminals and explores the innovations that are the result of those changes.
Man has created codes to keep secrets and has broken codes to learn those secrets since the time of the Pharaohs. This comprehensive history examines what codes and codebreaking have meant to human history.Hailed upon first publication as a book likely to become the definitive work of its kind, The Codebreakers is the skeleton key to a thousand thrilling true stories of intrigue, mystery, and adventure.
From the 1991 Gulf War to conflicts in Haiti, Serbia, Syria, the former Soviet republics, Iraq, and Iran, where cyber warfare played a significant role, this book chronicles a little-known past that shines an unsettling light on our future. Author Fred Kaplan probes the inner corridors of the National Security Agency, the beyond-top-secret cyber units in the Pentagon, the “information warfare” squads of the military services, and the national security debates in the White House to reveal the details of the officers, policymakers, scientists, and spies who devised this new form of warfare and who have been planning—and (more often than people know) fighting—these wars for decades.
Security Mom is a modern tale about the highs and lows of having-it-all parenthood and a candid, sometimes shocking, behind-the-scenes look inside the high-stakes world of national security. In her signature refreshing style, national security expert and mom of three Juliette Kayyem reveals how she came to learn that homeland security is not simply about tragedy and terror; it is about us as parents and neighbors, and what we can do every day to keep each other strong and safe.
In this book, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks, he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.
Kevin Mitnick's exploits as a cyber-desperado and fugitive formed one of the most exhaustive FBI manhunts. Since his release from federal prison in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. In this book, Mitnick focuses on the human factors involved with information security. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent.
In this book, celebrated hacker Kevin Mitnick tells stories of real-life computer break-ins and showing how the victims could have prevented them. This book offers riveting descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes.
In this explosive yet practical book, hacker-turned-security expert Kevin Mitnick uses real life stories to teach you the art of online invisibility, as well as everyday tactics you can use to protect yourself and your family. This book will teach you everything from password protection and smart Wi-Fi usage to advanced techniques designed to maximize your anonymity.
Former hacker Kevin Poulsen has, over the past decade, built a reputation as one of the top investigative reporters on the cybercrime beat. In Kingpin, he pours his unmatched access and expertise into book form for the first time, delivering a gripping cat-and-mouse narrative—and an unprecedented view into the twenty-first century’s signature form of organized crime.
For more than three hundred years, the world wrestled with conflicts between nation-states, which wielded military force, financial pressure, and diplomatic persuasion to create world order. But in 2012, the involvement of the US and Israeli governments in Operation "Olympic Games," a mission aimed at disrupting the Iranian nuclear program through cyberattacks, was revealed; Russia and China conducted massive cyber-espionage operations; and the world split over the governance of the Internet. Cyberspace became a battlefield. Cyber warfare demands that the rules of engagement be completely reworked and all the old niceties of diplomacy be recast. In this new world order, Segal reveals, power has been well and truly hacked.
Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses. In this book, security expert Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine–based lab that includes Kali Linux and vulnerable operating systems, you’ll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you’ll experience the key stages of an actual assessment—including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.
Top cybersecurity journalist Kim Zetter tells the story behind the virus that sabotaged Iran’s nuclear efforts and shows how its existence has ushered in a new age of warfare—one in which a digital attack can have the same destructive capability as a megaton bomb. Propelled by Zetter’s unique knowledge and access, and filled with eye-opening explanations of the technologies involved, Countdown to Zero Day is a comprehensive and prescient portrait of a world at the edge of a new kind of war.
Are you excited about a book we haven’t mentioned? If so, share the security books on your nightstand with us!
Check out our list of 3 top third party risk management (TPRM) challenges, and the actions you can take to bolster your program. Learn more.
Performing cybersecurity risk assessments is a key part of any organization’s information security management program. Read our guide.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.