Summer is a great time to catch up on reading at the beach. Here are my six recommendations for books, related to cyber security, which I couldn’t put down.
1. The Art of Deception: Controlling the Human Element of Security
The weakest link in any security system is always a human. Kevin Mitnick is a master of social engineering, and this book gives a great introduction to that subject, which is peppered with real-life exploitation examples.
2. American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road
It’s a fascinating account of how Russ Ulbricht built The Silk Road (a dark web market place for drugs), and what techniques the authorities used to trace and catch him.
3. Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon.
The Stuxnet worm caused substantial damage to Iran’s nuclear program, and used unprecedented four zero-day exploits to propagate. This book examines the intersection of infrastructure and malware, and the growing threat of cyber weapons.
4. Spam Nation: The Inside Story of Organized Cybercrime - from Global Epidemic to Your Front Door
A well written narrative by investigative journalist Brian Krebs about how spammers make money, and how ransomware, scareware and various payment scams work.
5. Network Security Assessment: Know Your Network
This is one of my long-time favorites: a useful and accessible tutorial by Chris McNab about how to assess the security of networks.
6. Team of Teams: New Rules of Engagement for a Complex World
This book about leadership by Gen Stanley McChrystal offers many great ideas on organizing effective teams (including security teams, operating within a larger organization).
It also talks about resilience vs. robustness and how companies can handle the complexity of the environment we operate in. While it’s not purely a cyber security book, I found the ideas in it incredibly useful.
