Posted on Aug 3, 2018
The information security industry moves at an incredibly quick pace, and sometimes it’s difficult to keep up with the the most recent updates, hacks, and data leaks that pose a threat to your organization. Social media is an excellent and quick way to ensure that you’re continuously informed on the latest security threat what’s most pressing.
We’ve curated a list of 35 Twitter accounts that you and your department might find helpful.
Troy Hunt is a security researcher, blogger, and speaker who currently runs haveibeenpwned.com, a service that notifies subscribers if their email address is part of a data breach. We’ve featured Troy Hunt on our blog before, and the two Twitter accounts he runs often discuss the latest data breach, new site vulnerabilities, or the rumblings of a potential data breach before it’s widely reported.
2. @e_kaspersky | Eugene Kaspersky
Eugene Kaspersky is currently the CEO of Kaspersky Lab, a major security software provider that also manages ThreatPost, a well-known security publishing site. Kaspersky’s Twitter account links to details on the newest vulnerabilities, news stories surrounding hacks and data breaches, and covers everything from government hacking, to cryptocurrency, to new threats across the globe.
3. @StewartRoom | Stewart Room
Stewart Room is a partner at PwC and the Global Head of Cyber Security & Data Protection Legal Services. His Twitter account offers insight on how data breaches, data protection laws, and recent changes in policies or regulations may affect enterprises. His personal website features articles on the same topics in an in-depth fashion.
4. @mikko | Mikko Hypponen
Mikko Hypponen is the Chief Revenue Officer for F-Secure, a Finnish security and privacy company that offers solutions and software for homes and businesses. As a global professional immersed in the cybersecurity space, Mikko offers unique insight into nation-state actions, protecting private and employee data, and security information in various industries, such as AI, Gaming, and IoT.
5. @joshcorman | Josh Corman
Josh Corman is the Director of the Cyber Statecraft Initiative, which ‘focuses on international cooperation, competition, and conflict in cyberspace’ as part of the Atlantic Council. In addition to tweeting about recent vulnerabilities that could affect individuals and organizations, Josh also takes on a policy-first perspective on cybersecurity and discusses cybersecurity as part of a national priority.
Katie Moussouris is the founder of Luta Security, a new bug bounty and vulnerability disclosure company. Both her and her company’s Twitter accounts offer insight on bug bounty program and vulnerability disclosure and coordination. (Bug bounty programs are when an organization sets up a reward program for independent security researchers to find vulnerabilities within their organization. Vulnerability disclosure coordination is the procedure of publicizing vulnerabilities in hopes that users and organizations patch the vulnerability before it is exploited.)
7. @BrianHonan | Brian Honan
Brian Honan is the head of Ireland’s first Computer Security Incident Response Team (CSIRT). His Twitter account aggregates the most recent news and updates from reputable information security sources and security research sites such as Dark Reading, Naked Security, and ThreatPost. His account is perfect for consistently updates on new stories on a day-to-day basis.
8. @annie_bdc | Ann Barron-DiCamillo
Ann Barron-DiCamillo is a cybersecurity expert and former US-CERT Director, which is the US Computer Emergency Readiness Team, an agency that provides alerts to newly discovered vulnerabilities and coordinates defense against potential cyberattacks. Ann provides a long-term policy perspective on cybersecurity, offering insight on the security industry, how governments should treat information security as a department, and what we may be able to expect from large-scale response to recent vulnerabilities and attacks.
9. @taosecurity | Richard Bejtlich
Richard Bejtlich is a former Chief Security Strategist at FireEye, a cybersecurity company that provides a number of products and services for enterprises. Richard also runs TaoSecurity, a digital security blog. His Twitter account offers insight in response to many recent events in the global security space and also livestreams a number of related events and summits.
10. @briankrebs | Brian Krebs
Brian Krebs is an independent security journalist that is often the first to respond to major data breaches with a detailed look into who was responsible, why, and what the consequences may be for organizations and individuals. His Twitter account is a reflection of his KrebsOnSecurity site and is always up to date with the latest in attacks and security incidents.
11. @jeremiahg | Jeremiah Grossman
Jeremiah Grossman is the founder of WhiteHat Security and is the Chief of Security Strategy for SentinelOne, an endpoint protection solution provider that uses machine-learning in its approach. Jeremiah offers direct security advice and insight in his account for individuals, companies, and software developers, offering a deeper look into secure practices than others do.
12. @USCERT_gov | US-CERT
This Twitter account is the official account of the previously mentioned US Computer Emergency Readiness Team (US-CERT). It’s an automated account that links to US-CERT alerts and tips which provide information on newly discovered information, recently released security updates and patches, and general advice for keeping network and devices secure.
13. @schneierblog | Bruce Schneier
Bruce Schneier is an internationally renowned security specialist and author. Described by The Economist as a "security guru," he’s currently the Chief Technology Officer at IBM Resilient, a fellow at Harvard’s Berkman Center, and on the board of EFF. In addition to his Twitter account, you can find more in-depth articles on Bruce’s blog Schneier on Security.
14. @neiljrubenking | Neil Rubenking
Neil Rubenking reviews security products for PCMag Digital Network. His expertise and insights are extensive, and his Twitter account is a great way to stay on top of in-depth antivirus reviews and analysis. He’s also written seven books on DOS, Windows and Pascal/Delphi programming. He currently serves on the Advisory Board for the Anti-Malware Testing Standards Organization.
15. @dangoodin001 | Dan Goodin
Dan Goodin is the Security Editor at Ars Technica, a leading news website about IT and technology. As journalist with more than 15 years experience, he’s been chronicling the exploits of white-hat, grey-hat, and black-hat hackers since 2005 as a reporter for the Associated Press and later, The Register. His twitter account is a great way to keep up on security threats, hackers, and recent cybersecurity attacks.
16. @gcluley | Graham Cluley
Graham Cluley is an extremely well-known and respected security expert. He currently writes about cybersecurity trends and news on his blog. He’s been fighting cybercrime since the early 1990s. In addition to his Twitter account, you can keep up with Graham and his computer security news, advice, and opinions here. Graham was inducted into the Infosecurity Europe Hall of Fame in 2011 and currently works as an independent blogger and media expert on computer security issues.
17. @campuscodi | Catalin Cimpanu
Catalin Cimpanu is a news writer for Bleeping Computer where he provides in-depth analysis of the latest scams, malware, and cybersecurity news. As a reporter, he faces the tough challenge of keeping up with the fast-paced cybersecurity landscape. He brings his critical eye and journalistic integrity to malware outbreaks, movements on the Dark Web, hacking news, and more.
18. @peterkruse | Peter Kruse
Peter Kruse is a fantastic resource to keep up on the latest changes and developments in cybersecurity. He currently serves as an eCrime specialists for CSIS Security Group and is known for being the first to break news about major cyber threats and major sources of malware.
19. @Shirastweet | Shira Rubinoff
Shira Rubinoff is considered one of the most respected female cybersecurity experts and focuses on the human element of information security and technology. She is currently the president of Green Armor Solutions. She was honored by the Executive Women’s Forum and CSO Magazine with the title “Woman of Influence.” She also lectures and writes about psychology and cybersecurity, a fascinating combination to keep up with on her Twitter account.
20. @nakashimae | Ellen Nakashima
Ellen Nakashima began as a Southeast Asia journalist and covered the presidential candidacy of Al Gore, which evolved into a co-authored biography on Gore. She currently serves as the national security reporter for the Washington Post where she covers topics such as civil liberties, technology, and intelligence.
21. @iblametom | Thomas Fox-Brewster
Thomas Brewster publishes, for the most part, on Forbes and his topics include crime, privacy, and security in physical or digital forms. He’s also worked for The Guardian, Wired, and Motherboard to name a few others. He received the title “BT Security Journalist” of the year in 2012 and 2013. He twitter account covers the latest in security, surveillance, and privacy.
22. @evacide | Eva Galperin
Eva Galperin currently serves as the Director of EFF’s cybersecurity department and works as a tech advisor at Freedom of the Press. She focuses on security and privacy issues for vulnerable populations. Before that, she worked in IT and security in Silicon Valley and earned her degrees in Political Science and International Relations from San Francisco State University.
23. @DanielMiessler | Daniel Miessler
Daniel Miessler is an information security professional with over 2,500 essays, tutorials, and posts. He started his website in 1999 as a way to collect technical knowledge. He was born, raised, and still lives in the San Francisco Bay Area. He covers everything from tutorials on information security to essays on the difference between existentialism, nihilism, and absurdism, which makes him an excellent source on Twitter for everything from cybersecurity to philosophical discussions.
24. @evanderburg | Eric Vanderburg
Eric Vanderburg currently works at TCDI and is known as a Christian cybersecurity leader, consultant, author, and cyber investigator. He’s authored several books on cybersecurity and keeps readers up-to-date on his cybersecurity blog, Security Thinking Cap. He also serves as the Vice Chairman of the board of directors for the Technology Ministry Network.
25. @ScottBVS | Scott Schober
Scott N. Schober currently serves as the CEO of Berkeley Varitronics Systems (BVS). He is a cybersecurity expert and has appeared on ABC news, CBS, Fox, and Bloomberg to name a few.
He is the author of Hacked Again and he also works as a cybersecurity speaker, presenter, and expert in the field. Scott’s Twitter account is full of his expertise and unique insights.
26. @jack_daniel | Jack Daniel
Jack Daniel has a long list of achievements including the co-founder of Security BSides and the Technical Product Manager at Tenable Network. He regularly tweets his thoughts and insights on information security and is considered a leading technology community activist. In addition to following Jack on twitter, you can find more in-depth information on his blog Uncommon Sense Security.
27. @anton_chuvakin | Dr. Anton Chuvakin
Dr. Anton Chuvakin is a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. He is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is the author of several books including Security Warrior and PCI Compliance. In addition to his tweets, Anton’s blog Security Warrior is extremely popular in the industry.
28. @lennyzeltser | Lenny Zeltser
According to his Twitter profile, Lenny Zeltser advances information security, grows tech businesses, and fights malicious software. He currently builds endpoint defense solutions as VP of Products at Minerva Labs. He also teaches incident response and malware defenses at the SANS Institute and he is the recipient of the prestigious GIAC Security Expert designation. He earned his Computer Science degree from the University of Pennsylvania and his MBA from MIT Salon.
29. @josephsteinberg | Joseph Steinberg
Joseph Steinberg is a thought leader in cybersecurity and an influencer in emerging technologies, especially for AI and blockchain-related offerings. Further, he’s worked in the security industry for almost two decades and has written a study guide for CISO certification exams. He also works as a columnist and his written for Forbes and Inc. magazines, which certainly makes him someone to watch on Twitter.
30. @RobertMLee | Robert M. Lee
Robert M. Lee founded the industrial cybersecurity company Dragos Inc and received the 2015 EnergySec CyberSecurity Professional of the year award. He began in security as a U.S. Air Forces Cyber Warfare Operations Officer. He built the first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure for the National Security Agency. Forbes named him to its 30 and under list as a breakout talent in 2016.
31. @runasand | Runa Sandvik
Runa Sandvik works as the Senior Director of Information Security at the New York Times and she advises many companies on how to improve their cybersecurity posture. Further, she’s published articles on encryption and the dark web for Forbes. According to the New York Times, she began her career at the age of 15 and became obsessed with how computers worked, didn’t work, and how to make them do things they weren’t supposed to do.
32. @TroelsOerting | Troels Oerting
Troels Oerting is the acting head of Europol’s Counter Terrorist and Financial Intelligence Centre and head of the European Cybercrime Centre. On April 2, 2018, he became the first head of the new Global Centre for Cybersecurity formed at the 48th annual meeting of the World Economic Forum (WEF). Earlier, he had been the Chief Information Security Officer (CISO) at Barclays.
33. @ejhilbert | E.J. Hilbert
E.J. Hilbert works as the CEO at Path Network in Los Angeles. He has been involved in security for over 25 years and has worked as an FBI agent, head of security enforcement for MySpace, a CISO, and led his own online investigation firm. During his time with the FBI, he ran one of the FBI’s largest cyber-crime investigations. Keep up with E.J. and his cyber-crime insights on Twitter.
34. @PatrickCMiller | Patrick C. Miller
Patrick C. Miller works as infrastructure and industrial security advisor. According to Forbes, he is one of the top 20 cyber policy experts to follow on Twitter. For over 30 years, he’s provided consulting services for the critical infrastructure and key resource sectors. He is also a well-known public speaker on the topics of critical infrastructure protection, process and industrial control system (ICS/OT) cybersecurity, and information technology.
35. @peterwsinger | Peter W. Singer (P.W. Singer)
Peter W. Singer is an editor at Popular Science magazine and has been named by the Smithsonian as on of America’s 100 leading innovators. He has also been called by Onalytica one of the ten most influential voices on cybersecurity. He has written many award winning books including: Corporate Warriors: The Rise of the Privatized Military Industry, Children at War, Wired for War: The Robotics Revolution and Conflict in the 21st Century; and Cybersecurity and Cyberwar: What Everyone Needs to Know and Ghost Fleet: A Novel of the Next World War.
With hackers finding new ways to attack third-parties in hopes of infecting a larger organization, the third-party ecosystem is more fragile than ever before.
The purpose of IT security risk assessment is to determine security risks to your company’s critical assets, and how much funding and effort should be used in their protection. Get started with SecurityScorecard’s step-by-step guide to managing your cyber risk.
Templates and vendor evaluations are needed to level that playing field, in a time efficient and fair way, so that the best vendors are chosen. The right vendor risk assessment template can be crafted to assure compliance with regulatory requirements.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.