Twitter can seem like a never-ending firehose of information. There’s plenty of excellent insight into cybersecurity issues on Twitter, but it can be hard to find interesting new accounts to follow because there are so many cybersecurity accounts.
To make it easier for you to find the best accounts, here are 22 information security thought leaders you should follow in the next year. Some are legends in IT. Some are new voices. Some combine humor and tech and some discuss law and privacy. All of them will keep you up to speed on cybersecurity issues in the new year.
22 industry experts to follow on Twitter in 2022
1. Richard Bejtlich – @taosecurity
Richard Bejtlich is a strategist and the Author in Residence at Corelight. He was previously Chief Security Strategist at FireEye and Mandiant’s Chief Security Officer when FireEye acquired Mandiant in 2013. At General Electric, as Director of Incident Response, he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). Richard began his digital security career as a military intelligence officer in 1997 at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA). Richard is a graduate of Harvard University and the United States Air Force Academy. He has authored, co-authored, and contributed to over a dozen books. Bejtlich’s Twitter account includes insightful comments on published articles, commentary on information security, as well as links to his own writing.
2. Julie Brill – @JulieSBrill
Julie Brill is currently Microsoft’s Chief Privacy Officer and former Commissioner of the FTC. Her Twitter feed is filled with insights on privacy and data protection.
3. Marcus J. Carey – @marcusjcarey
Marcus J. Carey is the creator of the best-selling Tribe of Hackers cybersecurity book series. Marcus is renowned in the cybersecurity industry and has spent his more than 20-year career working in penetration testing, incident response, and digital forensics with federal agencies such as NSA, DC3, DIA, and DARPA. Carey’s Twitter feed includes commentary on security as well as other projects.
4. Leslie Carhart – @hacksforpancakes
Leslie Carhart is an IT industry veteran with more than 20 years of experience, including 13 years in information security. Her specialties are in digital forensics and incident response. Carhart’s Twitter is a combination of informational shares and personal tweets. She also maintains a blog where she answers questions about cyber security and the IT industry in general.
5. Anton A. Chuvakin – @anton_chuvakin
Currently involved with security solution strategy at Google Cloud, Dr. Anton Chuvakin was, until 2019, Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. He is credited with inventing the term “EDR.” He is an expert in SIEM, log management, and PICI DSS compliance and holds a Ph.D. in physics. He is also a co-host of Cloud Security Podcast. Chuvakin’s Twitter account focuses on security issues.
6. Joshua Corman – @joshcorman
Currently Senior Advisor and Visiting Researcher for the U.S. Cybersecurity and Infrastructure Agency (CISA), Josh Corman joined CISA to assist with the agency’s CISA’s COVID response and safety-critical efforts during the pandemic. Previously, he led the Cyber Statecraft Initiative. Corman’s work examines the overlap of national security, international relations, and public safety. His Twitter account includes comments on public health, current cybersecurity issues, and a little humor.
7. Eva Galperin – @evacide
Eva Galperin is Director of Cybersecurity for EFF. Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from SFSU. Her work is primarily focused on providing privacy and security for vulnerable populations around the world; she has applied the combination of her political science and technical background to writing privacy and security training materials (including Surveillance Self Defense and the Digital First Aid Kit) and publishing research on malware in Syria, Vietnam, Kazakhstan. Galperin is co-founder of The Coalition Against Stalkerware, which facilitates communication between those organizations working to combat domestic violence and the security community. Her Twitter feed combines commentary on security issues with issues such as domestic abuse.
8. J Wolfgang Goerlich – @jwgoerlich
J Wolfgang Goerlich is an Advisory CISO with @Cisco, a cyber security strategist and an active part of the Michigan security community. He co-founded the OWASP Detroit chapter and organizes the annual Converge and BSides Detroit conferences. His areas of expertise include risk management, incident response, business continuity, secure development life cycles, and more. His Twitter account is a combination of cybersecurity issues and humor.
9. Jeremiah Grossman – @jeremiahg
Founder of WhiteHat Security and a world-renowned professional hacker, Jeremiah Grossman’s career spans nearly 20 years, and has lived a literal lifetime in computer security to become one of the industry’s biggest names. Grossman’s Twitter account includes everything from jiu-jitsu to hacking video games.
10. Jason Healey – @Jason_Healey
Currently, a Senior Research Scholar in Cyber Conflict Studies at Columbia University, Mr. Healey’s resume stretches back to 1997 and his time working at the Pentagon. His publication credentials include news articles in The Atlantic as well Us News and World Report. In addition, he has published two longer works A Fierce Domain: Conflict in Cyberspace, 1986 to Today (2013) and Cyber Security Policy Guidebook (2012). Mr. Healey’s Twitter account is active with musings and commentary on shared items.
11. Andrew Jaquith – @arj
Andrew Jaquith is a cyber-security and risk executive whose IT employment history places him as one of the top experts in the field. He wrote the book on security metrics, used by a generation of risk professionals to connect security to the corner office. Jaquith’s Twitter account focuses on general interest news as well as information security
12. Juliette Kayyem – @juliettekayyem
In government, academia, journalism, and the private sector, Juliette Kayyem has served as a national leader in America’s homeland security efforts. Juliette is currently the Senior Belfer Lecturer in International Security at Harvard’s Kennedy School of Government, where she is Faculty Director of the Homeland Security Project and Security and Global Health Project.
She presently serves as a CNN National Security Analyst as well as CEO of Grip Mobility, a technology company looking to provide transparency in the rideshare industry. She served as President Obama’s Assistant Secretary for Intergovernmental Affairs at the Department of Homeland Security. Her latest book, “The Devil Never Sleeps” will be released in March 2022. Her Twitter account focuses on the intersection of government and information security.
13. John Kindervag – @Kindervag
John Kindervag is best known for creating the “Zero Trust” model of information security. An IT leader who worked for years at Forrester, Kindervag has presented extensively at security conferences and been interviewed by top news outlets such as The Wall Street Journal, The New York Times, Forbes, CNBC, PBS, and Bloomberg. Kindervag’s Twitter account shares stories about science, sports, hacking, and humor.
14. Brian Krebs – @briankrebs
Brian Krebs has been writing about Internet security-related stories for the past two decades and maintains a daily blog on computer security and cybercrime at KrebsOnSecurity.com. A former Washington Post reporter, Krebs has a broad range of knowledge about Internet security topics. Krebs’s Twitter account discusses current InfoSec issues and the ongoing impact of security weaknesses.
15. Robert M. Lee – @RobertMLee
Robert M. Lee is the CEO and Founder of the industrial (ICS/OT) cyber security company Dragos, Inc. He is considered a pioneer in the ICS threat intelligence and incident response community. For his research and focus areas, Robert was awarded EnergySec’s 2015 Cyber Security Professional of the Year and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016). He serves currently on the Department of Energy’s Electricity Advisory Committee, on the World Economic Forum’s subcommittees on Cyber Resilience for the Oil and Gas and Electricity communities, and has testified to the U.S. Senate Energy and Natural Resources Committee and U.S. House Energy and Commerce Committee to advise on policy issues with relation to ICS cyber threats. Lee creates a weekly technology and security comic with Jeff Haas called Little Bobby. Lee’s Twitter account gives insight into the infosec world and shares information that can help educate both experts and non-experts.
16. Tracy Z. Maleeff – @InfoSecSherpa
A librarian turned information security researcher, Tracy Maleef is a frequent author and speaker on information security and research topics. She’s presented at several Information Security industry conferences like Security BSides, DerbyCon, and DEF CON’s Recon Village, as well as many library/information professional events. Describing herself as “Your guide up a mountain of information,” Maleef also writes a weekly newsletter on information security. Her Twitter feed is a combination of cybersecurity and personal tweets.
17. Alyssa Miller – @AlyssaM_InfoSec
Alyssa Miller has fifteen years of experience in the cybersecurity industry, including penetration testing, high-level security strategy, and talent development. She’s the author of “The Cyber Security Career Guide” and co-host of The Compromise, a weekly cybersecurity video podcast. Miller’s Twitter is a combination of personal stories and information security news.
18. Katie Moussouris – @k8em0
Katie Moussouris is the founder and CEO of Luta Security. A hacker with more than 20 years of professional cybersecurity experience, she is an advisor for several governments and large organizations around the world, a member of NIST’s Information Security and Privacy Advisory Board, and a cybersecurity fellow at New America and the National Security Institute. Her Twitter account is a collection of personal infosec experiences and informational security shares.
19. Bruce Schneier – @schneierblog
Bruce Schneier is a legend in the information security world. He’s written several books on cryptology and information security. His blog Schneier on Security has been published since 2004. Schneier’s Twitter account is an auto-feed of his blog but an excellent way to scan the articles for topics of interest.
20. Camille Stewart – @CamilleEsq
Named 2019 Cybersecurity Woman of the Year in the category of “Barrier Breaker,” Camille Stewart works at the intersection of law, policy, and technology. She is a former Senior Policy Advisor at the Department of Homeland Security focusing on cyber, infrastructure, and foreign policy appointed by President Obama and is currently Global Head of Product Security Strategy for Google. Stewart’s Twitter feed covers everything from security to policy.
21. Richard Stiennon – @stiennon
Stiennon founded RustNet in 1994, one of the first ISPs in the midwest. As the chief research analyst at IT-Harvest, he researched and reported on 2,336 IT security vendors. Mr. Stiennon’s Twitter account is a cross-section of well-curated material affecting information security.
22. Rachel Tobac – @RachelTobac
Rachel Tobac is a hacker and the CEO of SocialProof Security. She chairs the board of WISP (Women in Security and Privacy), an organization dedicated to advancing women in information security. Tobac’s Twitter feed is a combination of information security commentary and personal tweets.
