How to Keep Up on the Latest in Cybersecurity News

Cybersecurity is always a hot topic, for a very good reason: the hits just keep on coming. Trying to keep up with the latest news and vulnerabilities is a daunting task, but you have to do it. Installing the latest security software and running the latest tests is not complete due diligence in the modern world of continuous cyber attacks. As the saying goes, “knowledge is power,” and it is especially so in the web-connected world.

So, how do you keep your knowledge at peak efficiency? Reading, of course. There are hundreds of technology sites and blogs that will help keep you informed about the latest issues but that’s a lot of reading. What follows is a list of the some of the best. You should recognize some of these if cyber security is not a new to you. Hopefully, the list includes some that you weren’t aware of and will add some bulk to your reading list.

The Hacker News 

The Hacker News is one of the largest and well-read information security sites. They feature news and thorough coverage of the information technology vulnerabilities and trends. The Hacker News is supported and endorsed by security experts, administrators, and members of various underground hacker groups and communities worldwide.

Krebs on Security

Brian Krebs is not your typical cyber export (but who is typical?).  His formal education includes a Bachelor of Arts degree in International Studies from George Mason University in 1994 (programming was a hobby). So, what prompted him to switch his focus to cyber security? In 2001 his home network was compromised by a Chinese hacking group. What followed was a self-taught crash course in computer and Internet security.

In his own words from his website, “Much of my knowledge about computers and Internet security comes from having cultivated regular and direct access to some of the smartest and most clueful geeks on the planet. The rest I think probably comes from a willingness to take risks, make mistakes, and learn from them.”

Open Web Application Security Project (OWASP)

Established in 2001, OWASP is a non-profit organization that has dedicated itself to the development of knowledge, tools, and best practices for secure application development. In their own words, they want to “be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.”

One of their most important projects in my experience has been the “OWASP Top 10 Most Critical Web Application Security Risks”. Not only do they describe the risks in detail but the also provide examples for mitigation in multiple languages.

Schneier on Security

Bruce Schneier’s blog has been in existence since 2004. He writes about security in articles, books, and academic papers. He is currently the CTO of IBM Resilient, a fellow at Harvard's Berkman Center, and a board member of the EFF.

The blog includes articles pertinent to current security issues and has an engaging comment area with lively discussions. He also produces a monthly, well-read newsletter.

Dark Reading 

Dark Reading is a long-time source for information about new cyber threats and current cybersecurity technology trends.

From their website: “Dark Reading.com encompasses 13 communities, each of which drills deeper into the enterprise security challenge: Analytics, Attacks & Breaches, Application Security, Careers and People, Cloud Security, Endpoint,  IoT, Mobile, Operations, Perimeter, Risk, Threat Intelligence, and Vulnerabilities and Threats. Each community is led by editors and subject matter experts who collaborate with security researchers, technology specialists, industry analysts and other Dark Reading members to provide timely, accurate and informative articles that lead to spirited discussions.”

Naked Security by SOPHOS 

Naked Security is SOPHOS’ news aggregator, providing the news, opinion, and advice on our favorite topic: computer security issues and the latest Internet threats.

Naked Security also produces a daily newsletter that provides a list of important cybersecurity news articles published within the last 24 hours. This is a must read.

Summary

I hope this list added a few more sources for your cybersecurity knowledge needs. Feel free to comment below on these and other sites that you have found invaluable to our work.