17 Security Blogs You Should Be Reading in 2017

security-265130_1280Information security is one of the most important areas in enterprise IT today, and it’s only becoming more prominent as large-scale breaches of corporate networks continue to shake consumer trust and incite ever-increasing government regulation.

Staying on top of the latest industry news and trends is a big part of the job for any InfoSec pro, and blogs are a great resource, but with hundreds or even thousands of InfoSec blogs out there, it can be difficult to know where to site

Lucky for you, we’ve combed through the security blogosphere and pulled the top 20 most influential InfoSec, presented here in no particular order.

Of course, this list is totally subjective, so if you think we’ve missed anything, feel free to let us know in the comments.

Also, feel free to check out our own news, best practices, and buyer’s guides on SIEM, Identity Management, and Endpoint Protection :-).

Anton Chuvakin’s Blog

Anton Chuvakin is a Research Director for Gartner’s Security and Risk Management Strategies team and formerly Director of PCI Compliance Solutions at Qualys, and Chief Logging Evangelist with LogLogic. Chuvakin writes reports and blog posts for Gartner and keeps a no-frills personal blog full of valuable insight on SIEM and Security Analytics.

Check it out. 

Graham Cluley

Graham Cluley is a British security blogger who was inducted into the InfoSecurity Europe Hall of Fame in 2011 and was given an honorary mention in the “10 Greatest Britons in IT History” for his contribution as a leading authority in Internet security.

Check it out. 

SC Magazine

SC Magazine is a publication with the goal of “arming information security professionals with the in-depth, unbiased business and technical information they need” to handle security challenges, and they do a pretty good job of that.

SC Magazine has editorial teams in the US and UK, and posts a steady stream of cyber security news, as well as opinion pieces and white papers.

Check it out. 

InfoSecurity Magazine

London and New York City-based Info Security magazine is dedicated to the strategy and technology of information security, and is a valuable resource for the latest security news and best practices.

Check it out. 

Dark Reading

Dark Reading is an internet security news site and online community for security professionals providing the latest information security news and opinion. DR maintains a dedicated page for nearly every aspect of security and is a great resource for infosec news and opinion.

Check it out.

Security Balance

Security Balance is a popular blog by Augusto Barros, who has been working in Information Security for over a decade. Barros is currently working as a Research Director at Gartner, where he focuses on security and risk management.

Check it out.

Data-Driven Security

The Data-Driven Security blog (and book) is a collaboration between Jay Jacobs and  Bob Rudis aimed at helping security domain practitioners “embrace and engage all elements of security data science to help defend their organizations.”

Check it out. 

Schneier on Security

Bruce Schneier is one of the creators of the Blowfish cipher algorithm, a fellow at Harvard Law School’s Berkman Center for Internet & Society, and the author of several books on computer security and privacy. Schneier is a bit of an authority on encryption and, as such, many of his posts deal with privacy and encryption.

Check it out. 

Dan Kaminsky’s Blog (FKA DoxPara Research) 

The personal blog of Dan Kaminsky, a security researcher and chief scientist at White Ops. Kaminsky is best known for his work finding a critical flaw in the Internet’s Domain Name System (DNS), and for leading what became the largest synchronized fix to the Internet’s infrastructure of all time.

Check it out.

Krebs on Security

Krebs on Security author Brian Krebs is an independent investigative journalist covering cybercrime. Krebs was formerly a security reporter at The Washington Post where he  won widespread recognition for his work exposing some of the biggest corporate data breaches of all time, such as the ones at Target and Home Depot.

Check it out. 

TaoSecurity

Founded by Richard Bejtlich, chief security strategist at FireEye, TaoSecurity is a popular blog that views digital security through the lens of military history and ‘strategic afterthought.’ Perfect for dual InfoSec/History nerds (I know you’re out there).

Check it out. 

Paul’s Security Weekly

Founded by Paul Asadoorian, Security Weekly is a  popular blog featuring written posts as well as a series of podcasts and webcasts covering security-related topics. Asadoorian was formerly an instructor at the SANS Institute and is is currently working as  a product evangelist for Tenable Network Security.

Check it out. 

Wired’s Threat Level

Probably the most established and “mainstream” news outlet on this list, Wired isn’t exactly known for security news, but the Wired team deftly tackles issues of privacy and security.

Check it out.

ThreatPost (AKA Kaspersky Labs News)

One of the most popular security blogs on the net, ThreatPost is Kaspersky Lab’s security news blog, and is run by a team of infosec experts covering a wide range of security topics including malware, vulnerabilities, and threat protection.

Check it out

Liquidmatrix Security

Liquidmatrix  provides both long-form articles and lively and entertaining podcast is hosted by four opinionated security pros  who aren’t afraid to speak their minds.

Check it out. 

Sophos Naked Security

Advanced Data Protection provider Sophos’ Naked Security blog features content from security experts with a specific focus on malware and advanced data protection, naturally.

Check it out. 

The Security Ledger

A blog from Paul Roberts, a former ThreatPost editor and analyst at 451 Research, The Security Ledger brings an independent view on cybersecurity with a keen focus on the future of the internet of things.

Check it out.


 

Jeff Edwards
Follow Jeff

Jeff Edwards

Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published. Required fields are marked *