Twelve Books Every InfoSec Pro Should Read in 2018
Endpoint protection solutions are an essential part of the enterprise security toolkit, but they’re quickly becoming some of the most complex products on the market.
For those information security professionals trying to push their organization into the modern era of security, it can be difficult to know where to start. IT workers and CISOs looking for a new endpoint protection solution need a comprehensive overview in order to correctly plan, assess and deploy the right endpoint protection solutions for their organization and devise a strong business case for the technology.
There are loads of free resources available online (such as Solutions Review’s best practices articles, solutions directories, and buyer’s guides), and those resources are great, but sometimes it’s best to do things the old-fashioned way… there are few resources that can match the in-depth, comprehensive detail of a good book.
With that in mind, I’ve compiled a short list of the top twelve introductory information security and endpoint cybersecurity books available today, listed in no particular order. We have also built a small book library on this site, which you can access here.
Please note that several of these cybersecurity books have been in print for years and will not be up-to-date on the current range of solutions on the market. However, despite their age, these cybersecurity books still function well as high-altitude introductions to concepts and ideas that professionals building cybersecurity plans need to be familiar with.
“Bolster your system’s security and defeat the tools and tactics of cyber-criminals with advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies.”
“The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The book is peppered with practical real life techniques from the authors extensive career working in academia and a corporate setting.”
“This book is not about security or network monitoring: It’s about both, and in reality these are two aspects of the same problem. You can easily find people who are security experts or network monitors, but this book explains how to master both topics.”
“Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field.”
“Shows you how to build and manage successful response plans for the cyber incidents that have become inevitable for organizations of any size. Find out why these plans work. Learn the step-by-step process for developing and managing plans.”
“Everything in this book will have practical application for information security. Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks.”
“There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them.”
“This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, resourcing and cloud-based security metrics.”
“This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, checklists and valuable templates.”
“Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. Ideal for network administrators and operational security analysts.
“Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach, complete with real-world examples that teach you the key concepts of NSM.”
“This practical resource leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike.”