The Top 21 #InfoSec Leaders and Influencers to Follow on Twitter

infosec_twitter_influencersStaying on top of the latest industry news and trends is a big part of the job for any InfoSec pro, and Twitter is a great resource, but with 243 million active users, it can be difficult to parse the good from the bad.

Lucky for you, we’ve combed through the Twittersphere (all 243 million users, I swear) and pulled the top 21 influencers  and thought leaders in the InfoSec Twittersphere, presented here in no particular order.

For a more concise and printable overview of the SIEM and security analytics market in 2016, check out Solutions Review’s all-new 2016 SIEM Buyer’s Guide.

Anton Chuvakin

@anton_chuvakin

Anton Chuvakin is a Research Director for Gartner’s Security and Risk Management Strategies team and formerly Director of PCI Compliance Solutions at Qualys, and Chief Logging Evangelist with LogLogic. Chuvakin writes reports and blog posts for Gartner and keeps a personal blog full of valuable insight on SIEM and Security Analytics.

Graham Cluley

@gcluley

Graham Cluley is a British security blogger and the author of GrahamCluley.com. Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011 and was given an honorary mention in the “10 Greatest Britons in IT History” for his contribution as a leading authority in Internet security.

Jack Daniel

@jack_daniel

Jack Daniel is the Security BSides Co-Founder, co-host of the Security Weekly podcast, and a strategist at Tenable Network Security. A self-proclaimed “information security curmudgeon,” Daniel provides solid information with a healthy dose of snark to keep things in perspective.

Kate Moussouris

@k8em0

Kate Moussouris is the Chief Policy Officer at HackerOne. She has extensive experience in the field, having worked at Microsoft and Symantec for several years. SC Magazine recently named Moussouris among 2014’s Top Women in IT Security, and she has spoken at a number of high-profile conferences, including RSA.

Rick Holland

@rickholland

Rick Holland is a CISSP and a vice president and principal analyst at Forrester Research, where he focuses on Security & Risk (S&R), providing strategic guidance on security architecture, security operations, and data privacy. Holland’s research ( and his Twitter feed, for the most part) focuses on incident response, threat intelligence, vulnerability management, penetration testing, red teaming, malware analysis, and email and web content security.


Augusto Barros

@apbarros

Augusto Barros is the author of the popular Security Balance blog and has been working in Information Security for over a decade. Barros is currently working as a Research Director at Gartner, where he focuses on security and risk management. Barros’ strong InfoSec background, as well as his writing skills, make his Twitter feed a great resource for S&R pros looking to stay abreast of the latest research.

Adrian Sanabria

@sawaba

Adrian Sanabria  is a Senior Analyst at 451 Research with more than 12 years of enterprise security experience and a background in system administration and architecture.  Adrian is involved in various volunteer projects within the security community, such as the National Board of Information Security Examiners’ (NBISE) efforts to provide analysis on information security job roles and hiring through the Operational Security Testing Panel and the Penetration Testing Execution Standard (PTES).

Neil MacDonald

@nmacdona

Neil MacDonald is a Vice President, Distinguished Analyst, and Gartner Fellow Emeritus at Gartner Research with 20 years of experience in information security. MacDonald is a member of Gartner’s information security and privacy research team, where he is focused on securing next-generation virtualized and cloud-based computing environments from advanced attacks. Specific research areas include endpoint protection, virtualization security, application security, protection of cloud-based workloads and protection from advanced targeted attacks using context-aware security and big data analytics approaches.

Oliver Rochford

@OliverRochford

Oliver Rochford is the Research Director of Gartner Research’s Infrastructure Protection team. His research focuses on security management solutions and services, advising clients on topics such as vulnerability management and assessment, SIEM, and other security management technologies, as well as MSSPs.

Jay Jacobs

@jayjacobs

Jay Jacobs is the co-author of Data-Driven Security, the Verizon Data Breach Investigation Reports and the co-founder of the Society of Information Risk Analysts, where he currently sits on the board of directors. Jacobs tweets typically focus on data analysis and visualization, risk analysis, and infosec.

Bruce Schneier 

@schneierblog

Bruce Schneier is one of the creators of the Blowfish cipher algorithm, a fellow at Harvard Law School’s Berkman Center for Internet & Society, and the author of several books on computer security and privacy. Schneier is a bit of an authority on encryption and, as such, most of his tweets deal with privacy and encryption.

Chris Wysopal

@WeldPond

Chris Wysopal, AKA Weld Pond, is the Co-founder and CTO of Veracode, and a former security researcher at L0pht, the hacker think-tank that testified before the Congress of the United States that they could shut down the entire Internet in 30 minutes way back in 1998. Wysopal has served on the Black Hat Review Board and has been named one of the most influential people in IT by eWeek, among other distinguishments.

 Jeremiah Grossman

@jeremiahg

Jeremiah Grossman is the founder and CTO of WhiteHat Security and a former information security officer at Yahoo. Grossman is also a founding member of the Web Application Security Consortium (WASC), and a black belt in Brazilian Jiu-Jitsu.

Dan Kaminsky

@dakami

Dan Kaminsky is a security researcher, chief scientist at White Ops, and the author of a popular blog ( FKA DoxPara Research). Kaminsky is best known for his work finding a critical flaw in the Internet’s Domain Name System (DNS), and for leading what became the largest synchronized fix to the Internet’s infrastructure of all time.

The Grugq

@thegrugq

The Grugq one of those interesting characters you can only really find in information security. He’s an independent security researcher The Grugq is an information security researcher with 15 years of industry experience, who started his career at a Fortune 100 company, before transitioning to consulting company @stake, where he eventually resigned after publishing a Phrack article on anti-forensics.  Currently, The Grugq’s opinions on cybersecurity and counterintelligence have netted him over 45,000 followers on Twitter.

Mikko Hypponen

@mikko

Mike Hypponen is the chief research officer at Finland’s F-Secure who has written on his research for the New York Times, Wired and Scientific America and he appears frequently on international TV. Hypponen is among the most followed security researchers in the industry, with over 121,000 followers on Twitter.

Brian Krebs

@briankrebs

Brian Krebs is an independent investigative journalist covering cybercrime. Krebs was formerly a security reporter at The Washington Post and is currently the author of the popular Krebs on Security blog.  At The Washington Post, Krebs  won widespread recognition for his work exposing some of the biggest corporate data breaches of all time, such as the ones at Target and Home Depot.

Eugene Kaspersky

@e_kaspersky

Perhaps the most well-known person on this list, Eugene Kaspersky is the founder, chairman, and CEO of Moscow-based cyber security giant Kaspersky Labs. As one of the few non-US based persons on this list, Kaspersky offers a different take on the current geopolitical cybersecurity climate, so join his 146,000 followers and check it out.

Richard Bejtlich

@taosecurity

Richard Bejtlich is the chief security strategist at FireEye and the author of TaoSecurity, a popular blog that views digital security through the lens of military history and ‘strategic afterthought.’ Bejlich’s tweets reflect this unique perspective, and while it may take some figuring out for those without history degrees, it’s a valuable perspective to consider.

Paul Asadoorian

@securityweekly

Paul Asadoorian is the founder of Security Weekly, a popular series of podcasts and webcasts covering security-related topics. Asadoorian was formerly an instructor at the SANS Institute and is is currently working as  a product evangelist for Tenable Network Security.

Infosec Taylor Swift

@SwiftOnSecurity

@SwiftOnSecurity, AKA InfoSec Taylor Swift, AKA SecuriTay, is everyone’s favorite infosec parody account. “Tay” mixes Swift’s public persona and lyrics with harsh InfoSec critique and sarcasm. This two-year-old Imgur post of “her” top posts in inspirational meme form is still required reading.


Widget not in any sidebars
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published.