Books to Help Cybersecurity Pros Be Better

Constant learning is a requirement for cybersecurity professionals.
Here are books and links recommended by professionals to continue a professional’s education.

The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet

This book, written by David Kahn, was recommended by a Twitter user. In the recommendation, the tweetster called it “…a good look at encrypted/secret communications over the millennia.”

According to the book’s description on Amazon, it is “The magnificent, unrivaled history of codes and ciphers — how they’re made, how they’re broken, and the many and fascinating roles they’ve played since the dawn of civilization in war, business, diplomacy, and espionage — updated with a new chapter on computer cryptography and the Ultra secret.”

The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet by David Kahn.

Red Team Field Manual

A system engineer at a major security company recommended a pair of books. The first is the Red Team Field Manual, by Ben Clark.

Red teams are, of course, the attacking teams in security exercises; they are the ones charged with knowing where the vulnerabilities lie, where there are exploitable weaknesses in defenses, and how to take advantage of each. And while this is specialized knowledge, it’s also valuable for those on the other side — those charged against defending against the likes of a red-team member.

According to the description on Amazon, “The Red Team Field Manual (RTFM) is a no-fluff but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page.” It’s not just a book about tools, though — there are plenty of tactics and techniques in the book, as well.

Blue Team Field Manual

If you have an exercise with a red team, you’ll also need a blue team, and the Blue Team Field Manual is the book for them. This practical manual, by authors Alan J. White and Ben Clark, is a concise way to quickly give critical knowledge to those charged with defending an organization’s network and assets.

Reviews of the Blue Team Field Manual speak of the practical information given, though some mention that it’s not necessarily a book for absolute beginners — it’s most valuable for those who have at least a rudimentary knowledge of security tools and tactics.

For those looking to up their defensive game, though, this manual definitely deserves a spot on the bookshelf.

The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography

The same Twitter-using engineer who recommended The Codebreakers also recommended The Code Book, saying, “Much lighter to read [than The Code Breakers] and good for building up a security mindset foundation.”

The notion of building up the security mindset came into play with a number of suggestions for the list. And in this book, according to the description on Amazon, author Simon Singh “…offers the first sweeping history of encryption, tracing its evolution and revealing the dramatic effects codes have had on wars, nations, and individual lives.”

Reviewers of this book note that it goes back and forth between historical perspective and detailed information on encryption, making it perhaps easier than Kahn’s book for those who have no previous background in the field.

The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage

A security engineer on Facebook recommended this book, noting that “The Cuckoo’s Egg is still a great read (and still pretty relevant)!” This book, by Clifford Stoll, was the public’s first real introduction to the notion that intrusion and hacking wasn’t something that had an impact only on individuals but was affecting the largest and most carefully guarded networks in the country.

Those who recommended books like The Cuckoo’s Egg note that in the fast-changing world of cybersecurity there is value in the lessons from history. While many things change, it seems there there are some things — particularly those having to do with human beings and their strategies — that don’t, and books like this help in understanding them.

The lessons in The Cuckoo’s Egg could resonate particularly well with computer generalists who find themselves thrown into cybersecurity. Reading about a Unix sysadmin who had to teach himself about security in order to chase down what started as a 75-cent accounting error and became a crime can still teach a great deal many years after the original incident.

Takedown: The Pursuit and Capture of Kevin Mitnick by the Man Who Did It

In the 1990s, no hacker was more infamous than Kevin Mitnick. And in Takedown, authors Tsutomo Shimomura and John Markoff walk the reader through the process by which Shimomura tracked down and helped capture Mitnick.

Now out of print, the book may be found at used book stores and online. And it must be noted that the book isn’t without its controversy and detractors. Shimomura shares many traits with Mitnick, and the writing is quite personal with no small dose of ego thrown in.

Still, for those looking for a way to get inside the head of attackers (and pursuers), this is a book that can provide valuable insight.

Applied Cryptography: Protocols, Algorithms and Source Code in C

For those looking for a deeper understanding of cryptography in the real world, there is no more respected a source than Bruce Schneier’s Applied Cryptography.

There are those, today, who know Schneier only from his writing on security and the way in which he has popularized the phrase “security theater.”

This book is a superb text for those who want to understand cryptography, both in its conceptual basis and in how it can be implemented in code. The technical manager who recommended Applied Cryptography called it a “classic.” Thousands of developers building security into their applications would agree.

Social Engineering: The Science of Human Hacking

A long-time journalist covering security recommended this book and the next, and was clear that the human element is as important as the technological when it comes to security. In Social Engineering, author Christopher Hadnagy looks at the element of cybersecurity that most professionals agree is the most obvious vulnerability.

At the same time, there are many organizations that still don’t allow red teams the same sort of access to the human vulnerabilities that they provide to computer systems. That makes knowledge of hacking techniques and the signs of their success especially critical for members of the security team.

This book asks the most provocative question in cybersecurity: Why hack into something when you can just ask a user to let you in? If you want to know how hackers ask for access, and why users insist on providing it, then you want this book in your library.

You’ll see this message when it is too late: The Legal and Economic Aftermath of Cybersecurity Breaches

Breaches have consequences. That simple fact is the basis for Josephine Wolff’s important book on what happens to an organization after the breach is discovered.

You’ll see this message when it is too late uses six incidents to show how the law and regulations have an impact on organizations both before and after a breach — and how that impact isn’t always helpful, or what the originators of the laws and regulations hoped it would be.

If your job includes developing a strategy for dealing with security breaches and their aftermath, then this book is definitely one that you want to read.

Weapons of Math Destruction: How Big Data Increases Inequality and Threatens Democracy

This book, by author and TED Talk presenter Cathy O’Neil, may seem an unusual entry in an list on books about security, but as the Facebook member who recommended it wrote, “It’s more algorithms and impact on privacy, but cybersecurity needs to take ethics into account.”

Targets of Math Destruction challenges one of the basic assumptions of modern business, education, and life: that by turning decisions over to the numbers used by algorithms, we can eliminate prejudice and poor decisions.

O’Neil presents a plethora of illustrations to show precisely why algorithms can run a decision-making process off the rails and how critical it can be to any organization to make sure that humans remain involved in decisions — and that they have the power to overrule the machines when common sense (and common decency) demand.

How To Measure Anything In Cybersecurity Risk

Knowing what an organization can do about security begins with understanding that organization’s risk. How to Measure Anything in Cybersecurity Risk, by Douglas W. Hubbard and Richard Seiersen, shows an organization how to begin measuring that risk — and just how important it is to get it right.

According to the book’s description on Amazon, “Some of the field’s premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation.”

When getting something wrong can have dire consequences, it’s worth taking the time to get it right. This book will help begin that process and will provide valuable information for security professionals who find themselves debating risk with those in other business units.

Preventing Ransomware: Understand, Prevent, and Remediate Ransomware Attacks

No type of attack has been more in the news during the last 24 months than ransomware. The idea that your data is sitting on your disks but inaccessible because of a hack is rightfully horrifying to most security professionals.

Preventing Ransomware, by Abhijit Mohanta, Mounir Hahad, and Kumaraguru Velmurugan, is a primer on precisely what ransomware is and what it does, and how to keep your organization from becoming one of its victims.

This book is an important reference for cybersecurity professionals and a critical reference for those just coming into the field. The authors, all seasoned security veterans, lead the reader through both concepts and practical applications to help minimize the danger from the frightening cyber threat.

The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win

A growing number of security teams are becoming part of the DevOps — or DevSecOps — efforts of their organizations. If you haven’t been part of an agile development team before, or just want to know more about what all of the terms and concepts mean, then this novel is an easy introduction to the topic.

In The Phoenix Project, authors Gene Kim, Kevin Behr, and George Spafford lead the reader through an IT development process that begins near disaster and gradually becomes a success by the application of key lessons. While not specifically about security, The Phoenix Project is a book that will prove valuable to any security pro who’s looking for a new approach to building security into processes and communicating more effectively with teams that have adopted an agile methodology.

A Rock & Roll Hall of Fame for Cybersecurity Books

To identify a list of must-read books for all cybersecurity practitioners – be they from industry, government or academia — where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.