A Cybersecurity Reading List
We now have access to more information than at any other time in history, but it can be daunting to know where to start when trying to keep abreast of a topic like cybersecurity.
Scott Young, director of the California Cyberhub, has said that making sure the California Cyberhub efforts remain relevant and effective has been much like providing solutions as a business consultant, you must remain current and informed. Scott’s passion for lifelong learning and staying current on what’s happening in a given field has driven his reading throughout his consulting career. To make sure he has the perspective and tools to give appropriate advice he has compiled the following list of resources and recommendations for those participating in the cybersecurity ecosystem:
CompTIA Smart Brief: This feed has a lot of good information about the cyber sector and specifically CompTIA’s certification and education offerings and events. It is CompTIA’s business to reflect the needs of their business membership, so they provide a great mirror of industry need.
CAL-CSIC: The California Cybersecurity Integration Center, part of the California Department of Emergency Services, is a very important group in California. They provide an aggregation of the latest news on attack modes, actors and legislation around cybersecurity. They also provide any advisories around attacks and defense for active incidences. You must register as a member of CAL-CSIC to receive the morning brief.
Information Week: This publication is primarily focused on C Suite readers. As such it gives a very good view of general and high-level issues facing the industry. This is great for identifying trends and other movement in the tech industry.
TechRepublic: This publication is another daily read and one of my favorites for keeping in tune with hiring trends and new technologies. It is primarily focused on the activities in “the trenches” where the tech sector is concerned. They also have fun weekend columns about science fiction books, movies and other recreational activities. You can’t be serious all the time in this business.
CAE Community: This publication is sent from CSU San Bernardino. As the regional center for the Department of Homeland Security’s CAE Designation program, they provide current information about CAE training, mentoring, conferences and faculty opportunities. This is becoming a very important topic for anyone wishing to align their company or learning institution to Department of Defense standards.
National Cyberwatch: This organization was formed under a grant from the National Science Foundation and provides resources and up-to-date information on curriculum, resources and contacts, nation-wide, relating to cybersecurity.
SANS Institute: A stalwart in the tech industry, SANS provides current research and news relating to cybersecurity. They also provide certifications and training relating to audit and governance cybersecurity. Their publications and feeds are a great source for ideas, curriculum, news and events relating to cyber in general and specifically cybersecurity.
NICE – NIST: The National Institute of Standards and Technology (NIST) Cybersecurity Framework is a key component of DOD jobs and contracts as well as Department of Labor apprenticeship standards. Understanding this framework and keeping current on its changes is very important. The National Initiative for Cybersecurity Education (NICE) is a sub-program focusing on helping educators respond to and prepare professional for a profession where the NIST framework is prevalent. This is another great source for anyone working with or in the education segment.
While the above list does not address the many specializations in tech and cybersecurity it does provide a good base to develop your own regular reading program. Above all, consistency and vigilance are crucial to staying current and relevant.