Benjamin Franklin once said: “An investment in knowledge always pays the best interest.” On the other hand, author Anthony J. D'Angelo cautioned: “In your thirst for knowledge, be sure not to drown in all the information.” And this warning certainly applies to cybersecurity.
To help you separate meaningful insights from raw noise, we have compiled a list of seven must-read cybersecurity books in 2021. To give you an idea of what’s in store, we have also included a description supplied by the author/publisher of each book.
Please note that the following books are listed in alphabetical order (by the author’s last name), and that all books were published in the last four years.
Also, we have a special offer where you could receive one of these top-rated books for FREE. You will find the details at the end of the article!
Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity
By: Marcus J. Carey and Jennifer Lin
About the book: This guide is packed with insights on blue team issues from the biggest names in cybersecurity. Inside, dozens of the world’s leading Blue Team security specialists show you how to harden systems against real and simulated breaches and attacks. You’ll discover the latest strategies for blocking even the most advanced red-team attacks and preventing costly losses. The experts share their hard-earned wisdom, revealing what works and what doesn’t in the real world of cybersecurity.
Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises.
- Discover what it takes to get started building blue team skills.
- Learn how you can defend against physical and technical penetration testing.
- Understand the techniques that advanced red teamers use against high-value targets.
- Identify the most important tools to master as a blue teamer.
- Explore ways to harden systems against red team attacks.
- Stand out from the competition as you work to advance your cybersecurity career.
Authored by leaders in cybersecurity attack and breach simulations, the Tribe of Hackers series is perfect for those new to blue team security, experienced practitioners, and cybersecurity team leaders. Tribe of Hackers Blue Team has the real-world advice and practical guidance you need to advance your information security career and ready yourself for the blue team defense.
The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats
By: Richard A. Clarke and Robert K. Knake
About the book: There is much to fear in the dark corners of cyberspace. From well-covered stories like the Stuxnet attack which helped slow Iran's nuclear program, to lesser-known tales like EternalBlue, the 2017 cyber battle that closed hospitals in Britain and froze shipping crates in Germany in midair, we have entered an age in which online threats carry real-world consequences. But we do not have to let autocrats and criminals run amok in the digital realm. We now know a great deal about how to make cyberspace far less dangerous—and about how to defend our security, economy, democracy, and privacy from cyberattacks.
This is a book about the realm in which nobody should ever want to fight a war: the fifth domain, the Pentagon's term for cyberspace. Our guides are two of America's top cybersecurity experts, seasoned practitioners who are as familiar with the White House Situation Room as they are with Fortune 500 boardrooms. Richard A. Clarke and Robert K. Knake offer a vivid, engrossing tour of the often unfamiliar terrain of cyberspace, introducing us to the scientists, executives, and public servants who have learned through hard experience how government agencies and private firms can fend off cyber threats.
Clarke and Knake take us inside quantum-computing labs racing to develop cyber superweapons; bring us into the boardrooms of the many firms that have been hacked and the few that have not; and walk us through the corridors of the U.S. intelligence community with officials working to defend America's elections from foreign malice. With a focus on solutions over scaremongering, they make a compelling case for "cyber resilience"—building systems that can resist most attacks, raising the costs on cybercriminals and the autocrats who often lurk behind them, and avoiding the trap of overreaction to digital attacks.
Above all, Clarke and Knake show us how to keep the fifth domain a humming engine of economic growth and human progress by not giving in to those who would turn it into a wasteland of conflict. Backed by decades of high-level experience in the White House and the private sector, The Fifth Domain delivers a riveting, agenda-setting insider look at what works in the struggle to avoid cyberwar.
Hacking the Hacker: Learn from the Experts Who Take Down Hackers
By: Roger A. Grimes
About the book: Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology. Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top.
Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure.
- Go deep into the world of white hat hacking to grasp just how critical cybersecurity is.
- Read the stories of some of the world's most renowned computer security experts.
- Learn how hackers do what they do―no technical expertise necessary.
- Delve into social engineering, cryptography, penetration testing, network attacks, and more.
As a field, cybersecurity is large and multi-faceted―yet not historically diverse. With a massive demand for qualified professionals that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.
The Cyber-Elephant in the Boardroom: Cyber-Accountability with the Five Pillars of Security Framework
By: Mathieu Gorge
About the book: We’ve all read the cybersecurity horror stories: a prominent company exposes the private information of their customers only to scramble after the fact to apologize and safeguard the data. Cybersecurity is often an afterthought, a much lower priority than profit―until a data breach threatens the bottom line anyway.
In The Cyber-Elephant in the Boardroom, data security expert and CEO Mathieu Gorge, along with a host of guests, shows why protecting a company’s data should be top of mind for C-suites and corporate boards. With the innovative 5 Pillars of Security Framework, any C-level executive can understand their organization’s cyber risk and the steps they need to take to protect their information. There’s a cyber-elephant in the boardroom and it needs to be addressed!
Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home
By: Scott N. Schober and Craig W. Schober
About: Since the publication of his first book, Hacked Again, Scott Schober has dedicated himself to educating anyone who would listen by telling his own story of being hacked in the hope that others can learn from his own mistakes. Now joined by his brother Craig, the two have set their sights on the biggest target of all, small businesses. There are 30 million small businesses currently operating in the United States. Some of them are single owner/operated while others collectively employ hundreds of millions. This book is for all of them and anyone who makes it their business to stay safe from phishing attacks, malware spying, ransomware, identity theft, major breaches, and hackers who would compromise their security. We are all in this together, which is why cybersecurity is everybody's business. Scott and Craig Schober examine a multitude of cybersecurity issues affecting all of us including:
- Cyber Insurance
- Internet of Things
- State Sponsored Hacking and Spying
- Card Skimmers & Identity Theft
- Social Engineering
- Phishing Attacks
- Vital Password Creation
- Virtual Private Networks
Scott and Craig Schober delve into the details of the latest cyber breaches that made headlines and continue to affect your small business and all consumers such as: the Ashley Madison Hack, the Yahoo Hack, the Marriott Hotel Hack, the Anthem Hack, the Equifax Hack, and the Uber Hack. Throughout Cybersecurity Is Everybody’s Business, Scott and Craig not only contextualize the impact of these cyberattacks on your small business and daily lives, but also provide expert insight and a plan of attack for fending off future security breaches. Through tips and advice gained since his last book, Scott offers hope in the ever-changing world of cybersecurity.
By: Edward Snowden
About the book: In 2013, twenty-nine-year-old Edward Snowden shocked the world when he broke with the American intelligence establishment and revealed that the United States government was secretly pursuing the means to collect every single phone call, text message, and email. The result would be an unprecedented system of mass surveillance with the ability to pry into the private lives of every person on earth. Six years later, Snowden reveals for the very first time how he helped to build this system and why he was moved to expose it.
Spanning the bucolic Beltway suburbs of his childhood and the clandestine CIA and NSA postings of his adulthood, Permanent Record is the extraordinary account of a bright young man who grew up online―a man who became a spy, a whistleblower, and, in exile, the Internet’s conscience. Written with wit, grace, passion, and an unflinching candor, Permanent Record is a crucial memoir of our digital age and destined to be a classic.
Cybersecurity Ops with bash: Attack, Defend, and Analyze from the Command Line
By: Paul Troncone and Carl Albind, PhD
About the book: Cybersecurity Ops with bash is written for those who wish to achieve mastery of the command line in the context of computer security. The goal is not to replace existing tools with command-line scripts, but rather to teach you how to use the command line so you can leverage it to augment your existing security capabilities.
Throughout this book, we focus examples on security techniques such as data collection, analysis, and penetration testing. The purpose of these examples is to demonstrate the command line’s capabilities and give you insight into some of the fundamental techniques used by higher-level tools.
This book assumes basic familiarity with cybersecurity, the command-line interface, programming concepts, and the Linux and Windows operating systems. Prior knowledge of bash is useful but not necessarily needed. This book is not an introduction to programming, although some general concepts are covered in Part I.
We are inviting members of our community to review one of the books on our list. Their review will be published on the Devolutions blog later this year. Here are the details:
- You can receive and review one book on the list, provided that it is still available (i.e., it has not been selected by someone else).
- Reviews must be a minimum of 500 words, and a maximum of 1,000 words.
- Reviews may be edited for style and structure.
- Reviews must be submitted to us within 120 days of receiving the book.
If you are interested in participating, please send me an email at firstname.lastname@example.org with your book selection. If it is still available, we will ask for your address so we can send you the book as our gift. Please allow up to five business days for a response.