Goodreads
I’ve been trying to broaden my reading horizons over recent years. That’s meant looking to get out of a bad habit of reading almost exclusively work related (IT and cyber) books. It’s brought me back to reading physical, printed books and to loving the feeling of getting lost in a good novel.
I read a lot on my Kindle, and Goodreads has become a nice source of inspiration in finding good books to get. With that in mind, I’ll share a handful of suggested cybersecurity titles that might serve as something like a Goodreads list for some of you I hope. Here they are (I’m not providing links for them, but you should be able to find all of them at Amazon or similar online / brick and mortar retailers):
The Cuckoo's Egg, by Clifford Stoll
If you’re gonna read one book on a hippie astronomer who invents cybersecurity threat hunting, it really should be this one - since he did.
Tribe of Hackers
I can’t think of better book to grab than this one if you are just getting into cybersecurity and trying to figure out which area of cyber is most interesting and/or accessible to you. Or even if you are mid-career and still exploring the same topic.
If It’s Smart, It’s Vulnerable
A look at how connecting all the things often means all those things are vulnerable. It’s also full of fun and fascinating tales from the trenches in the world of fighting against computer viruses over the last few decades.
Sandworm
If you’re gonna read just one book that is a riveting, can’t put it down, deeply researched and fact based story of Russia’s use of cyber warfare against the electric power grid in Ukraine, it can only be this one.
Blue Team Field Manual and Red Team Field Manual
Old school and super useful pocket guide type books for those working (or looking to be working) on cybersecurity blue and/or red team effort. Great collection of cheat sheets, definitions, command line syntax examples and more. I just took a preview look at Blue Team Field Manual on the Kindle app on my phone and it looks great.
How to Measure Anything in Cybersecurity Risk
For anyone interested in cyber risk assessment / cyber risk management, this is an excellent title that makes a very strong case for the use of and significant benefits of quantitative cyber risk assessment.
Course Change
That’s the little ship of Tech & Nonsense pictured above. An action shot of the course change if you like :)
I’ve been thinking on shifting my focus here for a little while. It’s not a huge shift, it’s more like a shift back towards why I love the site name Tech & Nonsense. For me, the name offers a lot of leeway, a lot of room to write about whichever areas of technology are grabbing me the most on the day sort of thing. I’ll do the same with a “nonsense” topic, which really just means not purely technical for me here.
I will most likely still write on some cybersecurity topics, and I may do a few more Cyber Starters Live Q&A sessions if there is interest in those too. But I will feel free to write 5 things in a row about GenAI and how it is impacting so much more than cyber. Or to post on PKM and methods and tools I’m using to build mine up.
This is also a shift back to two topics that have fascinated me for almost 30 years now: the idea of a computer in our pocket and the desire to be continually building my own little knowledge base.
The Cuckoo's Egg is SUCH a classic. Underdog guy. I was screaming every time he tried to get the higher ups to listen. I bought the hardcopy AND listened to the audiobook.