<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Vendor Risk Management

10 Cybersecurity Thought Leaders You Should Be Following

Melissa Stevens | July 21, 2015

In a recent Forbes Magazine article, contributor Larry Magid quipped, “Your cyber hygiene affects others.” We couldn’t agree more, and if you’re reading this article, you probably do, too. And, I’m sure you know that as more people gain access to the internet, and as it continues to grow rapidly and dynamically with more and more devices coming online daily, there are new and emerging cyber threats around every corner.

So who can you turn to for new information and trusted research?

Looking to streamline your vendor risk management process? Take a look at these tools and techniques. 

Instead of making you dig through your networking toolbox for the answer to that question, we’ve compiled this helpful resource. The following is a list of 10 individuals (organized alphabetically by last name), who have made (and continue to make) a big impact in the cybersecurity world. If you keep an eye on their blogs, podcasts, social media, and more, we’re certain you’ll learn a thing or two.

10 Cybersecurity Thought Leaders You Should Be Following

1. Richard Bejtlich: @taosecurity 

Richard Bejtlich is the Chief Security Strategist at FireEye, a cybersecurity and malware protection company. He is also a writer—he recently authored “The Practice of Network Security Monitoring: Understanding Incident Detection Response”—and he blogs regularly. A former military intelligence officer, Bejtlich is now continuing his education through the pursual of a doctorate of philosophy in war studies at King’s College in London, England.

2. Andy Ellis: @CSOAndy

Andy Ellis is the Chief Security Officer at Akamai, a leader in content delivery network (CDN) solutions. At Akamai, he runs the security team and oversees the security compliance of the organization. He has become very influential in the cybersecurity space over the past several years. Though not updated regularly, his blog is a great source of archived information on cybersecurity, and his Twitter feed is stocked full of security wisdom.

3. Marc Goodman: @futurecrimes

Marc Goodman is a popular blogger, a public speaker, an advisor, and the best-selling author of the book “Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It.” His work focuses on the “disruptive impact of advancing technologies on security, business, and international affairs,” which certainly qualifies him for our list. Be sure to check out his Twitter feed for original and retweeted thoughts, articles, and more.

4. Alex Hutton: @alexhutton

Alex Hutton is an Information Security & Risk Leader at Zions National Bank. Additionally, he is the Vice President of the InfoSec Institute (which offers online training, boot camps, and classes on IT security), is on faculty at the Institute of Applied Network Security (IANS), was a founding member of the Society of Information Risk Analysts (SIRA), and is a board member for the BSides security conference. So if you’re looking to be schooled on IT risk management and cybersecurity, Hutton is your guy!

5. Jay Jacobs: @jayjacobs

Jay Jacobs (along with Bob Rudis, who is mentioned below) is the co-author of “Data Driven Security,” and runs a popular podcast and blog on that same topic (also with Rudis). Jay has recently worked as a data analyst for Verizon Wireless and is the Vice President of the Society of Information Risk Analysts (SIRA), but we’d be remiss not to mention that Jay has joined the BitSight team as Senior Data Scientist. (So as you can see, we’re quite fond of his work in security data science!)

6. Brian Krebs: @briankrebs

Brian Krebs is an author, a journalist, and the popular blogger behind “KrebsonSecurity,” a well-known cybercrime blog. He was also a reporter at the Washington Post for over a decade, where he wrote about internet security, privacy, and cybercrime. In 2014, he authored a New York Times’ best-seller titled “Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door.”

7. Avivah Litan: @avivahl

Avivah Litan is the Vice President and Distinguished Analyst for Gartner Research. As an MIT grad with over 30 years of experience in the IT industry, Litan has set herself apart as a cybersecurity and fraud expert. She authors a successful and popular blog where she regularly discusses those topics, so be sure to take a look.

8. Allison Miller: @selenakyle

As head of Ads Risk strategy at Google, the president of the board of directors at the Society of Information Risk Analysts (SIRA), and a board member at the International Information Systems Security Certification Consortium (ISC2), Allison Miller's risk research and work in anti-fraud/anti-abuse automation place her at the forefront of the cybersecurity pack. She is very active on her Twitter account, making her a great thought leader to follow.

9. Bob Rudis: @hrbrmstr

Bob Rudis is the previously mentioned co-author of the Data Driven Security podcastblog, and book. He currently works with Verizon as a Security Data Scientist, and has spent a great deal of time working on Verizon’s comprehensive Data Breach Investigations Report. His expertise and passion in the cybersecurity field make him an excellent thought leader to follow. He also presented a webinar with BitSight CTO and cofounder Stephen Boyer based on their talk from the 2015 RSA Conference. Watch it here.

10. Chris Wysopal: @WeldPond

As the co-founder and Chief Technology Officer of Veracode, Chris Wysopal has emerged as a major thought leader in the application security space. He is also a member of the Black Hat Review Board, comprised of 21 thought leaders in the information security space. His regular tweeting about emerging threats and newly published research make his 24,000 followers very happy!

Who Are We Missing?

If you, or someone you know, should be included on this list, tweet us @BitSight; they may end up in a future version of this article!

 

security ratings  

Suggested Posts

Worthwhile TPRM Certifications for Security & Risk Professionals

As the importance of third-party risk management (TPRM) continues to grow, organizations are hiring for related roles more seriously than ever before. To compensate, security and risk professionals are seeking out certification programs in...

READ MORE »

Which Third-Party Risk Management Tools Do You Really Need?

With high-profile breaches being traced back to supply chain vulnerabilities and a regulatory environment that’s waking up to the realities of vendor risk, many organizations are investing heavily in third-party risk management (TPRM)...

READ MORE »

New Study: Organizations Struggle to Manage Cyber Risk in Their Supply Chains

A new report from McKinsey & Company sheds light on something we’ve known for many years – organizations are struggling to make significant progress in managing cybersecurity risk in their supply chains.

READ MORE »

Subscribe to get security news and updates in your inbox.