17 Cybersecurity Thought Leaders You Should Be Following

17 Cybersecurity Thought Leaders You Should Be Following

As more of the world’s population gains access to the internet and more and more devices come online daily, there are new and emerging cyber threats around every corner.

Who can you turn to for new information and trusted research about these threats?

Instead of digging through your networking toolbox for the answer to that question, we’ve compiled this helpful resource. The following is a list of 17 individuals (organized alphabetically by last name), who have made (and continue to make) a big impact in the cybersecurity world. If you keep an eye on their blogs, podcasts, and social media we’re certain you’ll learn a best practice or two.

So who can you turn to for new information and trusted research?

Looking to streamline your vendor risk management process? Take a look at these tools and techniques.

Instead of making you dig through your networking toolbox for the answer to that question, we’ve compiled this helpful resource. The following is a list of 10 individuals (organized alphabetically by last name), who have made (and continue to make) a big impact in the cybersecurity world. If you keep an eye on their blogs, podcasts, social media, and more, we’re certain you’ll learn a thing or two.

17 Cybersecurity Thought Leaders You Should Be Following

1. Richard Bejtlich: @taosecurity

A former military intelligence officer, Richard Bejtlich is the Principal Security Strategist at Corelight, Inc., a cybersecurity solutions company. He is also a writer — he authored the 2013 book The Practice of Network Security Monitoring: Understanding Incident Detection Response — and he posts blogs regularly. Follow him on Twitter for digital security insight.

2. Anton Chuvakin: @anton_chuvakin

Dr. Anton Chuvakin is head of solution strategy at Google Chronicle, and former Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP). Cloud security has taken center stage in the workplace thanks to COVID, and you’ll find plenty of cloud security content on Chuvakin’s Twitter as well as on his blog, Anton on Security.

3. Andy Ellis: @CSOAndy

Andy Ellis is the Chief Security Officer at Akamai, a leader in content delivery network (CDN) solutions. At Akamai, he runs the security team and oversees the security compliance of the organization. He has become very influential in the cybersecurity space over the past several years. Though not updated regularly, his blog is a great source of archived information on cybersecurity, and his Twitter feed is stocked full of security wisdom.

4. Dan Goodin: @dangoodin001

Dan Goodin is Security Editor at Ars Technica, where he covers malware, computer espionage, hacking, and other cybersecurity news. His Twitter pagee is a great source of insight to what the world of cybersecurity journalism is currently talking about.

5. Marc Goodman: @futurecrimes

Marc Goodman is a popular blogger, a public speaker, an advisor, and the best-selling author of the book Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It. His work focuses on the “disruptive impact of advancing technologies on security, business, and international affairs,” which certainly qualifies him for our list. Be sure to check out his Twitter feed for insightful thoughts, articles, and more.

6. Alex Hutton: @alexhutton

Alex Hutton is a Cyber Security Defense Executive at Bank of America. Formerly, Hutton was a Security Leader and Director of Operational Risk at Zions Bancorporation, a founding member of the Society of Information Risk Analysts, and a Board Member at the FAIR Institute. So if you’re looking to increase your knowledge on IT risk management and cybersecurity, Hutton is your guy!

7. Jay Jacobs: @jayjacobs

Jay Jacobs (along with Bob Rudis, who is mentioned below) is the co-author of “Data Driven Security,” and runs a popular podcast and blog on that same topic (also with Rudis). Jay has recently worked as a data analyst for Verizon Wireless and is the Vice President of the Society of Information Risk Analysts (SIRA), but we’d be remiss not to mention that Jay has joined the Bitsight team as Senior Data Scientist. (So as you can see, we’re quite fond of his work in security data science!)

8. Brian Krebs: @briankrebs

Brian Krebs is an author, a journalist, and the popular blogger behind KrebsonSecurity, a well-known cybercrime blog. He was also a reporter at the Washington Post for over a decade, where he wrote about internet security, privacy, and cybercrime. In 2014, he authored a New York Times’ best-seller titled Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door.

2023 Gartner RC Image Square

“By 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.” How can a human-centric design strengthen your cybersecurity program? Get your report to learn from key predictions, market implications, and recommendations.

9. Chris Krebs: @C_C_Krebs

Chris Krebs is the former Director of the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security. He remains a prominent figure in cybersecurity, and his exit from CISA this year put his name back in the news. He remains a leading voice in security practices and infosec.

10. Avivah Litan: @avivahl

Avivah Litan is the Vice President and Distinguished Analyst for Gartner Research. As an MIT grad with over 30 years of experience in the IT industry, Litan has set herself apart as a cybersecurity and fraud expert. She authors a successful and popular blog where she regularly discusses current topics, and is a great source for newsworthy discussion points.

11. Whitney Maxwell: @whitneynmaxwell

Whitney Maxwell is a Security Consultant at Rapid7, a security data and analytic software solutions company. She received a DEFCON Black Badge in 2018 when she took first place in the Social Engineering Village competition, and she frequents the conference circuit to share her research on social engineering and security awareness.

12. Allison Miller: @selenakyle

Allison Miller is the SVP of Engineering at Bank of America and a Board Trustee for the Center for Cyber Safety and Education. In the past, she was also head of Ads Risk strategy at Google, as well as a board member for both the International Information Systems Security Certification Consortium (ISC2) and the Society of Information Risk Analysts (SIRA). Her risk research and work in anti-fraud/anti-abuse automation place her at the forefront of the cybersecurity pack. She is very active on her Twitter account, making her a great thought leader to follow.

13. Bob Rudis: @hrbrmstr

Bob Rudis is the previously mentioned co-author of the Data Driven Security podcast, blog, and book. He is currently Chief Data Scientist at Rapid7. In the past, he worked with Verizon as a Security Data Scientist, and spent a great deal of time working on Verizon’s comprehensive Data Breach Investigations Report. His expertise and passion in the cybersecurity field make him an excellent thought leader to follow. He also presented a webinar with Bitsight CTO and cofounder Stephen Boyer based on their talk from the 2015 RSA Conference. Watch it here.

14. Kelly Shortridge: @swagitda_

Kelly Shortridge is VP of Product Strategy at Capsule8, a company that provides attack protection for enterprise Linux, and the author of Security Chaos Engineering, an O’Reilly press report. Her expertise is focused in the area of resilient systems and the intersection of workplace culture and security technology.

15. Camille Stewart: @CamilleEsq

Camille Stewart is a cybersecurity attorney who has won numerous awards for her work in cybersecurity, foreign policy, and more, including 2019 Cybersecurity Woman of the Year in the category of “Barrier Breaker.” During the Obama administration, she was appointed Senior Policy Advisor at the Department of Homeland Security focusing on cyber, infrastructure, and foreign policy. She currently sits on the boards of various security organizations and covers national security for the Washington Post.

16. Rachel Tobac: @RachelTobac

Rachel Tobac is the CEO of SocialProof Security, a company that focuses on the social engineering aspects of cybersecurity. She won 2nd place in the DEFCON Social Engineering Capture the Flag (SECTF) three times. On her Twitter, she discusses infosec, as well as how organizations can help prevent social engineering attacks.

17. Chris Wysopal: @WeldPond

As the co-founder and Chief Technology Officer of Veracode, Chris Wysopal has emerged as a major thought leader in the application security space. He is also a member of the Black Hat Review Board, composed of 21 thought leaders in the information security space. His regular tweeting about emerging threats and newly published research make his 52k+ followers very happy!

Who Are We Missing?

If you, or someone you know, should be included on this list, tweet us @Bitsight; they may end up in a future version of this article!