8 Blogs & Newsletters CISOs Should Subscribe To

Brian Thomas | November 19, 2019 | tag: Cybersecurity

Cybersecurity is always changing, and it's up to CISOs to keep up with the times. There are plenty of blogs and newsletters offering information on new developments in data security, but not all of them are worth following. 

To help narrow down your search for the best CISO blogs or newsletters, check out these eight popular options:

1. Krebs on Security 

Brian Krebs is one of internet’s preeminent cybersecurity journalists. His website, Krebs On Security, is a must-bookmark for CISOs.  

Browse through hundreds of free blog posts on Krebs on Security to learn about current events in cybersecurity, major data breaches, and emerging malware. 


In their “Security” section, WIRED offers thought-provoking, award-winning insights and investigations into cybersecurity trends, emerging threats, and cyber attacks from around the globe. 

You can subscribe to the WIRED newsletter and receive the latest news on cybersecurity right in your inbox. 

3. CIS

The Center for Internet Security (CIS) is an excellent resource for CISOs looking to stay current with data security policies and best practices. With an extensive backlog of how-to guides, research, and interviews, this resource offers a wealth of valuable information for CISOs and other cybersecurity professionals. 

You can also subscribe to CIS for access to cybersecurity webinars and newsletters.

4. Ponemon Institute

Ponemon Institute is considered “the preeminent research center dedicated to privacy, data protection, and information security policy.” The Ponemon Institute blog, updated by the Institute’s founder Dr. Larry Ponemon, offers condensed versions of their research, plus insightful coverage of data breaches, cyber hygiene, and security risks.


The National Association of State Chief Information Officers (NASCIO) is a nonprofit organization working “to foster government excellence through leadership of quality business practices, information management, and technology policy.” 

The NASCIO News Room contains press releases, news for state and federal CIOs, and insights into cybersecurity legislation. 

No formal membership is necessary — anyone may access the News Room. If you’re a NASCIO member, you can use the community login to access more features. 


The SANS Institute is a cooperative research and education organization with programs that reach more than 165,000 security professionals worldwide. 

They offer two newsletters: SANS NewsBites, offering semi-weekly, high-level summaries on the most important IT security news from the last week, and @RISK, a weekly summary of cyber attacks and emerging vulnerabilities.

7. Deloitte

Deloitte is a great resource for surveys and reports on cybersecurity and CISO-related concerns, including an annual “Future of Cyber” survey. 

Access their newsroom or sign up for an email subscription to keep up to date on the topics that matter most to you, access newsletters and webinars, and receive alerts when new Deloitte Insights content becomes available. 

8. BitSight

The BitSight blog is an excellent resource for CISOs, covering topics like third-party risk management, cybersecurity regulations, security performance management, communication and executive reporting, and more. 

Subscribe below to get the latest BitSight blogs, guides, and research directly in your inbox

Keeping up to date with the latest cybersecurity news is a core part of a CISO’s job description. Subscribe to these blogs and newsletters for high-quality news, insights, and research. 

Read the CISO's guide to improving security program effectiveness. 


CISOs have a tough job.

How can they gain buy-in to improve security program effectiveness?

Read The Guide

Suggested Posts

Third Party Services: The Cyber Risk They Pose and How to Protect Your Organization

To serve your customers and realize efficiencies, your organization may work with dozens if not hundreds of third parties including partners, vendors, cloud service providers, and subcontractors. 

But digital ties with these providers...


What is Network Segmentation Cyber Security and is it Right for You?

These days, we often hear the word “quarantine” in everyday conversations--but quarantining takes on a different meaning when it comes to protecting your network. 

Often, when we discuss quarantining from a cyber security perspective...


The BitSight and Moody's Partnership: A New Era For Cybersecurity

Cybersecurity is one of the biggest threats to global commerce in the 21st century.

By providing data-driven insights into cybersecurity, we can empower the marketplace to make better, risk-informed decisions and create a more secure...


Get the Weekly Cybersecurity Newsletter.