8 Blogs & Newsletters CISOs Should Subscribe To

Cybersecurity is always changing, and it's up to CISOs to keep up with the times. There are plenty of blogs and newsletters offering information on new developments in data security, but not all of them are worth following.

To help narrow down your search for the best CISO blogs or newsletters, check out these eight popular options:

1. Krebs on Security

Brian Krebs is one of internet’s preeminent cybersecurity journalists. His website, Krebs On Security, is a must-bookmark for CISOs.

Browse through hundreds of free blog posts on Krebs on Security to learn about current events in cybersecurity, major data breaches, and emerging malware.


In their “Security” section, WIRED offers thought-provoking, award-winning insights and investigations into cybersecurity trends, emerging threats, and cyber attacks from around the globe.

You can subscribe to the WIRED newsletter and receive the latest news on cybersecurity right in your inbox.

3. CIS

The Center for Internet Security (CIS) is an excellent resource for CISOs looking to stay current with data security policies and best practices. With an extensive backlog of how-to guides, research, and interviews, this resource offers a wealth of valuable information for CISOs and other cybersecurity professionals.

You can also subscribe to CIS for access to cybersecurity webinars and newsletters.

4. Ponemon Institute

Ponemon Institute is considered “the preeminent research center dedicated to privacy, data protection, and information security policy.” The Ponemon Institute blog, updated by the Institute’s founder Dr. Larry Ponemon, offers condensed versions of their research, plus insightful coverage of data breaches, cyber hygiene, and security risks.


The National Association of State Chief Information Officers (NASCIO) is a nonprofit organization working “to foster government excellence through leadership of quality business practices, information management, and technology policy.”

The NASCIO News Room contains press releases, news for state and federal CIOs, and insights into cybersecurity legislation.

No formal membership is necessary — anyone may access the News Room. If you’re a NASCIO member, you can use the community login to access more features.


The SANS Institute is a cooperative research and education organization with programs that reach more than 165,000 security professionals worldwide.

They offer two newsletters: SANS NewsBites, offering semi-weekly, high-level summaries on the most important IT security news from the last week, and @RISK, a weekly summary of cyber attacks and emerging vulnerabilities.

7. Deloitte

Deloitte is a great resource for surveys and reports on cybersecurity and CISO-related concerns, including an annual “Future of Cyber” survey.

Access their newsroom or sign up for an email subscription to keep up to date on the topics that matter most to you, access newsletters and webinars, and receive alerts when new Deloitte Insights content becomes available.

8. BitSight

The BitSight blog is an excellent resource for CISOs, covering topics like third-party risk management, cybersecurity regulations, security performance management, communication and executive reporting, and more.

Subscribe below to get the latest BitSight blogs, guides, and research directly in your inbox

Keeping up to date with the latest cybersecurity news is a core part of a CISO’s job description. Subscribe to these blogs and newsletters for high-quality news, insights, and research.

Read the CISO's guide to improving security program effectiveness.