If you want to find out what’s happening in the world, you probably turn to your favorite news outlet. Maybe it’s your local paper or something more widely circulated, like the Washington Post or the New York Times. But if you want to find out what is happening on a day-to-day basis with cybersecurity governance and policy, you’ll need to have a stash of bookmarked blogs at the ready.
The experts behind the 22 blogs listed below break news, offer detailed commentary, and summarize important security details. The granular-level analyses these IT security blogs provide give a great amount of context and detail you can’t find in the mainstream press.
Andrew Hay is a former research director at OpenDNS, and he has an extensive background in cybersecurity. His blog, which dates back to July 2006, is updated consistently with news and happenings in the security community.
With a tag line that states “Connecting the information security community,” you know Dark Reading is worth the bookmark. Catch up on the latest breaches and hacks, cloud security updates, authentication and privacy happenings, and much more.
Brian Krebs is a former investigative journalist who breaks news on all of the major breaches. He explains breaches in layman's terms and does a great job of researching how the attackers get in. (By the way, this is one of my personal favorites!)
Politico Morning Cybersecurity is a daily summary of news surrounding the cybersecurity industry. It specializes in cybersecurity legislation, government cybersecurity, the latest cybersecurity research and reports, and quick bytes of security news.
The SANS Institute is a well-known IT security and training firm, of which Frank Kim is the chief information security officer. His blog covers secure software development lifecycles (SDLC), vulnerabilities, and more.
Securelist is a Russian-led website that features articles on security policies, incidents, technologies, research, and much more. It also hosts an encyclopedia and statistics on cybersecurity threats, viruses, and spam.
Noteworthy on this blog are the Summary posts, which offer a roundup of the author’s favorite articles both on the Securosis blog and from outside sources, as well as noteworthy podcasts, conferences, reports, presentations, news, and more.
Not only does Richard Bejtlich discuss cybersecurity on his highly regarded blog, but he also discusses “strategic thought and military history.” Check out TaoSecurity for an interesting look at the security world.
The State of Security is an award-winning blog, which features a mix of industry news and analysis. It does a great job of breaking down current security news and events and explaining why the reader should care about the topic at hand.
Unique to the WatchGuard Security blog are the quick little videos called “Security Bytes” that explain new vulnerabilities, malware, and other problems (with links to the sources if you want to find out more).
If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...
If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...
During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...