Whether you are just beginning your cybersecurity career or a seasoned pro, the field is so complex and moving so fast that there is always an opportunity to learn more.
We have talked to more than two dozen cybersecurity experts, including professors, researchers, and heads of industry, and gotten recommendations for the best resources to create your own, personalized cybersecurity library, including books, articles, papers, podcasts, videos, and more.
“I always tell my students that cybersecurity is an ever-changing field. They need to be aware of that and never stop learning. They must continually apply self-improvement principles.”
— Ryan Sporrer, cybersecurity and digital crime instructor at Western Iowa Tech
Related resources
Here are the cybersecurity reading recommendations from the experts
| Resource | Author/Domain | Recommendation |
| BOOKS | ||
| @War | Shane Harris | Ken Dewey |
| Computer and Internet Security | Wenliang Du | Prasad Calyam |
| Computer Security: Art and Science | Matt Bishop | Matt Bishop |
| Crypto | Steven Levy | Ken Dewey |
| Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World | Joseph Menn | Ryan Sporrer |
| Cybercon: Protecting Ourselves from Big Tech & Bigger Lies | James L Norrie | Tamara Schwartz |
| Cyber Risk Handbook | Domenic Antonucci | Stan Mierzwa |
| Cyber Smart | Bart R McDonough | Stan Mierzwa |
| Daemon (fiction) | Daniel Suarez | Tamara Schwartz |
| Dark Territory | Fred Kaplan | Drew Hamilton |
| Forensic Discovery | Dan Farmer and Wietse Venema | Drew Hamilton |
| Foundations of Cryptography | Oded Goldreich | Eugene Vasserman |
| Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker | Kevin Mitnick | Ryan Sporrer |
| Hackers | Steven Levy | Ken Dewey |
| Hacking Exposed (book series) | various | Ryan Sporrer |
| Hacking: The Art of Exploitation | Jon Erikson | James Banfield |
| In the Plex | Steven Levy | Ken Dewey |
| Pentagon Brain | Annie Jacobson | Ken Dewey |
| Which Side of History | James Steyer | Yan Solihin |
| Network Security Bible | Eric Cole | James Banfield |
| No Starch Press cybersecurity book series | various | Bill Mahoney |
| Rules for Radicals | Saul Alinsky | Matt Bishop |
| Reveille for Radicals | Saul Alinsky | Matt Bishop |
| Schneier on Security | Bruce Schneier | Clifford Neuman |
| Security Engineering | Ross Anderson | Eugene Vasserman |
| Social Engineering: The Science of Human Hacking | Christopher Hadnagy | Hossein Sarrafzadeh |
| Spam Nation | Brian Krebs | Ken Dewey |
| Superintelligence | Nick Bostrom | Ken Dewey |
| The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers | Kevin Mitnick | Ryan Sporrer |
| The Art of War | Sun Tzu | Matt Bishop |
| The Code Book | Simon Singh | Yan Solihin/George Markowsky |
| The Countdown to Zero Day | Kim Zetter | Nate Evans |
| The Cuckoo’s Egg | Cliff Stoll | Ryan Sporrer |
| The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats | Richard A. Clarke and Robert K Knake | Tamara Schwartz |
| The Hacker Playbook (series) | Peter Kim | Tobi West |
| The Power of Moments | Chip Heath and Dan Heath | Nate Evans |
| The Prince | Machiavelli | Matt Bishop |
| The Principles for Cybersecurity Operations | Hinne Hettema | Hossein Sarrafzadeh |
| The Wasp (fiction) | Eric Frank Russell | Matt Bishop |
| The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws | Dafydd Studdard and Marcus Pinto | Ryan Sporrer |
| Tubes: A Journey to the Center of the Internet | Andrew Blum | Nate Evans |
| Unrestricted Warfare | Qiao Lang and Wang Xiangsui | Drew Hamilton |
| Zero Day (fiction) | David Baldacci | Tamara Schwartz |
| PAPERS/ARTICLES | ||
| Cyber Campaigns and Strategic Outcomes | Journal of Strategic Studies | Richard Harknett |
| How to Compete in Cyberspace | Foreign Affairs | Richard Harknett |
| National Cybersecurity Policy | The White House | Joe Scherrer |
| NIST Framework | National Institute of Standards and Technology | Ulku Clark |
| Reflections on Trusting Trust | Ken Thompson | Nate Evans |
| Sony Pictures: Inside the Hack of the Century | Fortune | Joe Scherrer |
| The Protection of Information in Computer Systems | Jerome H Saltzer and Michael D Schroeder | Matt Bishop |
| The Real Story of Stuxnet | IEEE | Joe Scherrer |
| The Taxonomy of Privacy | University of Pennsylvania Law Review, Daniel J Solove | Tobi West |
| The Untold Story of NotPetya, the Most Devastating Cyberattack in History | Wired | Joe Scherrer |
| Verizon Data Breach Investigations Report (DBIR) | Verizon | Prasad Calyman |
| GAMES | ||
| wargames | overthewire.org | Prasad Calyam |
| BLOGS | ||
| Bruce Schneier | schneier.com | Yan Solihin/George Markowsky |
| Cyber Defense Magazine | cyberdefense magazine.com | Prasad Calyam |
| CyberWire | thecyberwire.com | Ulku Clark |
| Dark Reading | darkreading.com | Ralph Russo |
| Krebs on Security | krebsonsecurity.com | Tobi West |
| Lawfare | lawfareblog.com | Richard Harknett |
| SANS Reading Room | SANS Institute | Tobi West |
| Shira Ovide (NYTimes) | nytimes.com/by/ shira-ovide | Ralph Russo |
| TALKS | ||
| Everyday cybercrime – and what you can do about it | TED Talk | Prasad Calyam |
| Fighting viruses, defending the net | TED Talk | Prasad Calyam |
| PODCASTS | ||
| Darknet Diaries | darknetdiaries.com | Leslie Corbo |
| Security Now | twit.tv/shows/ security-now | Leslie Corbo |
| SpyCast | spymuseum.org/ multimedia/spycast/ | Greg Gogolin |
| The Cyberwire | thecyberwire.com /podcasts | Greg Gogolin |
| TRAININGS | ||
| CCSK All-In-One Exam Guide by McGraw Hill | Stan Mierzwa | |
| CISSP Official Study Guide by SYBEX | Stan Mierzwa | |
| Hack This Site | James Banfield | |
| Hacker Tracker Cyber Security Workshop Camp | Prasad Calyam | |
| Kali.org | George Markowsky | |
| National Cyber League | Ulku Clark |
More cybersecurity resources
If you are looking for more actionable cybersecurity information, be sure to check out our resource section, which contains popular guides on topics such as: