Cybersecurity Library

Here you will find links to classic Cybersecurity books, reports and theory.

It is worth noting also that the listed items are written for a whole range of different audiences, interests, expertise levels and purposes – choose wisely!

So far as we know any divulged information in the following documents is either not covered by copyright or else the copyright has been released.


Recent Books

1. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker    
Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies–and however fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through cyberspace, always three steps ahead and labeled unstoppable. But for Kevin, hacking wasn’t just about technological feats-it was an old fashioned confidence game that required guile and deception to trick the unwitting out of valuable information.

2. The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography 
In his first book since the bestselling Fermat’s Enigma, Simon Singh offers the first sweeping history of encryption, tracing its evolution and revealing the dramatic effects codes have had on wars, nations, and individual lives. From Mary, Queen of Scots, trapped by her own code, to the Navajo Code Talkers who helped the Allies win World War II, to the incredible (and incredibly simple) logisitical breakthrough that made Internet commerce secure, The Code Book tells the story of the most powerful intellectual weapon ever known: secrecy.

3. The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage 
Before the Internet became widely known as a global tool for terrorists, one perceptive U.S. citizen recognized its ominous potential. Armed with clear evidence of computer espionage, he began a highly personal quest to expose a hidden network of spies that threatened national security. But would the authorities back him up? Cliff Stoll’s dramatic firsthand account is “a computer-age detective story, instantly fascinating [and] astonishingly gripping” (Smithsonian).

4. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon  
Top cybersecurity journalist Kim Zetter tells the story behind the virus that sabotaged Iran’s nuclear efforts and shows how its existence has ushered in a new age of warfare—one in which a digital attack can have the same destructive capability as a megaton bomb. In January 2010, inspectors with the International Atomic Energy Agency noticed that centrifuges at an Iranian uranium enrichment plant were failing at an unprecedented rate. The cause was a complete mystery—apparently as much to the technicians replacing the centrifuges as to the inspectors observing them.

5. Cyber War: The Next Threat to National Security and What to Do About It    
Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real.

6. Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground  
Former hacker Kevin Poulsen has, over the past decade, built a reputation as one of the top investigative reporters on the cybercrime beat. In Kingpin, he pours his unmatched access and expertise into book form for the first time, delivering a gripping cat-and-mouse narrative—and an unprecedented view into the twenty-first century’s signature form of organized crime. The word spread through the hacking underground like some unstoppable new virus: Someone—some brilliant, audacious crook—had just staged a hostile takeover of an online criminal network that siphoned billions of dollars from the US economy.

7. Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door 
In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks-he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.

8. The Art of Deception: Controlling the Human Element of Security 
The world’s most infamous hacker offers an insider’s view of the low-tech threats to high-tech security Kevin Mitnick’s exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world’s most notorious hacker gives new meaning to the old adage, “It takes a thief to catch a thief.”

9. Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World 
Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.

10. @War: The Rise of the Military-Internet Complex  
The wars of the future are already being fought today. The United States military currently views cyberspace as the “fifth domain” of warfare (alongside land, air, sea, and space), and the Department of Defense, the National Security Agency, and the CIA all field teams of hackers who can, and do, launch computer virus strikes against enemy targets. As recent revelations have shown, government agencies are joining with tech giants like Google and Facebook to collect vast amounts of information, and the military has also formed a new alliance with tech and finance companies to patrol cyberspace.

11. Worm: The First Digital World War  
The Conficker worm infected its first computer in November 2008 and within a month had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay hidden in at least eight million computers and the botnet of linked computers that it had created was big enough that an attack might crash the world.

12. Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
In Beyond Fear, Bruce Schneier invites us to take a critical look at not just the threats to our security, but the ways in which we’re encouraged to think about security by law enforcement agencies, businesses of all shapes and sizes, and our national governments and militaries. Schneier believes we all can and should be better security consumers, and that the trade-offs we make in the name of security – in terms of cash outlays, taxes, inconvenience, and diminished freedoms – should be part of an ongoing negotiation in our personal, professional, and civic lives, and the subject of an open and informed national discussion.

13. Cypherpunks: Freedom and the Future of the Internet    
Cypherpunks are activists who advocate the widespread use of strong cryptography (writing in code) as a route to progressive change. Julian Assange, the editor-in-chief of and visionary behind WikiLeaks, has been a leading voice in the cypherpunk movement since its inception in the 1980s. Now, in what is sure to be a wave-making new book, Assange brings together a small group of cutting-edge thinkers and activists from the front line of the battle for cyber-space to discuss whether electronic communications will emancipate or enslave us.

14. Schneier on Security
Presenting invaluable advice from the world?s most famous computer security expert, this intensely readable collection features some of the most insightful and informative coverage of the strengths and weaknesses of computer security and the price people pay — figuratively and literally — when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level — business, technical, or personal.

15. Internet Forensics: Using Digital Evidence to Solve Computer Crime 
Because it’s so large and unregulated, the Internet is a fertile breeding ground for all kinds of scams and schemes. Usually it’s your credit card number they’re after, and they won’t stop there. Not just mere annoyances, these scams are real crimes, with real victims. Now, thanks to Internet Forensics from O’Reilly, there’s something you can do about it. This practical guide to defending against Internet fraud gives you the skills you need to uncover the origins of the spammers, con artists, and identity thieves that plague the Internet.

16. Evolution of Cyber Technologies and Operations to 2035 (Advances in Information Security)  
This book explores the future of cyber technologies and cyber operations which will influence advances in social media, cyber security, cyber physical systems, ethics, law, media, economics, infrastructure, military operations and other elements of societal interaction in the upcoming decades. It provides a review of future disruptive technologies and innovations in cyber security. It also serves as a resource for wargame planning and provides a strategic vision of the future direction of cyber operations. It informs military strategist about the future of cyber warfare.

17. Secrets and Lies: Digital Security in a Networked World  
This anniversary edition which has stood the test of time as a runaway best-seller provides a practical, straight-forward guide to achieving security throughout computer networks. No theory, no math, no fiction of what should be working but isn’t, just the facts. Known as the master of cryptography, Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. A much-touted section: Schneier’s tutorial on just what cryptography (a subset of computer security) can and cannot do for them, has received far-reaching praise from both the technical and business community.

18. Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers

A collaboration between Palo Alto Networks and the New York Stock Exchange, this book is offered free of charge through the Security Roundtable website with the goal of providing a solid reference to “enlighten the community” on the importance of cybersecurity. Over 30 different contributors came together to produce content that covers everything from the fundamentals of cybersecurity to how corporate executives should handle and report security breaches. It also includes detailed information on U.S. government standards for creating cybersecurity frameworks.

19. Security Metrics: Replacing Fear, Uncertainty and Doubt

Cybersecurity professionals need a reliable way to assess and predict potential threats and losses relating to security breaches. This book suggests that current methods such as risk assessments based on probability fall short when it comes to accuracy. The proposed solution is for businesses and organizations to capture and analyze security metrics, and the book includes detailed information about just what should be monitored. Methods for reviewing and interpreting these metrics are also included, making this a useful manual for anyone working in cybersecurity.

20. Zero Day

If you’re looking for something less complex that still provides an accurate picture of what’s going on in cybersecurity, this novel can give you that mental break. Although the story is fictional, the scenario it depicts of a cybersecurity attack on an airplane’s on-board computer isn’t at all unrealistic. Several references to real cyberattacks are included, and descriptive language brings the mechanics of these threats to life in a way that a wide audience can understand and appreciate. You won’t get any technical knowledge from this book, but its subject matter is timely enough to make you think more critically about current cybersecurity issues.


Cybersecurity Books – 2017