- Schneier on Security Bruce Schneier writes about the privacy and policy implications of security.
- Krebs on Security Brian Krebs focuses on security that targets the consumer, whether through fraud or data breaches.
- Troy Hunt Troy is Microsoft MVP for Developer Security. He writes about do’s and dont’s of good application security from a developer’s perspective.
- Matthew Green’s “A Few Thoughts on Cryptography Engineering.”
- Security Engineering: A Guide To Building Dependable Distributed Systems, Ross Anderson. “Security engineering is about building systems to remain dependable in the face of malice, error, or mischance.”
- Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It, Marc Goodman
- TED: The security mirage, Bruce Schneier. This one is suitable for a general audience. Good explanation of modeling threats, risk perception. Not just computer security.
- TED: Fighting viruses, defending the net, Mikko Hypponen
- Verizon 2015 Data Breach Investigations Report Click “Get Full Report,” then find the small “Download Only” link in the corner to avoid giving up your contact information
- Mandiant APT1 Report (PDF) “Exposing One of China’s Cyber Espionage Units”
- OWASP Top Ten “The OWASP Top 10 provides a list of the 10 most critical web application security risks.”