Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter was the first book I read when I became interested in cybersecurity.
The story follows the discovery and analysis of Stuxnet, a worm designed to attack industrial sectors. The researcher's story is a fascinating insight into how cybersecurity firms operate and introduces the reader to a number of key themes and topics in a clear and understandable fashion.
Amazon: $14 Kindle | $6.40 Paperback
Sometimes outrageous and often comical, Kevin Mirnick's autobiography, Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, speaks about the now-security consultant's time as a hacker who led FBI agents a merry chase in his capture after hacking into some of the world's largest firms. Whether you would classify him as a scam artist or hacker, this account offers a valuable exploration of social engineering techniques once used to dupe companies left and right. The writing is not of the best quality, but for lessons you can take away with you and pure entertainment value the book is worth a read.
Amazon: $7.70 Kindle | $11 Paperback
Security expert Bruce Schneier's Secrets and Lies: Digital Security in a Networked World focuses on how networks operate and the basic security themes and concepts you should be aware of. In particular, Schneier's walkthrough of cryptographic protocols is likely to be of interest to those interested in the cybersecurity field. When security is considered a process rather than a product, IT staff can then approach ways to protect corporate data in a more realistic fashion.
Amazon: $13 Kindle | $11 Paperback
Spam Nation: The Inside Story of Organized Cybercrime -- from Global Epidemic to Your Front Door is an exploration of spam and hacking operations today. Written by security expert Brian Krebs, this book explores the underground operations of cybercriminals and the link between malicious code, rogue pharmacies, hacking groups and how we unwittingly can invite cybercriminals into our lives. This book bridges the gap between malware, phishing attacks and risks to individuals as a fast-paced, exciting read.
Amazon: $14 Kindle | $10 Paperback
Following on from his Ghost in the Wires biography, Kevin Mitnick plunges into more detail and how to conduct successful social engineering attacks against any target. The Art of Deception not only explores these themes, but offers advice for security staff on how to reduce the risk of insider threats, targeted phishing attacks and social engineering hacks.
Amazon: $11.80 Kindle | $9.30 Paperback
Bruce Schneier's latest offering, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, goes beyond network security and moves on to surveillance -- a hot topic for today's security practitioners following Edward Snowden's NSA disclosures. The book provides an overview of the information age, how data is used and mined, and asks whether a balance can be achieved between mass surveillance and benefitting the common good -- as well as how individuals should consider data when it comes to privacy.
Amazon: $16 Kindle | $13 Hardcover
After reaching somewhat into the past, Marc Goodman's Future Crimes looks forward. The author uses his book as a springboard to warn us of impending future threats -- going beyond standard cybersecurity practices to examine identity theft, financial data protection and digital warfare. For enthusiasts and IT practitioners alike, Goodman's work can introduce you to a variety of cybercrimes you never knew existed.
Amazon: $15 Kindle | $14 Paperback
The Atrocity Archives, written by Charles Stross, is a light, fun read which ventures into the world of hacking and security. This tale of government departments, networks, secret agents and demon summoning is likely to appeal to the techie in you.
Amazon: $9.30 Kindle | $7 Paperback