A Blog on Blogs: 5 That You Should Be Reading

January 29, 2020 | 2 min read


If you’re looking for recognized experts who don’t just reiterate the news, but add true value to the conversation, here are five blogs that I recommend adding to your list.

We all want to make sure that we keep up with the latest security trends and information, but the world of cyber security is a very busy place. New threats, new exploits, new vulnerabilities, new products, new services, and new vendors dominate the security landscape. It’s a full-time job trying to keep up. While my job requires me to keep up with the latest, I willingly admit that I gave up on trying to read everything that comes across my desk around the time that the Patriots won their first Super Bowl. So, what do I do? I rely on others to do the heavy lifting for me. I let the experts identify what’s relevant, explain it to me, and offer advice.

Even when one takes my “summary approach”, there is still a bit of effort required. There is no shortage of IT security blogs and Twitter accounts out there. Sometimes it seems like every security researcher, analyst, vendor, company executive, and media company has at least one. Some are very good. And, sadly, others are not. I’ve read a lot of them, and the following are five that I think consistently deliver quality information and present it in a compelling and interesting manner. If you’re looking for recognized experts who don’t just reiterate the news, but add value to the conversation, here are five blogs that I recommend adding to your list.

1. Krebs on SecurityBrian Krebs is an independent journalist covering cybercrime. Krebs is one of the most recognized names in the field and previously had a distinguished career at The Washington Post. His journalistic background gives him access to industry thought leaders and makes his blog must-read material.2. Schneier on SecurityBruce Schneier is the author of over a dozen books on security. He’s also a fellow and a lecturer at Harvard, and The Economist called him a “security guru.” He has testified before Congress, is a frequent guest on TV and radio, has served on several government committees, is regularly in the press, and is CTO of a security company. The guy knows his stuff.3. SecurityHaven by Dr. Eric ColeDr. Cole has over 20 years of security experience. He writes a lot about the current threats plaguing individuals and enterprises. He also provides a lot of content on security best practices that I find particularly useful.4. Graham CluleyGraham Cluley is another expert who’s been in the security industry for roughly 25 years. He’s worked for several vendors, founded the Naked Security Blog, and is a member of the Infosecurity Europe Hall of Fame. He’s another guy who has won a boatload of awards and has regular presence on TV, radio, and print.5. Tao Security by Richard BejtlichRichard Bejtlich covers digital security, strategic thought, and military history. Yes, military history. His blog can get a little technical for me at times, but I enjoy the breadth of topics that he covers. It’s a nice blend of current topics, historical perspective, and other related content.

Well, that’s a short list to get you started. I hope you check them out and find them as interesting as I do. There are many more out there, and I’d love for you to post your favorites in the comments section. I’m always looking for new and interesting blogs to add to my reading list. - Thom