People refrain from reading either it is for pleasure or for professional and academic progression.
If you are an information/cyber security professional who wants to stay ahead in his game, you should embrace reading instead. And what better way to do it other than diving into the best information security books from top authors and professionals in the field?
What do you expect?
Will knowledge come raining down on your head?
You will get into labs practicing skills and techniques without having base knowledge on the matter?
Or will your existing knowledge suffice in the days to come when technology changes, practices are different, new security standards come out and you are suddenly left behind?
You need to keep reading, whether it is articles, books, or news, you just need to.
Information/Cybersecurity Security books to read in 2022
Here is my top book selection (still) for 2022 which you should invest in and make yourself even more valuable to your customers and employer.
The selection covers areas from general information security concepts and principles, to penetration testing, red and blue teaming, information security risk assessment, and security management.
1. CISSP Study Guide
It doesn’t matter if you are practicing to sit the exam. You will learn a lot about security operations, risk management, security assessments, and more topics, which are essential for running infosec in any organization.
Read through the CISSP study guide, and you will learn a lot about information security, “an inch deep and a mile wide”.
RTFM is a “must-have” for penetration testers and red teamers. It contains most of the information you will need to conduct a pentest. The book covers unix/linux, windows, networking and wireless, tips and tricks, tool syntaxes, web and databases, and programming.
A very useful addition to your penetration testing toolkit.
BTFM is the best companion for the RTFM. It is more targeted at incident responders rather than penetration testers but can also cover areas for network and system administrators and engineers. You will get effective information for solving common daily problems
Information security is not only about the technical perspective of information asset protection. This book provides a broad overview of the entire field.
Principles of Information Security 6th edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, cloud computing, and DevOps.
Hacking: The art of exploitation is one of the most complete books on hacking techniques. It will take you from basic methods to more advanced techniques with clear and detailed explanations.
This book remains at the top of its kind for many years now. It offers techniques and strategies for protecting and attacking web applications.
The book will help you think more methodically and be more creative when testing the security of web applications.
A must-read for the information security professional involved in risk assessments. A very well-organized book with practical information that will also help you pass the CRISC exam.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.