Advanced reading: three books to boost your cyber security knowledge

In Movers and Shakers ByTeam Acumin / 15th February 2015

While top qualifications and first-hand experience in a cyber security role will no doubt set you in good stead, doing some extra reading in your own time will give you a broader view of what your contemporaries are saying about your field.

However, as anyone who has turned to a decent library for books on cyber security will know, the collection of writings on the subject is vast – not least because the cyber security as a topic is multifaceted and ever changing.

Here, we have listed three books that you might want to consider as a start:

1). Metasploit: The Penetration Tester’s Guide (2011)

The pen tester serves a vital role in any company’s defensive arsenal, using their skills to proactively evaluate the strength of their employer’s IT infrastructure by safely making attempts to exploit system vulnerabilities, including bugs in operating systems and flaws in applications.

In The Penetration Tester’s Guide, readers will learn everything there is to know about using the Metasploit Framework – pen testing software used by security professionals all over the world. This title seeks to teach those struggling to grasp the ins and outs of Metasploit about the Framework’s various interfaces and conventions, as well as its module system, through simulated attacks. From there, readers will move on to the more advanced pen testing techniques, like client-side and wireless attacks and network reconnaissance.

2). Information Risk Management: A practitioner’s guide (2014)

A handy read for any considering a career move into information risk management, this title aims for accessibility and serves as a guide for understanding the myriad principles of the field, with tips on developing a more strategic approach to an information risk management programme.

The book also contains a chapter dedicated to explaining how the practice applies within the public sector. While it is the only textbook for the BCS Practitioner Certificate in Information Risk Management, it could be worth a read even if you are not currently studying towards this qualification.

3). Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door (2014)

A cyber security scorcher from industry expert and investigative journalist Brian Krebs, this book sheds light on the criminal masterminds behind some of the biggest spam and hacking campaigns of our time. Although this book talks specifically about the U.S. and the impact these illegal operations are having on Americans, the points it raises are still highly applicable for UK readers.

Called ‘Fast-paced and utterly gripping’ by Goodreads.com, this title aims to reveal the level of risk that regular internet users expose themselves to on a day-to-day basis.

While these are all great reads, it would be impossible to compile a true list of the best books for those working in (or seeking) cyber security jobs; after all, as the field is constantly evolving, and since the roles within it are so complex, which books are best for you will depend highly on your current job or area of study, and the path you took to reach it.

Some other noteworthy mentions include Countdown to Zero Day (2014) by Wired reporter and computer security expert Kim Zetter, and Bill Blunden’s 2014 exposé on the nature of cyber war, ‘Behold a Pale Farce’.