Getting to know CISOs: Research into assumptions about closing the cybersecurity skills gap, including a deep dive into what it takes to be a good CISO, this is my 2016 Security and Risk Management masters' degree dissertation (80 pages).
Cobb's Guide to PC and LAN Security: This is the free digital edition of the 700-page book that started life as the Stephen Cobb Complete Guide to PC and LAN Security, published by McGraw-Hill in 1992. That book was heavily revised to become the NCSA Guide to PC and LAN Security in 1995. In 2000, the rights to the book reverted to me and became part of a print-on-demand program at Amazon, where you can still buy a copy today. However, you may not want to buy it because, a) it is technically very dated, and b) it is free to download here if you are interested, helpfully split into three parts.
Chapter1. Security Matters
Chapter 2. Security Solutions
Chapter 3. Security Planning
Chapter 4. Secure Hardware
Chapter 5. Secure Power
Chapter 6. Secure Sites
Chapter 7. Secure Access
Chapter 8. Secure Data
Chapter 9. Secure Code
Chapter 10. Secure Software
Chapter 11. Secure Networks I
Chapter 12. Secure Networks II
Chapter 13. Secure Communications
Chapter 14. Secure People
Chapter 15. Security in the Future
Appendix A. Threat List
Appendix B. A Brief Guide to Batch Files
Appendix C. Computer Security Policy
Appendix D. Notes on Electromagnetic Radiation
Appendix E. Export Restrictions on Encryption
Appendix F. Further Resources
Appendix G. Online Glossary
Appendix H. How Public-Key Encryption Works
Appendix K. Appraising Microsoft AV
Getting to know CISOs: Challenging assumptions about closing the cybersecurity skills gap, a Security and Risk Management masters' degree dissertation, 2016 (pdf)
Free computer security incident response plan templates, from San Diego's Alan Watkins: https://www.peerlyst.com/posts/resource-free-computer-security-incident-response-plan-templates-alan-watkins
Free information security policy, from a very reputable source:
https://www.peerlyst.com/posts/free-basic-template-information-security-policy-for-small-business-smb-smbe-sme-glenda-snodgrass
And there is a lot more good stuff on PeerLyst.
Free security awareness materials from a reputable company:
https://free.thesecurityawarenesscompany.com/
Cybersecurity training and awareness, resources for educators:
https://www.welivesecurity.com/2019/05/21/cybersecurity-training-awareness-resources-educators/
Cybercrime metrics, policy issues, awareness: a collection of vendor-neutral articles and studies:
https://www.thirdway.org/series/third-way-cyber-enforcement-initiative
Public attitudes to cybersecurity and cybercrime in the US a report based on EU-style barometer survey.
https://www.welivesecurity.com/2019/01/24/cybersecurity-barometer-shows-impact-privacy-security/
Building automation system security and siegeware, article contains a good list of resources:
https://www.welivesecurity.com/2019/02/20/siegeware-when-criminals-take-over-your-smart-building/
Economic Report to the President, Together with the Annual Report of the Council of Economic Advisers, February 2018, contains interesting analysis of Cumulative Abnormal returns:
Chapter 7: Fighting Cybersecurity Threats to the Growing Economy
Women creating infosec career opportunities, a website and book:
Secure the InfoSec Bag: Six Figure Career Guide for Women in Security
(I've heard Keirsten speak on this: great advice, and strategies I'd never thought of.)
More to come...
Free computer security incident response plan templates, from San Diego's Alan Watkins: https://www.peerlyst.com/posts/resource-free-computer-security-incident-response-plan-templates-alan-watkins
Free information security policy, from a very reputable source:
https://www.peerlyst.com/posts/free-basic-template-information-security-policy-for-small-business-smb-smbe-sme-glenda-snodgrass
And there is a lot more good stuff on PeerLyst.
Free security awareness materials from a reputable company:
https://free.thesecurityawarenesscompany.com/
Cybersecurity training and awareness, resources for educators:
https://www.welivesecurity.com/2019/05/21/cybersecurity-training-awareness-resources-educators/
Cybercrime metrics, policy issues, awareness: a collection of vendor-neutral articles and studies:
https://www.thirdway.org/series/third-way-cyber-enforcement-initiative
Public attitudes to cybersecurity and cybercrime in the US a report based on EU-style barometer survey.
https://www.welivesecurity.com/2019/01/24/cybersecurity-barometer-shows-impact-privacy-security/
Building automation system security and siegeware, article contains a good list of resources:
https://www.welivesecurity.com/2019/02/20/siegeware-when-criminals-take-over-your-smart-building/
Economic Report to the President, Together with the Annual Report of the Council of Economic Advisers, February 2018, contains interesting analysis of Cumulative Abnormal returns:
Chapter 7: Fighting Cybersecurity Threats to the Growing Economy
Women creating infosec career opportunities, a website and book:
Secure the InfoSec Bag: Six Figure Career Guide for Women in Security
(I've heard Keirsten speak on this: great advice, and strategies I'd never thought of.)
More to come...
