Cybersecurity Resources

On this page I am curating resources that could be useful to anyone interested in information security including infosec professionals, both established and aspiring. 

Getting to know CISOs: Research into assumptions about closing the cybersecurity skills gap, including a deep dive into what it takes to be a good CISO, this is my 2016 Security and Risk Management masters' degree dissertation (80 pages).

Cobb's Guide to PC and LAN Security: This is the free digital edition of the 700-page book that started life as the Stephen Cobb Complete Guide to PC and LAN Security, published by McGraw-Hill in 1992. That book was heavily revised to become the NCSA Guide to PC and LAN Security in 1995. In 2000, the rights to the book reverted to me and became part of a print-on-demand program at Amazon, where you can still buy a copy today. However, you may not want to buy it because, a) it is technically very dated, and b) it is free to download here if you are interested, helpfully split into three parts.

Chapter1. Security Matters 
Chapter 2. Security Solutions 
Chapter 3. Security Planning 
Chapter 4. Secure Hardware 
Chapter 5. Secure Power

Chapter 6. Secure Sites 
Chapter 7. Secure Access 
Chapter 8. Secure Data 
Chapter 9. Secure Code 
Chapter 10. Secure Software 
Chapter 11. Secure Networks I 
Chapter 12. Secure Networks II 

Chapter 13. Secure Communications 
Chapter 14. Secure People 
Chapter 15. Security in the Future 
Appendix A. Threat List 
Appendix B. A Brief Guide to Batch Files 
Appendix C. Computer Security Policy 
Appendix D. Notes on Electromagnetic Radiation 
Appendix E. Export Restrictions on Encryption 
Appendix F. Further Resources 
Appendix G. Online Glossary 
Appendix H. How Public-Key Encryption Works
Appendix K. Appraising Microsoft AV

Getting to know CISOs: Challenging assumptions about closing the cybersecurity skills gap, a Security and Risk Management masters' degree dissertation, 2016 (pdf) 

Free computer security incident response plan templates, from San Diego's Alan Watkins:

Free information security policy, from a very reputable source:

And there is a lot more good stuff on PeerLyst.

Free security awareness materials from a reputable company:

Cybersecurity training and awareness, resources for educators:

Cybercrime metrics, policy issues, awareness: a collection of vendor-neutral articles and studies:

Public attitudes to cybersecurity and cybercrime in the US a report based on EU-style barometer survey.

Building automation system security and siegeware, article contains a good list of resources:

Economic Report to the President, Together with the Annual Report of the Council of Economic Advisers, February 2018, contains interesting analysis of Cumulative Abnormal returns:
Chapter 7: Fighting Cybersecurity Threats to the Growing Economy

Women creating infosec career opportunities, a website and book:
Secure the InfoSec Bag: Six Figure Career Guide for Women in Security
(I've heard Keirsten speak on this: great advice, and strategies I'd never thought of.)

More to come...