Skip to>>How to Prepare for a Job in Cyber Security
Never has more focus been on cyber security and information assurance issues. This is the case both from the rapidly growing community of cyber security professionals, as well as from policy makers and the general public. As one might expect, this has led to more and more coverage of cyber security exploits, training methods, and general analysis of cyber attack events. At Cyber Security Degrees, we wanted to expose some of the amazing writing and research available to both cyber security professionals and the general public. Below we’ve scraped ranking and review information on several hundred cyber security titles on Good Reads and Amazon, and ranked the following as the top ranked and most popular Cyber Security Books available today.
1.) Cyber War: The Next Threat to National Security and What to Do About It
Written by former New York Times Bestselling author, former presidential advisor and counter-terrorism expert Richard A. Clarke, Cyber War is a personal look into the role that cyber attacks play in geopolitical conflict. Taking readers right into the “Situation Room” of the White House, where cyber ploys feature as a constant in todays warzones. Starting with the integral role a cyber attack played in jamming of radars in an Insraeli bombing run over Syria, the tone is from the start both conversational and action packed. A non-jargon filled text, Cyber War does a great job at showing the real world impacts of cyber attacks and defense, as well as show the extent to which cyber warfare is a major threat to the United States.
Amazon Rating: 4.6/5
Number of Reviews: 991
Good For: General Public, IA Policy Geeks
2.) CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide is the update to the long running series that has aided thousands of IT and information security professionals pass the Security+ exam. While not necessarily light reading, the inclusion of the study guide makes sense for cyber security community members. Security+ certification is one of the most popular certifications for cyber security professionals, listed as a preferred certification on close to 20% of cyber security job openings. The book is broken into 11 chapters that break down core security concepts and applications in real world contexts. The study guide also includes over 400 realistic practice test questions, with questions at the end of every chapter. A 100 question pre test and 100 question post test help to track progress through the preparation process.
Amazon Rating: 4.7/5
Number of Reviews: 756
Good For: Cyber Security Professionals
3.) Rtfm: Red Team Field Manual
Red Team Field Manual is a no-fluff reference manual meant for (surprise) red team members in cyber attack exercises. For team members who may not have access to Google or who need solid well-documented red team techniques at their fingertips, the book functions as a reference page for common linux and Windows command line tools. Essentially a table of contents and page after page of commands and tips, the book works through *NIX, Windows, Networking, Tips and Tricks, Tool Syntax, WFB, Databases, Programming, Wireless. Users note that the book is essentially years of notation from an experienced penetration tester or network security engineer. With that said, mostly already advanced information security professionals will feel at home at all in what is essentially an index of 2000 commands, sometimes hardly notated.
Amazon Rating: 4.4/5
Number of Reviews: 423
Good For: Incident Response, Penetration Testers, Advanced Information Security Learners
4.) The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
Much more of a “how-to” book than something like the Red Team Field Manual, The Basics of Hacking and Penetration Testing helps beginner penetration testers (or ambitious complete novices) to set up the tools and complete their first penetration test. Coverage of the book includes a four-step methodology for performing a penetration test or hack, as well as introduction to a number of tools that are integral in this process. Tools covered include (with some newly included in the second edition) Google reconnaissance, MetaGooFil, Backtrack and Kali Linux, Nmap, Nessus, DNS interrogation, Metasploit, w3af, the Social Engineer Toolkit, Netcat, post exploitation tactics, and the Hacker Defender rootkit. After an introduction to all of the tools, users will see how they can utilize each to help better inform their process of using other hacking tools. Potential readers should note that this is a great book for a beginner looking to be stepped through a “typical” penetration test. With that said, it is shorter than some guides on the subject, and while this probably leads to it being a great starting point for a beginner, it also treats some subjects in broad strokes. A great jumping-off point.
Amazon Rating: 4.8/5
Number of Reviews: 189
Good For: Aspiring Information Security Practioners, those who are curious
5.) Future Crimes: Inside the Digital Underground and the Battle for Our Connected World
This Wall Street Journal and New York Times Bestseller delves into the now massive wave of connected devices — that while largely beneficial — can all be hacked. Author Marc Goodman draws on his extensive experience in law enforcement and counter terrorism to provide insightful and harrying stories from the dark side of the internet and connected devices. This “futurist-in-residence with the FBI” provides enough examples of the inventiveness and maliciousness of cyber criminals to invigorate the general public, the potential security professional, and the seasoned pro. Good for all audiences, this book is exciting and offers practical advice for both policy makers and the layman on how to protect their own data. For tales of hacked pacemakers, remotely landed planes, and shut down power grids, look no farther!
Amazon Rating: 4.5
Number of Reviews: 331
Good For: General Public, Information Security Professionals
6.) Hacking: The Art of Exploitation, 2nd Edition
Hacking: the Art of Exploitation by Jon Erickson is a versatile and well measured book great for those with some programming knowledge looking to transition to cyber security, as well as early and mid-education cyber security students. The book centers around the solid technical foundation that is needed to excel in many cyber security roles, and fittingly introduces the C programming language for beginners. The unique part of the foundations in this book is that foundational programming is presented from the hackers perspective, something that could take months (or longer) to get exposed to in a typical programming foundations track. A number of common hacks are explained in depth and in a way you can follow along. Software is also included to create your own Linux programming and debugging environment without messing with your current operating system. A great read for those still in the educational process or self teaching in an effort to become cyber security professionals.
Amazon Rating: 4.5/5
Number of Reviews: 224
Good For: Cyber Security Students, Aspiring Hackers
7.) CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition is an authoritative source for CISSP preparation featuring walk throughs and strategy for all sections of the exam. Additionally, purchasers recieve access to Sybex’s interactive learning environment, featuring four 250 question practice exams, 650 flash cards, and a searcheable pdf glossery. Coverage areas in this tried and true study guide include Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.Authors include some of the best in the business, and all three fellow CISSP’s: James Michael Stewart, CISSP, CEH, CHFI, Security+; Mike Chapple, PhD, CISSP; Darril Gibson, CISSP.
Amazon Rating: 4.4
Number of Reviews: 211
Good For: Current Information Security Professionals preparing for their CISSP exam
8.) Dark Territory: The Secret History of Cyber War
Dark Territory: the Secret History of Cyber War by Fred Kaplan presents the surprising, exciting, wacky, and terrifying history of the American government’s efforts to manage national cyber security. From 1983, when President Reagan watched War Games (the movie in which a teenager hacked the Pentagon), and issued America’s first cyber security directive, the book starts at the very beginning of America’s cyber security infrastructure. This novel draws from Fred Kaplan’s experience as a Pulitzer-Prize Winning Journalist, long-term columnist on cyber security, and PhD in Political Science from MIT to provide breadth and depth to cyber war escapades throughout the late 20th century. A must read for anyone who wants a comprehensive and incredibly well-researched history of cyber security.
Amazon Rating: 4.4/5
Number of Reviews: 137
Good For: General Public, Students of Information Assurance Policy, IA Professionals
9.) Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
Now in version 2.2, the Blue Team Handbook is a “no fluff” reference guide similar to the Red Team Handbook above, but for the “good guys.” Topics covered include an overview of how attackers work, tools for incident response, overall incident response process, network analysis tools and methods, common indicators of comprimise (new for V.2.2.), analysis processes for Windows and Linux, tcpdump usage examples, Snort IDS usage, and packet headers. It’s noted for essentially being a condensed reference by those with years of experience in incident response and cyber defense, good for both new and veteran incident responders and cyber security engineers. While perhaps too dry for light reading, the book provides clear and concise reference materials that can be accessed in seconds.
Amazon Rating: 4.5/5
Number of Reviews: 94
Good For: “Blue Team” members, Incident Responders, Cyber Security Architects and Engineers, those Learning about Cyber Security
10.) CEH Certified Ethical Hacker Study Guide
The CEH v9: Certified Ethical Hacker Version 9 Study Guide is an authoritative preperation guide for the CEH v9 exam. Coming in at 648 pages, this guide — and the second on our list by the publisher Cybex — packs in a ton of preparatory materials. Furthermore, access to interactive online elements including two complete practice tests, over 100 electronic flash cards, and a searcheable glossery help to extend the studying experience. Topics covered in the book include cryptography, malware, SQL Injection, cloud security and more. For those looking to pass their Certified Ethical Hacker exam and move into penetration testing or hacking, this is the indispensible study guide.
GoodReads Rating: 3.81
Number of Reviews: 137
Good For: Those seeking to pass their CEH Exam