News, Blogs and InfoSec Sites
(ISC)2: (ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 125,000 certified members strong, we empower professionals who touch every aspect of information security.
ThreatPost: Anyone would be skeptical about a news site run by a vendor. However, a couple of them have learned that providing real, solid news coverage does far more for your brand than shilling the product. ThreatPost, Kaspersky Labs’ news site, is one of the best at this...
Naked Security: … So is Naked Security, which is run by Sophos. Both sites shy away from stories that might be critical of them, which is understandable, but they give a good solid look at the latest news.
Salted Hash: I promise you this is not just here because it’s from CIO’s sister publication CSO – which I have also written for. If you doubt this just go and read Bill Brenner’s blog for yourself. He doesn’t give you all the news, instead he goes deep on one or two stories of the week. Read him and you will definitely learn something.
SCMagazine: This one isn’t really a blog – although there are bloggers involved – as much as a news feed of articles in the magazine and on the site. Because this is a British publication it offers a lot of stories that don’t make it into the US-centric sites.
InfoSec Island: This is an analysis site where a lot of very smart people write about various security issues. These range from looks at breaking news to looks at the trends shaping the news. Very straight ahead and very little snark – but I hope you know where to go for that.
SlashDot: This one doesn’t need an me explanation. Go. Read. Learn.
The Register: Now these folks know how to do snark and a lot of stories other people miss. My one complaint isn’t about the content it’s about the RSS feed. You can’t just get the security news, even though that’s what you are promised. You get everything and at The Register everything is a lot.
ISACA: An independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.