Top Information Security Blogs You Should Be Reading

Isaac Kohen
5 min readJun 15, 2018

This is our collection of important and informative information security blogs from the industry’s top leaders.

We’re in the digital age, where information processes faster than we can analyze it. If you’re not reading the latest industry updates, you’re behind your peers.

These days, information can be accessed from your computer, phone and even your watch. Information is almost instantaneous, and we crave the feeling of connectivity to the world and our industry. With countless information security blogs on the internet, it’s hard to sort through the best respectful thought leaders, the opinion makers and the highly reckonable blogs.

Here’s a list of the best #informationsecurity blogs in the industry. #tech Click To Tweet

We’ve done the hard work for you and searched the internet for the best InfoSec blogs in the industry. In this article, we chose to focus on blogs from industry experts, influencers and reputable groups. We believe this is a good collection of non-bias and non-product driven websites to fuel your intellectual security growth.

Also read our comprehensive list of information security influencers on twitter.

These blogs provide a respectable plunge into the industry’s leading information security topics.

1. DARKReading

If you’re in the field of information security, you should’ve heard of the famed DARKReading blog bible at least once. This major collection of thought leaders, technology specialists and security techniques provide a comprehensive thought-provoking jump into the industry. DARKReading is an informative community that asks important security questions, has detailed tech debates and presents comprehensive insights into leading topics.

Three posts we like from DarkReading:

  1. 8 Most Overlooked Security Threats
  2. 82% of Databases Left Unencrypted in Public Cloud
  3. Don’t Forget Basic Security Measure, Experts Say

2. ThreatPost

Threatpost provides leading information about IT and business security to individuals worldwide. This news source highlights high-impact, engaging articles with supervision from industry-leading security journalists. As a recable information security source, Threatpost continuously makes the industry’s top ‘must read’ blog list.

Three posts we like from ThreatPost:

  1. Twitter Flow Could Have Allowed Attacker to Tweet From Any Account
  2. Staples Looking into Potential Payment Card Breach
  3. Boeing Notifies 36,000 Employees Following Breach

3. Dan Kaminsky’s Blog

Are you interested in a thought-driven security information blog? The thoughts and opinions on this blog are backed by well-known Fortune 500 security advisor Dan Kaminsky. Credibility isn’t in question. Read informative insights from one of the industry’s leading experts.

Three posts we like from Dan Kaminsky’s Blog:

  1. I Might Be Afraid of This Ghost
  2. A Skeleton Key of Unknown Strength
  3. You Set The Rules

4. LiquidMatrix

One of the oldest and best established information technology blogs on the internet, LiquidMatrix provides in-depth articles on the industry with insightful knowledge from the writer’s long technical career at Akamai.

Three posts we like from LiquidMatrix:

  1. Data Breach Victims or Enablers
  2. 5 Things a Revere, MA Upbringing Taught Me About InfoSec
  3. Summer of Breach 2012

5. Schneier on Security

Bruce Schneier is celebrating his 10th anniversary on information technology thought leadership. Nicknamed the “security guru”, he is an written author of 13 books, detailed academic articles, essay and papers. A highly-engaged individual in this sector, Schneier’s blog is a must follow.

Three posts we like from Schneier on Security

  1. The Value of Encryption
  2. In Praise of Security Theater
  3. How the NSA Threatens National Security

6. Graham Cluley

With a career starting in the early 1990s, Graham Cluley is an industry thought leader in the computer security industry. His career spands top technology firms such as McAfee. Cluley is an information motherboard on top industry news and trends.

Three posts we like from Graham Cluley:

  1. How to Remove All Your Cookies, Cached Data, and Browsing History from Safari
  2. Judy Malware Campaign Victimized Android Users
  3. Android’ Design Shortcomings Allow For Cloak And Dagger Attacks

7. Security Bloggers Network

This website has over 300 recommendable security bloggers in one simple website collection. Browse through articles that give you a vast perspective and background on the information security subject. Subscribe to the feed to never miss an important article.

Three posts we like from Security Bloggers Network:

  1. Cosmetic Surgery Hacked
  2. How to Avoid Becoming a Victim of the Next Global Cyber Attack
  3. How to Recognize Phishing Emails

8. Hacking Articles

This is your top source for all information relating to hacking, cyber security, ethical hacking and other leading interest topics by information security professionals. Founded and authored by Raj Chandel, this blog is a leading resource in how to, tutorials and courses for this topic.

Check out this post from Hacking Articles:

  1. How to Detect Sniffer in your Network using shARP

9. Krebs on Security

If you’re looking for a business perspective with less technical number talk, Brian Krebs website might be the perfect spot for you. Krebs’s website offers a unique business perspective, and self-taught security professional insight. Kreb is also a New York Times Bestseller of the book, Spam Nation.

Three posts we like from Krebs on Security:

  1. Exposes Patient Records
  2. Online Cheating Website AshleyMadison Hacked
  3. Should Saas Companies Publish Customer Lists?

10. Teramind CEO Isaac Kohen Article Hub

A leader in the field of insider threats and cyber security, Isaac Kohen offers a detailed and practical approach on how to protect an enterprise’s valuable information and data.

Three posts we like from Isaac Kohen’s blog:

  1. Detecting + Deterring Insider Threats: How easy can it be?
  2. Crack the Human, Crack the Network
  3. The Human Factor in Cyber Security: Part 1

11. Daniel Miessler’s Information Security Blog

Miessler’s light and comical humor reflects through out his writing on his personal security blog. He created the blog as a platform to collect technical knowledge, and he basis his blog on the mission to gather knowledge, organize it and learn how to use it to affect change.

Three posts we like from Daniel Miessler’s blog:

1. A List of Machine Learning (ab)Use Cases
2. Learn the Difference Between Real and Fake Machine Learning
3. Predicting Human Behavior by Combining Public Sensor Data with Machine Learning

12. TaoSecurity

Richard Bejtlich has been a longtime blogger beginning with writing on this subject matter as early as January 2003. His topics center on digital security, strategic thought, and military history.

Three posts we like from TaoSecurity:

  1. Insider Threat Study
  2. Gartner Survey Ranks Threats
  3. Remembering When APT Became Public

13. Troy Hunt’s Blog

Troy Hunt, a security expert icon himself and you’ve most likely heard of his website Have I Been Pawned is a strong advocate in the security industry and educating readers on latest trends, security vulnerabilities and breach information.

Three posts we like from Hunt’s Blog.

  1. Data breach disclosure 101: How to succeed after you’ve failed
  2. Here’s how I verify data breaches
  3. When a nation is hacked: Understanding the ginormous Philippines data breach

If you’re looking to dive deep into the information security realm, these information security blogs will give you effective insight into becoming an industry expert.

This article was originally published on IT Security Central.



Isaac Kohen

VP of R&D for Teramind, a leading, global provider of employee monitoring, insider threat detection, and data loss prevention (DLP) solutions.