Reading List for IT Security

Hey all,

I was curious if there is a compiled recommended reading list for IT Security. I recent sat for the CISM, have the CISSP and I have read Shon Harris, Eric Conrad etc.

Since sitting for the CISM this past weekend I have recently started reading the Network Security Bible by Eric Cole and it is a great read so far. I am wondering if there are other recommended books out there that aren't necessarily too narrow in scope and cover a lot of good information. I know the user LionelTeo (I think that's the username) posts a lot of great reading material for specific SANS courses so I might search out his posts too.

Thanks in advance for any recommendations. I'm taking a break from pursuing any certifications for a few months but want to continue reading/learning in my free time.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

MSP-IT

What specifically are you looking for in Info Sec? There are numerous books on pen-testing, malicious coding, business continuity, and every other domain under the sun.

JoJoCal19

I really like the selection of books ISACA has in their bookstore, at least for getting an idea of what's out there.

https://www.isaca.org/bookstore/Pages/Browse-by-Topic.aspx

I will be getting some of the SOX and PCI books as I have been contacted by two recruiters recently who were wanting someone with good knowledge of SOX and PCI, especially the former.

zxbane

MSP-IT wrote: »

What specifically are you looking for in Info Sec? There are numerous books on pen-testing, malicious coding, business continuity, and every other domain under the sun.

Good question, there really are so many domains, that is why the Network Security Bible was appealing because it touches on so many subjects. I don't do much in regards to pen-testing or malicious coding. I guess the subjects of most interest would be governance, compliance, management etc.