Reading List for IT Security

zxbanezxbane Member Posts: 740 ■■■■□□□□□□
Hey all,

I was curious if there is a compiled recommended reading list for IT Security. I recent sat for the CISM, have the CISSP and I have read Shon Harris, Eric Conrad etc.

Since sitting for the CISM this past weekend I have recently started reading the Network Security Bible by Eric Cole and it is a great read so far. I am wondering if there are other recommended books out there that aren't necessarily too narrow in scope and cover a lot of good information. I know the user LionelTeo (I think that's the username) posts a lot of great reading material for specific SANS courses so I might search out his posts too.

Thanks in advance for any recommendations. I'm taking a break from pursuing any certifications for a few months but want to continue reading/learning in my free time.

Comments

  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    What specifically are you looking for in Info Sec? There are numerous books on pen-testing, malicious coding, business continuity, and every other domain under the sun.
  • JoJoCal19JoJoCal19 California Kid Mod Posts: 2,821 Mod
    I really like the selection of books ISACA has in their bookstore, at least for getting an idea of what's out there.

    https://www.isaca.org/bookstore/Pages/Browse-by-Topic.aspx

    I will be getting some of the SOX and PCI books as I have been contacted by two recruiters recently who were wanting someone with good knowledge of SOX and PCI, especially the former.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    MSP-IT wrote: »
    What specifically are you looking for in Info Sec? There are numerous books on pen-testing, malicious coding, business continuity, and every other domain under the sun.

    Good question, there really are so many domains, that is why the Network Security Bible was appealing because it touches on so many subjects. I don't do much in regards to pen-testing or malicious coding. I guess the subjects of most interest would be governance, compliance, management etc.
Sign In or Register to comment.