Keep up on your cybersecurity readingLike so much of our lives, the world of cybersecurity is in information overload. Computer security has become big business. In 2018, the U.S. Council of Economic Advisors reported that, “malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.” Not surprisingly, then, a great number of sources provide cybersecurity information.

And you simply must keep up. Cybersecurity is a game of cat and mouse. One year, the hackers gain; the next, the defenders catch up. Right now, for example, it looks as if click rates on phishing emails are going down, thanks to the adoption of anti-phishing training programs. Meanwhile, the number of clicks on phishing email on mobile devices is going up. What to do?

What to Do

Here’s one simple fix: Subscribe to Inside Security. Inside Security is an email newsletter that curates the cybersecurity news on a (mostly) daily basis. It’s usually published five days a week. One day is devoted to a premium edition. The standard edition of the newsletter is free. Getting everything costs $10 per month. I think it’s worth paying the dough just to keep these folks in business.

Inside Security is edited by David Strom, an industry veteran. I got to know David when he was the founding editor-in-chief of Network Computing, and I was on the staff. I’ve always respected his judgment.

The best way to decide whether the newsletter would be useful to you is to read a couple of past issues. You can find some at https://www.inside.com/lists/security/recent_issues.

A Typical Issue

I know this post sounds a lot like an ad. I apologize for that. The fact is, however, that almost every day I find something interesting and important in the newsletter. Very often, the stories deal not just with a breach happening, but an intelligent discussion of how it happened. On Monday, the breach of four million email accounts from Disney’s Club Penguin, the issue with misconfigured Jira project management servers, and several analyses of phishing attacks took this approach.

There was also a link to a great article comparing cybersecurity certification credentials and a discussion of how the U.S. Army Cyberschool has changed its teaching methods to better solve infosec problems.

I could go on, but the best thing is just to click the link above and see for yourself. The issues are short; it could be a worthwhile 10 minutes.

Translate »