Information Security References

News Sites

  • Krebs on Security: Brian Krebs is an American journalist and investigative reporter. He is best known for his coverage of profit-seeking cybercriminals. His interest grew after a computer worm locked him out of his own computer in 2001.
  • Threat Post: The Kaspersky Lab security news service, is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.
  • Dark Reading: Long one of the most widely-read cyber security news sites on the Web, Dark Reading is now the most trusted online community for security professionals. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.
  • SC Magazine: Online counterpart to Secure Computing monthly magazine. Provides product reviews, solutions and articles for the systems security professional.
  • The Register: Biting the hand that feeds IT! Independent news, views, opinions and reviews on the latest in the IT industry.
  • Help Net Security: Help Net Security has been a prime resource for information security news since 1998. The site always hosts fresh content including articles, new product releases, latest industry news, interviews, podcasts and more.
  • Internet Storm Center

Online Resources

  • OnGuardOnline: is the federal government’s website to help you be safe, secure and responsible online. Resources for educators, parents, military, kids and more.
  • StaySafeOnline
  • Phishing information at Provides general phishing information and prevention tips.
  • PCI Security Standards Council: The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
  • NIST Cybersecurity Framework: Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. It directed NIST to work with stakeholders to develop a voluntary framework – based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure.
  • NIST Computer Security Resource Center
  • SANS Critical Security Controls: The Critical Security Controls focuses first on prioritizing security functions that are effective against the latest Advanced Targeted Threats, with a strong emphasis on "What Works" - security controls where products, processes, architectures and services are in use that have demonstrated real world effectiveness.
  • Center For Internet Security: The Center for Internet Security, Inc. (CIS) is a 501c3 nonprofit organization focused on enhancing the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS provides resources that help partners achieve security goals through expert guidance and cost-effective solutions.
  • United States Computer Emergency Readiness Team: US-CERT strives for a safer, stronger Internet for all Americans by responding to major incidents, analyzing threats, and exchanging critical cybersecurity information with trusted partners around the world.
  • Cyber Degrees: A comprehensive directory of colleges and universities offering cyber security degrees, as well as a wealth of information on career paths within the cyber security field, security clearances, the range of professional security certifications available, free online courses in security topics and more.

Information Security Blogs

  • AT&T Consumer BlogExpert technology insights targeted toward consumers.
  • AT&T Business Insights: Expert technology insights to power business transformation.
  • avast! Blog: Security blog from the maker of anti-malware products.
  • Facebook Security Blog: Providing you with the information you need to protect your information both on and off Facebook.
  • FraudAvengers Blog: FPF2A created to add “fraud prevention” to the public’s understanding of “financial literacy”; to empower individuals to protect themselves and the ones they care about from financial abuse; and to impede criminals who seek to benefit from payments fraud.
  • Google Online Security Blog: The latest news and insights from Google on security and safety on the Internet
  • McAfee Family Safety Blog: Feeling overwhelmed by all the threats that could affect your family? Our bloggers provide you with the latest security tips and online trends to save you time, and keep your family safe.
  • Microsoft Security Tips & Talk Blog: The Microsoft Cyber Trust blog provides in-depth discussions on topics that frequently accrue to trust in technology
  • Consumer Information Online Blog: Entries by different agencies of the United States Government.
  • Blog con información para consumidores: Participantes por diferentes agencias de los Estados Unidos Government.
  • Private WiFi BlogAn informational site by a corporation that sells a personal VPN (Virtual Private Network) with bank level security that protects your privacy when using public WiFi hotspots.
  • RSA Speaking of Security Blog: RSA’s Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world.
  • Sophos Naked Security Blog: Award-winning computer security news from Sophos.
  • Stay Safe Online Blog: NCSA's mission is to educate and therefore empower a digital society to use the Internet safely and securely at home, work, and school, protecting the technology individuals use, the networks they connect to, and our shared digital assets.
  • Symantec Security Blogs: Multiple blogs by the well-known American technology company.
  • The Security Skeptic: The Security Skeptic blogs about all matters related to Internet Security, from domain names (DNS), firewalls and network security to phishing, malware and social engineering.
  • Tripwire's State of Security BlogThe State of Security is an award-winning blog featuring the latest news, trends and insights on current information security issues, including risk, compliance, incident detection and vulnerability research.