Security touches everything we do, online and offline. There is no longer a distinction between our lives and the internet. We socialize, make plans, work, and bank online. With so much data flowing between servers around the world, keeping it safe and private is essential. Regrettably, there is a vocal subset of companies and governments that disagree. They believe that we shouldn’t have a right to privacy and that our data is now theirs.
This push-and-pull can seem complicated, or worse unimportant. Fortunately, there is no shortage of experts willing to share their expertise for us all to benefit from. Whether you are already invested in the struggle for security, or hope to bring someone into the fold, here are 10 cybersecurity books that you need to read right now.
1. No Place to Hide: Edward Snowden, the NSA and the Surveillance State by Glenn Greenwald
Glenn Greenwald was a prominent journalist in his own right, having previously written for The Guardian, and The Intercept. His first step into journalism was on his own blog Unclaimed Territory which focused on the NSA’s warrantless surveillance around the turn of the millennium. It was this background that Edward Snowden to contact Greenwald about the U.S. government’s global surveillance programs. Greenwald was instrumental in the disclosure of the NSA’s surveillance projects in a series of reports for The Guardian.
The Snowden reports were some of the most influential disclosures of recent times. The U.S. government was using the internet as a tool of mass surveillance. What made the revelations even more shocking was that they were spying on their own citizens too. Greenwald recounts how he first came to meet Snowden, and how they created the now infamous reports. The second half explores the implications of the disclosures, and what we can do to prevent schemes like this in the future.
2. Nineteen Eighty-Four by George Orwell
Before Big Brother was a popular reality TV show, he was the tyrannical Party leader of George Orwell’s 1949 novel. Orwell wrote this cornerstone of dystopian fiction post-WWII, during the beginnings of the Cold War. Despite writing in an age before computers, smartphones, or the internet, many of the techniques explored throughout the book are as relevant today as ever. The always-on surveillance of Nineteen Eighty-Four‘s telescreen even draws parallels to many of our smart home devices. After reading you may wonder if today’s governments and tech companies view Nineteen Eighty-Four as a manual, rather than a warning.
3. Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Social engineering (SE) blends together psychology with a dash of manipulation to extract confidential information from unwitting victims. Coverage of security events focuses on the technical, but SE is often one of the most critical elements. Machines are predictable and will always follow the rules — people less so.
Christopher Hadnagy is an SE expert, and host the brilliant Social-Engineer podcast. He leads a team who pivot between real-life penetration testing, technical training, and hosting regular events at Def Con. This book sees Hadnagy explore the topic he knows best, and impart many years of learnt knowledge. The book explores what social engineering really is, how it’s used, and how to protect yourself against the social engineers.
4. Privacy: A Very Short Introduction by Raymond Wacks
The Very Short Introduction series from Oxford University Press have been instrumental in introducing new topics to readers, with over 510 titles in the series to date. The Privacy edition was first released in 2010, and subsequently updated in 2015. There are largely three camps of belief: those that believe we are in a post-privacy world, staunch privacy advocates, and the majority who are ambivalent to the erosion of privacy in the name of security.
For those of us that passionately believe in the preservation of privacy — both online and offline — the ambivalent group are the most challenging because they often echo the “if you’ve got nothing to hide…” mantra. If you’ve had a hard time convincing your nearest and dearest of the importance of privacy, or you want to learn more for yourself, this short guide is the perfect place to start.
5. Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier
Bruce Schneier is very well placed to write a book about how companies collect your data. Since 1994, Schneier has been involved in digital cryptography, releasing his first book Applied Cryptography that same year. Since then he has written twelve more books delving into cryptography and more general security topics. Alongside his other output, he runs his own security weblog, Schneier on Security, and sits on the board for the digital rights group, the Electronic Frontier Foundation (EFF).
With that body of work behind him, it’s clear that Schneier knows what he’s talking about and is passionate about it. Data and Goliath puts that passion at the forefront as Schneier outlines all the ways that we are being surveilled — and how we even participate in the invasion of our own privacy. While that would be interesting in its own right, Schneier takes the time to outline how we can change this situation for the better. In a world where companies we’ve never even heard of can expose some of our most sensitive data, the need for change is more critical than ever.
6. So You’ve Been Publicly Shamed by Jon Ronson
Doxxing is one of the scourges of the internet and is often used to intimidate or pressure someone into silence. The practise of unleashing someone’s personal information online without their consent can be a terrifying and damaging experience. Social media allows news to travel in an instant, and has radically changed the way we interact with the world around us.
It also gives an anonymous voice to anyone who wishes to abuse it. This is a problem that is all too common on Twitter. So what happens when you post something risque, offensive, or that gets misinterpreted? Should you be punished forever, facing the loss of your job and all Google searches for your name bringing back negative results for years to come?
Author and broadcaster Jon Ronson delves beneath the controversial stories of recent internet shamings. In doing so he reveals the individuals who had their lives ruined by the abuse they received online. Ronson creates empathy for those involved, regardless of whether you agree with their perceived missteps or not. The stories are interesting, and often alarming, but also serve to highlight exactly why you should be careful about what you post online.
Cyberwar has been a regular feature of science fiction for years but often as useful fictional plot device. This all changed when in 2010 researchers stumbled across the first digital weapon. The worm, known as Stuxnet, had been purpose built to avoid detection. Its ultimate goal was to disrupt Iran’s nuclear program.
Kim Zetter, a senior writer at Wired, covered the story as it unfolded and is unsurprisingly uniquely qualified to write the book on Stuxnet. She guides us through Stuxnet’s accidental discovery, and the repercussions of this act of digital warfare. Zetter artfully explores the interplay between politics and technology that led to the consensus that America and Israel were jointly responsible for the now infamous worm.
8. The Transparent Society by David Brin
If you cast your mind back to 1999, the world was a very different place. The internet was only just hitting the mainstream, we still connected to AOL via dial up, and Amazon was still a bookshop. You might then question how relevant a book written about privacy in that year could still be. The Transparent Society, written by science-fiction author David Brin, turns out to be exceedingly relevant in the post-Snowden world. Despite being a science-fiction writer, Brin accurately predicted how Moore’s Law would contribute to the proliferation of low-cost surveillance devices and the erosion of privacy.
Perhaps uniquely, he has an interesting solution to the problem: the Transparent Society. In this society, all information would be public and freely available to anyone who wants it. This would in turn compensate those who lost their privacy with control over how their data is used. The idea is controversial, with security expert Bruce Schneier calling it a “myth.” However, it is an interesting solution to a problem that plagues us as much today as did 20 years ago.
9. Thieves Emporium by Max Hernandez
Similar to Nineteen Eighty-Four, Max Hernandez explores privacy and security through fiction. Unlike Orwell, Hernandez is writing in the modern era where smartphones, malware, and government surveillance are no longer works of fiction. The novel explores a near-future America, where surveillance is normalized and technology is vilified.
Hernandez wrote this novel out of passion for the concepts, and the depth of knowledge bears that out. Technical concepts like encryption are explored through the narrative. This is a refreshing approach which should make these often complicated topics a little easier to understand. By mixing the real with the fictional, Hernandez conjures up a world that doesn’t exist but feels all too familiar at the same time.
10. Alan Turing: The Enigma by Andrew Hodges
Cryptography is one of the cornerstones of digital security. It underlies the encryption that we rely on to keep our information secure as it zips between servers. Long before we could envisage conducting our financial affairs online, Alan Turing became one of the world’s most notable computer scientists. He was recruited at the height of WWII by the British government to help decrypt the German Enigma military messages. The machine he developed allowed the Allies to effectively intercept German armies, and contributed to the end of the war.
Alongside his pivotal role during the war, he became a prominent computer scientist in his own right. He developed the Turing Test which is still used to this day to distinguish AI from humans. Despite being one of the most influential computer scientists, Turing’s life came to an untimely end following his criminal prosecution. He was posthumously pardoned in 2013, almost 60 years after his death. His fascinating and affecting story was brought to life by Benedict Cumberbatch in the 2014 film The Imitation Game.
Which Cybersecurity Books Do You Recommend?
Security is one of the most interesting and important fields in modern day computing. While there are undoubtedly many who would benefit from the erosion of our privacy and security, it is one of the most critical elements of the modern world. With so much at stake, being well informed is one of the best ways to prevent the impending erosion of our rights.
Have you read any of these books? What did you think of them? Do you think we missed any essentials? Let us know in the comments!