10 Cybersecurity Blogs & News Sites All IT Pros Should Follow

10 Cybersecurity Blogs & News Sites All IT Pros Should Follow


If there’s one thing cybersecurity experts can agree on, it’s that cybercrime never sleeps. That’s because cybercriminals are always playing the game of cat and mouse with their targets, constantly evolving their tactics to circumvent the latest and most sophisticated defenses.

To avoid being the mouse in this game, all information technology professionals—and, to some extent, even regular employees—need to stay on top of the latest cybersecurity news and trends. Fortunately, there are many cybersecurity blogs and news sites that provide the information you need to avoid becoming a cybercrime victim.


1. United States Computer Emergency Readiness Team

One cybersecurity website that every IT pro should bookmark is published by the United States Computer Emergency Readiness Team. US-CERT, as the website is commonly referred to, is an excellent source of timely information about current security issues, vulnerability reports, weekly cybersecurity bulletins, and in-depth analysis of evolving cyber threats.

2. Threatpost

Threatpost is an authoritative, independent cybersecurity news site whose global editorial activities are driven by its editor-in-chief, Tom Spring, who has decades’ worth of experience covering business technology news. Threatpost also publishes its own podcast, which offers in-depth discussions on the most important cybersecurity topics, always trying to go beyond the headlines.

3. Naked Security

You may not be familiar with Naked Security, but you’ve probably heard about the British security software and hardware company behind it, Sophos. That’s right, Naked Security is Sophos’s award-winning blog, and it’s known for making hot cybersecurity topics accessible to a broad audience. Naked Security is easy to follow because there are rarely more than two articles published per day.

4. Dark Reading

Since 2006, Dark Reading has been publishing premier cybersecurity content, offering an educated commentary and insightful clarifications backed by research and years of industry experience. The site’s contributing writers are widely recognized cybersecurity experts who can connect the dots between trends and their real-world impact on organizational policies and security mechanisms.

5. WeLiveSecurity

WeLiveSecurity is a cybersecurity blog from the people behind ESET, a pioneer of antivirus protection that has been offering antivirus and firewall products for more than three decades now. When reading WeLiveSecurity, you certainly don’t want to miss its weekly summary of the most important cybersecurity topics, called Week in security with Tony Anscombe.

6. Krebs on Security

When it comes to personal blogs published by cybersecurity experts, not many are more popular than the one published by Brian Krebs, a former Washington Post investigative reporter who has been exposing profit-seeking cybercriminals for the better part of his career. Krebs on Security is an invaluable source of information for IT pros who want to know how cybercriminals really think and operate.


7. Schneier on Security

Bruce Schneier wears many hats: he’s a fellow and lecturer at Harvard’s Kennedy School, a board member of EFF, the Chief of Security Architecture at Inrupt, Inc., a cryptographer, and the author of Schneier on Security. On his blog, he collects some of the most important cybersecurity news and sprinkles it with his own insights and opinions. Even more useful information can almost always be found in the comments section below each article.

8. Graham Cluley

We conclude our trio of famous cybersecurity bloggers with Graham Cluley, a former programmer at British antivirus firm S&S International turned writer who worked as a Senior Technology Consultant at Sophos from 1999 to 2013. Graham has the ability to make what would otherwise be dry cybersecurity news interesting thanks to his unmistakably British sense of humor, so reading his articles never feels like a chore.

9. Kaspersky Daily

The cybersecurity experts working for multinational cybersecurity and antivirus provider Kaspersky Lab know their stuff. That’s evident not just from the popularity of their cybersecurity products or their exhaustive threat reports, but also from the articles published on Kaspersky Daily, which make daunting topics accessible even to people whose lives don’t revolve around computers.

10. CSO Online

As its name suggests, CSO Online strives to be the go-to information source for chief security officers (CSOs), but the site’s content can be enjoyed by all IT security professionals. CSO Online publishes multiple newsletters, including CSO Update, which lets you catch up on the best of CSO every Tuesday and Thursday. To subscribe to them, you simply need to provide your business email address and choose your newsletters.

Still Hungry for More Cybersecurity Information?

Then make sure to follow our own blog, where we regularly tackle cybersecurity-related topics that all small and medium-sized organizations need to know about.