Here are 72 books that Cybersecurity and Cyberwar fans have personally recommended if you like
Cybersecurity and Cyberwar.
Shepherd is a community of 12,000+ authors and super readers sharing their favorite books with the world.
I became enthused about using mathematical models to understand the natural world as an undergraduate, got trained to do so, and spent my career working on a wide variety of applications. Most recently, I translated ideas from disease modeling to understand cyber variability and security.
To maximize success when applying mathematics to the natural or (for cyber) operational world, one needs to master the appropriate mathematical tools and have a deep knowledge of the subject matter. My recommendations are three really great books that will help you gain proficiency in the needed mathematical tools and how to apply them, and two equally great books on cyber systems.
There is no better starting point for preparing yourself to work on disease biology as it applies to cybersecurity than The Feynman Lectures on Physics, which are incredible and I have read (as have some Nobel prize-winning physicists) multiple times over my career.
Most recently, I read the chapters on optics and vision in the first part of 2025 because of research I am now doing on octopuses.
Richard Feynman has been a well-deserved hero in science for at least 65 years. He became a broader cultural hero in the mid 1980s with the publication of Surely You’re Joking Mr. Feynman and then in the 2000s when Alan Alda starred in essentially a one-person play about Feynman.
These lectures were originally given to first-year physics students at the California Institute of Technology, and you might think that they are not appropriate for most people. Well, yes and no. It…
The whole thing was basically an experiment," Richard Feynman said late in his career, looking back on the origins of his lectures. The experiment turned out to be hugely successful, spawning publications that have remained definitive and introductory to physics for decades. Ranging from the basic principles of Newtonian physics through such formidable theories as general relativity and quantum mechanics, Feynman's lectures stand as a monument of clear exposition and deep insight. Timeless and collectible, the lectures are essential reading, not just for students of physics but for anyone seeking an introduction to the field from the inimitable Feynman.
It is April 1st, 2038. Day 60 of China's blockade of the rebel island of Taiwan.
The US government has agreed to provide Taiwan with a weapons system so advanced that it can disrupt the balance of power in the region. But what pilot would be crazy enough to run…
I became enthused about using mathematical models to understand the natural world as an undergraduate, got trained to do so, and spent my career working on a wide variety of applications. Most recently, I translated ideas from disease modeling to understand cyber variability and security.
To maximize success when applying mathematics to the natural or (for cyber) operational world, one needs to master the appropriate mathematical tools and have a deep knowledge of the subject matter. My recommendations are three really great books that will help you gain proficiency in the needed mathematical tools and how to apply them, and two equally great books on cyber systems.
This is a wonderfully informative introduction to cyber system variability, and is something to both read from cover to cover and have on your shelf (physical or electronic) to dip into from time to time, as I do.
Libicki’s ideas appear throughout my book, including the advice he gives on page 1 that "…when facing a problem such as the threat from cyberspace it pays to be serious but not desperate."
If you seriously want to understand how to use disease models to understand cybersecurity and variability, the books by Libicki and Singer and Friedman provide a fantastic background in the subject matter.
This updated and expanded edition of Cyberspace in Peace and War by Martin C. Libicki presents a comprehensive understanding of cybersecurity, cyberwar, and cyber-terrorism. From basic concepts to advanced principles, Libicki examines the sources and consequences of system compromises, addresses strategic aspects of cyberwar, and defines cybersecurity in the context of military operations while highlighting unique aspects of the digital battleground and strategic uses of cyberwar.
This new edition provides updated analysis on cyberespionage, including the enigmatic behavior of Russian actors, making this volume a timely and necessary addition to the cyber-practitioner's library.
I became enthused about using mathematical models to understand the natural world as an undergraduate, got trained to do so, and spent my career working on a wide variety of applications. Most recently, I translated ideas from disease modeling to understand cyber variability and security.
To maximize success when applying mathematics to the natural or (for cyber) operational world, one needs to master the appropriate mathematical tools and have a deep knowledge of the subject matter. My recommendations are three really great books that will help you gain proficiency in the needed mathematical tools and how to apply them, and two equally great books on cyber systems.
This is a classic! I have had (and worn through copies) since 1969.
There is no explicit mention of disease in Maynard Smith’s book, but the two chapters on population regulation will give you all the tools you need to start applying ideas from disease biology.
As with the Feynman lectures, there is mathematics in this book – but it begins with arithmetic. I recommend it for much the same reason that I recommend Feynman because it will show you how mathematical reasoning can illuminate biology and was written by one the great mathematical biologists of the 20th century.
The book is written for biologists and has the same quality as Feynman’s lectures of having plenty of words that bring the mathematics to life.
This is a lucid introduction to some of the mathematical ideas which are useful to biologists. Professor Maynard Smith introduces the reader to the ways in which biological problems can be expressed mathematically, and shows how the mathematical equations which arise in biological work can be solved. Each chapter has a number of examples which present further points of biological and mathematical interest. interest. Professor Maynard Smith's book is written for all biologists, from undergraduate level upwards, who need mathematical tools. Only an elementary knowledge of mathematics is assumed. Since there are already a number of books dealing with statistics…
It is April 1st, 2038. Day 60 of China's blockade of the rebel island of Taiwan.
The US government has agreed to provide Taiwan with a weapons system so advanced that it can disrupt the balance of power in the region. But what pilot would be crazy enough to run…
I became enthused about using mathematical models to understand the natural world as an undergraduate, got trained to do so, and spent my career working on a wide variety of applications. Most recently, I translated ideas from disease modeling to understand cyber variability and security.
To maximize success when applying mathematics to the natural or (for cyber) operational world, one needs to master the appropriate mathematical tools and have a deep knowledge of the subject matter. My recommendations are three really great books that will help you gain proficiency in the needed mathematical tools and how to apply them, and two equally great books on cyber systems.
This is a short (about 100 pages) and relatively new (2020) book showing how mathematical modeling of the dynamics of populations can be used to give new insights to the classic experiments by the scientist Georgy Gause on predation by one kind of single-celled organism called Didinium on another single celled organism Paramecium (which may sound familiar from high school biology), where the populations are the numbers of the two species and to the outcomes of classical military battles like Trafalgar, where the populations are the sizes of the forces of each side.
McCue’s book is very well written and most of it is accessible with relatively simple mathematics. It will also show you how we can include the randomness that is inherent to nature (and to all operational situations) in models.
McCue is a top flight operations analyst; as with Feynman and Maynard Smith, reading this book – even…
F.W. Lanchester famously reduced the mutual erosion of attrition warfare to simple mathematical form, resulting in his famous "Square Law," and also the "Linear Law." Followers have sought to fit real-world data to Lanchester's equations, and/or to elaborate them in order to capture more aspects of reality.In Beyond Lanchester, Brian McCue--author of the similarly quantitative U-Boats In The Bay Of Biscay--focusses on a neglected shortcoming of Lanchester's work: its determinism. He shows that the mathematics of the Square Law contain instability, so that the end-state it predictes is actually one of the least likely outcomes.This mathematical truth is connected to…
Researching DevilsGame, about an Internet meltdown caused by an unknown evil, I exposed myself to some harrowing truths. I learned how astonishingly frail our internet ecosystem is and how imperiled it is by bad actors who have burrowed deeply and often invisibly into its infrastructure. So, beyond writing a fictional thriller, I was moved to ring a warning bell! And I hope by formatting DevilsGame as “hyperlinked fiction,” mixing real news sites with fictional sites created for the novel, readers will experience the story in a way that parallels and parodies the way we experience real, live crises these days: navigating from fact to fiction, often without observing the boundaries.
I was stunned by the authors' dire and dramatic warning that the interests and methods of two mighty authoritarian regimes–China and Russia–are increasingly coming into alignment, and this alignment is spawning increasingly deadly threats to, and attacks on, the very foundations of our democracy and national security.
I found myself agreeing as the authors demonstrate how the United States government is failing to fully acknowledge and effectively respond to these massive threats–but I was also somewhat encouraged, as they do offer solutions and provide a ray of hope that we can restructure our approach to Chinese and Russian threats by streamlining our bureaucratic agencies and purpose-building them to directly confront them.
The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response. Halting this digital aggression will require Americans to undertake sweeping changes in how we educate, organize…
Dr. Sean McFate is an expert on international relations and a former military contractor. He is a Senior Fellow at the Atlantic Council, a Washington DC think tank, and a professor at Georgetown University's School of Foreign Service, Syracuse University's Maxwell School, and the National Defense University. He began his career as a paratrooper and officer in the U.S. Army's 82nd Airborne Division.
There are cyber mercenaries too. Called “hackback” companies, they are illegal, offshore hackers who hack the hackers. While they cannot retrieve hacked material, they can cause a world of hurt for anyone who tries to hack you, and that’s why they matter: deterrence. CEOs and others around the world sometimes turn to hackback firms to make them hard targets. Also, countries like the United Arab Emirates hire former NSA hackers. New York Times reporter details some of this industry in his book about cyberwar. Like many in cyberspace, his claims are often sensationalized, but his reportage cannot be beat.
From Russia's tampering with the US election to the WannaCry hack that temporarily crippled the NHS, cyber has become the weapon of choice for democracies, dictators, and terrorists.
Cheap to acquire, easily deniable, and used for a variety of malicious purposes - from crippling infrastructure to sowing discord and doubt - cyberweapons are re-writing the rules of warfare. In less than a decade, they have displaced terrorism and nuclear missiles as the biggest immediate threat to international security and to democracy.
Here, New York Times correspondent David E. Sanger takes us from the White House Situation Room to the dens…
I worked as an industrial electrician for over two decades. At one point during a meeting to discuss an upcoming project, a question was posed about the delivery time of a specific piece of equipment. When the answer was given that it would be about a year away, it got me thinking: what if a specialized piece of equipment—critical to the grid and with an equally long lead time—was destroyed, how would the grid survive? More importantly; how would we survive? That single statement was the spark that ignited the fire in me to learn all about the grid, and to write Dark State.
Lights Out is another great non-fiction book about electrical grid vulnerabilities. Koppel also spotlights High Power Transformers as the Achilles Heel of our electrical system
But Koppel also does a deep dive on the survivability—or rather lack thereof, of our society if the grid were to be taken down. He even broke down various social classes of people: rural versus urban, and talked about how each group would survive based upon their skillsets and resources available to them. FYI: Ranchers fare best
He even discussed the amazing organization the Mormon Church has put together with regards to the preparedness of each of their members, as well as how they would leverage their collective strengths together as a group.
NEW YORK TIMES BESTSELLER • Ted Koppel reveals that a major cyberattack on America’s power grid is not only possible but likely, that it would be devastating, and that the United States is shockingly unprepared.
“Fascinating, frightening, and beyond timely.”—Anderson Cooper
Imagine a blackout lasting not days, but weeks or months. Tens of millions of people over several states are affected. For those without access to a generator, there is no running water, no sewage, no refrigeration or light. Food and medical supplies are dwindling. Devices we rely on have gone dark. Banks no longer function, looting is widespread, and…
I am a cybersecurity risk management thought leader and subject matter expert with hands-on experience in managing and measuring large-scale cybersecurity programs, system security architecture, cybersecurity tools and techniques, cybersecurity forensics, audit of information systems and networks, and technology control processes. I have spent my career educating others in cybersecurity, mostly because it has always been necessary to educate staff; and colleagues soon recognized that I was easily able to handle the transition from staff training to external classroom environments. But my main motivation for external cybersecurity education is to get feedback from the cybersecurity professional community on my approaches to today’s cybersecurity issues.
Amoroso’s experience started with academic research at Bell Labs and Stevens Institute of Technology but moved quickly to practically fill voids at AT&T and NSA. His book reduces technical concepts in cybersecurity to basic principles and explains generically how they are effectively implemented. For the true techy who wants to fully understand all the formal logic behind the theories in Cyber Attacks, reach back to Ed Amoroso’s Fundamentals of Computer Security Technology (1994).
Cyber Attacks takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction. It initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well.
This book covers cyber security policy development for…
I’ve been passionate about science as a way of learning how nature works and approaching truth since I was a pre-teen. After five decades of basic research, teaching, and management in physics, I can distinguish good science from pseudoscience even beyond my own areas of expertise. I am greatly disturbed by attempts to undermine science in public policy-making when its findings conflict with ideology, religious beliefs, or business bottom lines. My passion project, via my blog debunkingdenial.com, is to explain to teachers and the public the underlying science and the flaws in science denial across a wide range of topics at the interface with public policy.
I love this book because Perlroth chronicles the proliferation of cyberweapons, which began in the hands of mischievous young hackers exploiting vulnerabilities in widely used software. Once some of those hackers joined the NSA, their tools were developed into sophisticated weapons to undercut technological developments in enemy states like Iran.
Once NSA’s hacks leaked to the wider world, they spawned an arms race and fueled rampant criminal ransomware attacks on vulnerable institutions. Informed by Perlroth’s book, I see a future in which dwindling human fertility and the ballooning costs of advanced weaponry will enhance the military role of cyber-attacks, leading to Mutually Assured Cyber Destruction, in which many countries have cyberweapons deeply embedded in the critical infrastructure of their adversaries, just waiting to activate them.
THE NEW YORK TIMES BESTSELLER * Winner of the Financial Times & McKinsey Business Book of the Year Award * Bronze Medal, Arthur Ross Book Award (Council on Foreign Relations)
"Written in the hot, propulsive prose of a spy thriller" (The New York Times), the untold story of the cyberweapons market-the most secretive, government-backed market on earth-and a terrifying first look at a new kind of global warfare.
Zero-day: a software bug that allows a hacker to break into your devices and move around undetected. One of the most coveted tools in a spy's arsenal, a zero-day has the power…
As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.
This book is a “how-to” guide for teams developing secure software. Written by a team of experts, it covers the important issues in developing software that is better able to prevent successful attacks. The book contains many references, a strategy, and an implementation guide with cross-references. For each topic, the maturity of practice at the time of writing is provided, as well as an indication of the audience.
"This book's broad overview can help an organization choose a set of processes, policies, and techniques that are appropriate for its security maturity, risk tolerance, and development style. This book will help you understand how to incorporate practical security techniques into all phases of the development lifecycle."
-Steve Riley, senior security strategist, Microsoft Corporation
"There are books written on some of the topics addressed in this book, and there are other books on secure systems engineering. Few address the entire life cycle with a comprehensive overview and discussion of emerging trends and topics as well as this one."
