I need to keep up with the latest in data breaches and other hacker attacks for my work advising corporate and government clients on how to understand their risk in financial terms. But it’s easy to get lost in all the blogs and feeds covering cybersecurity news. To filter the flow, I regularly check these six sites. I find that they’re always up to date and help me spot new and interesting trends in information security.
1. Privacy Rights Clearinghouse
This non-profit organization advocates for consumer privacy rights but it also maintains a comprehensive, searchable list of data breaches. You can search for breaches based on industry, threat actor and year of breach, which is useful for filtering out topics irrelevant to you or your clients. PRC is updated daily, and you can get alerted to new attacks through the RSS feed.
Every year, Verizon Enterprise Solutions produces a Data Breach Investigations Report (DBIR), which includes some of the best aggregated information on breaches, plus cybersecurity statistics, based on over 100,000 incidents. The report is broken up by attack type, and includes interesting visuals and facts that you generally cannot find elsewhere. You can download the 2016 report here. AT&T, Cisco, Dell, Google and several other tech companies also produce annual cybersecurity reports ( see this list from Forbes).
The Hacker News stays extremely plugged in to the latest developments in the hacking world. The site breaks down many topics, ranging from data breaches to password hacks to malware. Readers can find posts updated daily covering incidents around the world, and they’ll email you articles as they break.
Brian Krebs, previously a Washington Post reporter, uses his blog as an outlet to investigate security issues and report on current events in the hacking world. Brian writes about everything from everyday issues relevant to consumers to security obstacles that large companies face. Although he works alone, Krebs managed to break significant news: He first reported the massive breach at Target stores in which 40 million people had their credit and debit cards stolen. It’s something of a tribute to Krebs that hackers tried to knock out his site in 2016 with a major distributed denial of service (DDoS) attack.
5. CyberScoop
Easy to read and easy to drill down into, CyberScoop categorizes its articles by industry and identifies the main threats that each face. With a large community following, this news site offers perspectives in each article that are not often found elsewhere, and from some impressive contributors.
6. DARKReading
If you’re one to read your RSS feed daily in search of interesting topics and current news DARKReading is a site for you. With the broad range of topics and frequent posts, readers are bound to find something to draw them in. Not only do they cover breaches, but the site also features blog streams covering vulnerabilities, risk, operations and more. The site also hosts a wide variety of industry thought leaders.