If you are trying to get into the world of cybersecurity, I’m sure you’ve heard the following saying over and over again.

“You are never done learning”

I agree with this wholeheartedly and it’s something you should know early on. One of the fundamental aspects to growing any career is learning how to learn. It sounds pretty simple but I assure you there are thousands, if not millions of professionals, that never nailed down this key skill. Learning this skill is precisely how I got to where I am now. Books are directly responsible for my career and skills. So I want to educate you all on why they are so crucial and underrated.

I know most of you already are put off by the need to read, but I guarantee it accelerates learning. To be clear I did not grow up a reader, I never read books in my free time. I watched TV, played video games and ran around outside. It wasn’t until after college that I finally figured out I needed to “learn to learn”. That all started with utilizing the secret tool to becoming a cybersecurity professional. Books.

Types of Books

Before I give you my quick list of reasons why I love books now, we need to differentiate. Books are not always equal. You can have multiple “styles” of books and it’s not obvious which type it is based on the title. So I’ve categorized them into the following.

• Textbooks –  made for educational purposes that follow a class structure for learning. Some may only be theoretical or a mix of theory and practice.
  • Hacking: The Art of Exploitation, Windows Security Internals
• Practical Guides – provide instructional steps for how to do a specific task or job.
  • Applied Incident Response, The Practice of Network Security Monitoring
• References – intended to be purely reference material, may not have much paragraph structure.
  • Blue Team Field Guide, Blue Team Handbook: Incident Response Edition
• Stories – Not as common in cybersecurity but there are books that are written as a story with cybersecurity being the focus. Typically, non-fiction or a biography but I’m sure there are fiction stories as well.
  • Dark Wire, Cult of the Dead Cow

If you are familiar with any of these examples, I am sure you may disagree with the category. To be honest, I am not set in stone on them either. The most difficult to differentiate is between textbooks and practical guides. Ultimately, just know not every cybersecurity book has the same goal and when I say “book” I may be referencing different categories.

The Tao of Books

So, what makes books so special?

Pros

• If someone is taking the time to write a book, then they have put in extensive research and time.
• Publishing a book typically requires more review and editing.
• Topics hit a nice sweet spot of being comprehensive but also specific. Ex: “The Art of Mac Malware” by Patrick Wardle.
• Textbook and practical guides provide a nice overview of the topic. As previously mentioned, “The Art of Mac Malware” still covers relevant information about how macOS runs software.
• There are more cybersecurity books out there then you think.
• Textbooks and practical guides are written and organized to be easily referenced.
• For me, physical copies are easier to reference than trying to find that one bookmark you saved years ago.
• Books provide more context due to its length. This gives authors more time to thoroughly explain a topic.
• A book, especially physical does not go away. There is no service, internet or special device required.
• Books look much cooler on a shelf.

It’s not all amazing there are certainly issues to watch out for.

Cons

• There’s a lot of unhelpful books out there, especially with AI generated books.
• eBooks can be a tricky area. Some eBooks are simply digital version of physical books while others are collections of articles/blogs. I would be cautious of any eBook only content. 
• Reading through a book can take a long time, especially if you are studying it.
• Reviews for cybersecurity books are not as helpful to differentiate a book that is useful to you. 
• Books still cost money and libraries don’t have as many cybersecurity books. 

I am going to keep this simple for now. However, I plan to write in more detail how to maximize using books in the future. 

Other Sources of Information

Now let me give you my experience as to why the other methods never “stuck”. Keep in mind all of this is subjective, obviously different people learn in different ways. I want to give you context and show I have at least tried other methods. Even beyond that, some did work well for various topics.

Online Courses/Videos

Pros

• With the right instructor a truly  interactive course can be life-changing. I’m sure you all remember that one teacher that changed your life.
• Much more accessible now no matter where you are in the world.
• Easier course creation has allowed for more individuals and small companies to create amazing content. Shout-out to 13Cubed.

Cons

• In my opinion, the effectiveness is entirely reliant on the instructor.
• There are too many options to the point where it is hard to find the “good” ones.
• The audience can feel vague and only certain sections are relevant to you. Especially after you’ve started developing your career.
• There will always be a cost, and more are moving towards subscription models.
• “Bootcamps” have replaced long-term courses to its detriment. 1 week is just not enough time to learn a subject as wide as “Windows Forensics” and retain it.

Articles/Blogs

Pros

• Fantastic for providing opinions, specific use-cases or research.
• Easily digestible and doesn’t eat up too much of your time.
• Easy for anyone to start their own.

Cons

• Everyone has a blog whether they are individuals or companies. It takes some trial and error to narrow down the good ones.
• There is a lot of AI-slop out there and it can be hard for folks to distinguish.
• Not great for learning content for the first time, especially fundamentals that require a lot of explanation.

Artificial Intelligence

Pros

• Can give quick answers to specific questions.
• “Technically”, they use multiple references.
• Free-ish.

Cons

• You have no idea what information is being sourced. Sure, it can show the sources but are you really going to read through each of those sources?
• It is not always accurate often misses specific wording that is essential to learning a tool, procedure or methodology.
• It tends to give overviews rather than in-depth information.

I didn’t include schools/degrees since that will require more time to discuss, maybe in the future.

Conclusion

At the end of day, learning is extremely personal. I am not going to sit here and act like there are options that work better for others. This is intended to show what works for me. In addition, I don’t think books are sought after enough in cybersecurity. We tend to prefer cheat sheets and courses. I challenge you to look at the books out there and see what’s relevant to your career or interests. I think you will be surprised all the options and quality out there. As a follow-up, my next post will feature how I study books and maximize learning from them. Keep an eye out for that, I promise it won’t be as long for the next post. In addition, I’ll be sure to reference just about every book I have read in my career. If you want a few suggestions take look at the books I reference in this post. I made sure to pick out ones I have read myself.

Hope this encourages you to read more and have a great day!

Terryn Valikodath

Twitter: @CyberCoat

BlueSky: @ChocolateCoat4n6.com

Mastodon: @ChocolateCoat@infosec.exchange

LinkedIn: terrynvalikodath

GitHub: https://github.com/chocolatecoat/