In celebration of National Book Lover’s Day, we polled SonicWall leadership and employees for the all-time standout cybersecurity books. Here’s what they recommend.

Cybercrime headlines have become a regular fixture in the daily news. As we connect to the internet for everything from work and school to social interactions, cybercriminals have taken advantage of a widening pool of potential targets.

According to the latest data in the Mid-Year Update to the 2021 SonicWall Cyber Threat Report, ransomware attacks were up 151% year to date through June 2021. In fact, SonicWall Capture Labs threat researchers recorded more ransomware attacks during the first half of 2021 than all over 2020.

As a result, cybersecurity has grown from a dedicated technology industry to a general interest topic. That’s why we’ve put together a list of cybersecurity books that everyone should — and can — read. From our employees’ responses, we’ve crafted a list of books that share wisdom gained from real-life experiences and threat research, all while providing a highly entertaining read.

1. The Smartest Person in the Room
   2021, Christian Espinosa
   Christian Espinosa has poured his experience as an IT engineer and company CEO into this book with a fresh approach to cybersecurity. The book is detailed with business management insights and guidance for strategic planning. It is designed to help executives and managers solve the weakest link in cybersecurity: people. According to Espinosa, high intelligence and talent lose meaning when companies lack effective communication, intelligence and self-confidence, leaving organizations weak and vulnerable to exploitation. Espinosa outlines a seven-step methodology for turning a company’s greatest weakness into robust defense against the most common cyberthreats.
2. Practical Cyber Security for Extremely Busy People
   2020, Daniel Farber Huang
   A guidebook written in concise, easily consumed sections designed to help individuals take actional steps to protect themselves, their families and their careers from cyber threats and online exploitation. Learn how to prevent companies from tracking your online movements, secure your online bank accounts and prevent identity theft. This book makes personal cybersecurity less intimidating and more efficient for any internet user.
3. Cybersecurity and Cyberwar: What Everyone Needs to Know
   2014, P.W. Singer, Allan Friedman
   New York Times best-selling author P. W. Singer and renowned security expert Allan Friedman give us a simple and informative resource for deciphering our ongoing problems with cybersecurity. The narrative is wrapped around several essential questions: how cybersecurity works, why it matters and what we can do to help it along. The narrative is well-illustrated, with excellent stories and anecdotes that offer important and entertaining points about major players in cybersecurity.
4. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon
   2015, by Kim Zetter
   Kim Zetter is an investigative journalist who is well-known for her coverage of cybersecurity and national security issues. While this book is a bit older, it builds a case for the identity of the creator of Stuxnet and how the malware was used to sabotage Iran’s nuclear production infrastructure. In addition, the book illustrates how the malware went on to trigger a new age of warfare and threat. Finally, Zetter goes beyond the history of hacking attacks and makes several predictions about new threats we face.
5. Social Engineering: The Science of Human Hacking
   2018, Christopher Hadnagy
   Written by Christopher Hadnagy, an IT educator and entrepreneur, Social Engineering illustrates how ‘social’ hackers think. Hadnagy points out that it’s much easier to trick someone into sharing their passwords than to exert the brute force necessary to hack into a system. This book examines social hackers’ psychological tactics and tricks to steal identities, commit fraud, and gain access to even the largest and most well-protected enterprise computer systems.
6. The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age
   2018, by David E. Sanger
   Written by New York Times national security correspondent David Sanger, The Perfect Weapon describes the confluence between cyberweapons and geopolitics. Sanger summarizes how hacking tools have transformed into cheap weapons utilized by democracies, despots, and terrorists alike and used virtually anonymously. Sanger reminds us that two American presidents — Bush and Obama — showed the world how it is done by launching the first massive state attack to destroy Iran’s nuclear centrifuges. Yet, ironically, America and its allies were badly unprepared when other state actors tuned the very same weapons against them. This book should be on everyone’s list because it illustrates “the perils of technological revolution, where everyone is a target.”
7. Cult of the Dead Cow
   2019, Joseph Menn
   Author Joseph Menn describes his life as a teenage member of a hacker’s ‘club’ with a weird name. Menn explains the group’s genesis, how they worked, a few of their exploits, and how they became the country’s oldest and most respected ethical hacking group. According to Menn, the group coined the word “hacktivism” to force large corporations to rethink security protocols and protections for personal data. As of the book’s publication, the group and its followers are still engaged in hacktivism against misinformation and promoting security measures that help make personal data safer.
8. Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers
   2019, Andy Greenberg
   Author Andy Greenberg, a senior editor for WIRED magazine, writes a riveting narrative about a series of devastating cyberattacks that span three years (from 2014 to 2017) that started with utility companies in the U.S. and Europe and NATO administrative offices. The attacks resumed with a well-known deployment of malware known as NotPetya that paralyzed global corporations, railways, postal services, hospitals and did about $10 billion in damage. At the time, it was an unprecedented and the most destructive cyberattack the world had seen. Greenberg’s examination explores the realities of state-sponsored cyberattacks and still-relevant insights on the implications of a new type of global warfare.
9. The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats
   2019, by Richard A. Clarke, Robert K. Knake
   The Fifth Domain is written by two former U.S. presidential cybersecurity officials, Richard Clarke and Robert Knake. The authors open by listing the four known domains of warfare —land, air, sea, and space — adding the fifth domain: cyberspace. Next, they offer detailed profiles of several high-profile attacks and the lessons learned. Finally, the deeper dive gives us technical details about system resiliency that corporations and organizations can adopt to keep them out of trouble.
10. Cyber Warfare – Truths, Tactics & Strategies
    2020, Dr. Chase Cunningham, foreword by Gregory J. Touhill
    This book clearly and plainly defines strategies and tactics for cybersecurity. Written by retired chief U.S. Navy cryptologist and cyber forensic analyst Dr. Chase Cunningham, the book is a quick read and easily digestible despite some of the high-level technical narratives. Readers gain an understanding of the tactics that threat adversaries use in the modern distributed IT world. Dr. Cunningham also dives into emerging cybersecurity issues such as machine learning, artificial intelligence, and deep fakes.
11. Tribe of Hackers: Security Leaders
    2020, Marcus J. Carey and Jennifer Jin
    This volume is one of four books under the “Tribe of Hackers” title, written for people who want to work and succeed in the expanding field of information security. One of the series’ best editions, the book focuses on leadership training specifically for cybersecurity in a collection of essays written by non-corporate global thinkers from the field. Published by Wyle, a publisher that specializes in nonfiction business instructionals, this book and the companion series is a great way to kick off a career or grow an existing one.
12. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker
    2012, Kevin Mitnick
    Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escapes — and a portrait of a visionary who forced the authorities to rethink the way they pursued him, and forced companies to rethink the way they protect their most sensitive information.

Honorable Mention

It may not be a book about cybersecurity, but we cannot end this list without mentioning this upcoming release from Colonel Chris Hadfield.

Colonel Hadfield left a lasting impression on SonicWall employees globally when he kicked off the global Boundless 2020 virtual partner conference last August. Hadfield is set to release The Apollo Murders, a fictional account of three astronauts in a tiny spaceship, a quarter million miles from home, in October 2021. His debut thriller, The Apollo Murders is a high-stakes thriller unlike any other. Hadfield captures the fierce G-forces of launch, the frozen loneliness of space, and the fear of holding on to the outside of a spacecraft orbiting the Earth at 17,000 miles per hour as only someone who has experienced all of these things in real life can.

Olympic athletes are not the only ones being recognized for their hard work and commitment this summer. CRN has once again named SonicWall President and CEO Bill Conner to its 2021 Top 100 Executives list and honored him in the Top 25 IT Innovators of 2021 sub-category.

The annual list honors the passionate and hard-working technology executives who are supporting, growing and redefining the IT channel. These executives have demonstrated their commitment to the channel and proved themselves as exemplary leaders through their innovative channel-focused strategies and initiatives.

“The SonicWall channel is the heartbeat of our company that has propelled us forward for the last 30 years,” said Conner. “We have been 100% driven by the channel since our founding, and it is our mission to thank those partners by providing them with the technology, tools and support they need in order for them to achieve success and bypass their goals.”

CRN’s Top 100 Executives list acknowledges the tech visionaries who are blazing new trails within the larger IT space. It honors executives across four sub-categories: the 25 Most Influential Executives, Top 25 Channel Sales Leaders, Top 25 Innovators and Top 25 Disruptors, each with its own set of strengths that impact the IT channel.

“New technology trends, such as the shift to remote work, cloud computing, SaaS, and IoT, have forced companies to rapidly adapt to an IT landscape that gets more complex by the day,” said Blaine Raddon, CEO of The Channel Company. “However, with IT executives like those featured on our CRN 2021 Top 100 Executives list leading the charge, those same companies are better equipped to tackle modern IT challenges. These leaders have demonstrated an unceasing commitment to business growth and IT innovation, and I have no doubt they’ll continue to do so as new challenges arise.”

Founded in 1991, SonicWall first sought to onboard top resellers, VARs and system integrators that focused on providing high quality, affordable inter-networking solutions to small- to medium-sized businesses (SMB) and educational institutions. Today, SonicWall has grown to more than 17,000 channel partners worldwide.

SonicWall is credited for building the award-winning SecureFirst partner program in 2016 that grew 500% in one year as partners around the world were re-introduced to products and comprehensive offerings.

For more information on how to become a SonicWall partner visit, www.sonicwall.com/partners/become-a-partner.

This week governments in the U.S. and U.K. geared up to fight back against the growing threat of ransomware.

SonicWall in the News

NCSC updates schools ransomware guidance amid surge — Computer Weekly

• The National Cyber Security Centre says it is dealing with a renewed surge of ransomware attacks targeting schools, colleges and universities.

Orange Business Services taps Ericsson for enterprise IoT security — Computer Weekly

• According to the 2021 SonicWall Cyber Threat Report, malware attacks on IoT devices in 2020 jumped by 66% compared with 2019.

SonicWall Sheds Light On Ransomware Attacks As NCSC Announces Continued Rise — Information Security Buzz

• Last week, NCSC announced it is investigating another increase in ransomware attacks against educational institutions in the UK.

Three Best Practices to Neutralize Ransomware Attacks — Dataversity

• Since 2019, ransomware attacks have soared by 158% in North America and by 62% globally, according to the 2021 SonicWall Cyber Threat Report — which also stated that cybercriminals are using more sophisticated tactics to try to shut down companies in exchange for a data “ransom.”

Ransomware attacks on the UK education sector — Professional Security

• “Ransomware attackers have identified universities’ vulnerabilities as providing something valuable as well as information that is readily exportable,” Terry Greer-King, VP EMEA of SonicWall, said. “Hackers can not only disable networks, but they can also thoroughly infiltrate the systems and … access an organization’s records, bypassing security altogether.”

Are you certain you are on the right side of defending against tomorrow’s APTs? — Everything Industrial

• Ashley Lawrence, SonicWall Regional Sales Senior Manager for Sub-Saharan Africa, is featured for his views on Advanced Persistent Threats and how SonicWall’s RTDMI and Capture ATP can help protect businesses.

Industry News

Security researcher says attacks on Russian government have Chinese fingerprints – and typos, too — The Register

• An advanced persistent threat that Russia found inside government systems seems to have come from a Chinese entity rather than a western group, security researchers say.

U.S. Senate passes sweeping bill to address China tech threat — Reuters

• The U.S. Senate voted 68-32 to approve a sweeping package of legislation intended to boost the country’s ability to compete with Chinese technology.

Hacker Known as Max Is 55-Year-Old Woman From Russia, U.S. Says — Bloomberg

• Witte appeared before a U.S. magistrate judge on June 4 for her arraignment, where she waived her rights to a detention hearing.

LinkedIn asks Supreme Court to review whether data scraping is prohibited hacking — The Washington Times

• Social networking platform LinkedIn asked the Supreme Court to review whether the “scraping” of data from its website equates to illegal hacking under federal law.

JBS Hackers Took Data From Australia and Brazil, Researcher Says — Bloomberg

• Security Scorecard found evidence that hackers took data from a JBS location in Brazil in April and May. The attackers began taking large amounts of data from the company’s network in March and continued until the hack was discovered late last month.

What Hackers Can Learn About You From Your Social-Media Profile — The Wall Street Journal

• That post you ‘liked’ on Facebook? Your alma mater on LinkedIn? They are all clues that can make you — and your company — vulnerable.

Ransomware Struck Another Pipeline Firm—and 70GB of Data Leaked — Wired 

• LineStar Integrity Services was hacked around the same time as Colonial Pipeline, and now radical transparency activists have brought the attack to light.

CISA Announces Vulnerability Disclosure Policy Platform — Security Week

• The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced that it has partnered with the crowdsourced cybersecurity community for the launch of its vulnerability disclosure policy (VDP) platform.

Ransomware attack hits House members’ web tool to communicate with voters — The Washington Times

• Cybercriminals have attacked a web tool that members of the House of Representatives use to communicate with voters.

Insurer Chubb paid $65,000 to help a city unlock ransomware in 2018. A second hack was more expensive. — Cyberscoop

• A city in California didn’t disclose a ransomware payment for more than two years after its insurer covered the cost, the city manager acknowledged amid yet another ransomware attack on the municipality.

First Known Malware Surfaces Targeting Windows Containers — Dark Reading 

• Siloscape is designed to create a backdoor in Kubernetes clusters to run malicious containers.

Ransomware warning: There’s been another spike in attacks on schools and universities — ZDNet

• NCSC alert says there’s been a rise in ransomware attacks targeting the education sector at a critical time in the academic calendar.

The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade — ZDNet

• Current estimates suggest that ransomware will cost us approximately $20 billion this year, a 57x jump from 2015.

U.S. officials up pressure on firms, foreign adversaries over cyberattacks — The Wall Street Journal

• President Joe Biden is reportedly considering all options, including a military response, to counter the growing threat.

In Case You Missed It

• Introducing the Updated SonicWall Network Security Administrator (SNSA) for SonicOS 7 Course —Jerry Avila
• SonicWall’s Bill Conner Talks Ransomware on the Radio — Lindsey Lockhart
• Infiltrate, Adapt, Repeat: A Look at Tomorrow’s Malware Landscape — Brook Chelmo
• Join us for the 2021 SonicWall Partner Virtual Roadshow — David Bankemper
• Capture Client 3.6 Launch Brings Key Features — Brook Chelmo