Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.
When I worked in application security at Microsoft, we still had products that shipped every few years. I learned to scale application security in that world, but many people live in a different world now. AAS helped me understand which of our approaches translated well, which had to be transformed, and which needed to be discarded or replaced. I regularly refer back to it, even a few years later.
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with…
Art, technology, and science…I have been seamlessly traversing domains all my life. I grew up with twin interests in physical sciences and visual arts, finding beauty in math and art and seeing creativity as being one thing rather than something living in compartments. Art influenced my research in chaos and complexity, and blurring boundaries characterized my work as dean of engineering when creating educational/research initiatives in design, art, entrepreneurship, energy, and sustainability. I also received visible external recognition as a Guggenheim Fellow and member of both the National Academy of Engineering and the National Academy of Sciences, as well as the American Academy of Arts and Sciences.
This book will open your eyes and make you see the world with an augmented lens.
Networks are everywhere; in biology, social systems, economics, and technologies, and the study of networks connects mathematics, physics, computer sciences, biology, and social sciences, producing fascinating connections. This book brings together all this, highlighting the interconnections between ideas and technical work in different areas and telling us how networks emerge, and how they evolve.
A cocktail party. A terrorist cell. Ancient bacteria. An international conglomerate. All are networks, and all are a part of a surprising scientific revolution. In Linked , Albert-Laszlo Barabasi, the nation's foremost expert in the new science of networks, takes us on an intellectual adventure to prove that social networks, corporations, and living organisms are more similar than previously thought. Barabasi shows that grasping a full understanding of network science will someday allow us to design blue-chip businesses, stop the outbreak of deadly diseases, and influence the exchange of ideas and information. Just as James Gleick and the Erdos-Renyi model…
Joanne McNeil has written about internet culture for over fifteen years. Her book considers the development of the internet from a user's perspective since the launch of the World Wide Web. Her interest in digital technology spans from the culture that enabled the founding of major companies in Silicon Valley to their reception in broader culture.
Beginning with Stewart Brand’s influence through his projects like The Whole Earth Catalog, the WELL, and Wired magazine, this book examines the unique culture of Silicon Valley. An essential history and one that clarifies the tech industry’s seemingly contradictory values of revolution and corporate power.
In "From Counterculture to Cyberculture", Fred Turner details the previously untold story of a highly influential group of San Francisco Bay Area entrepreneurs: Stewart Brand and the Whole Earth network. Between 1968 and 1998, via such familiar venues as the National Book Award - winning "Whole Earth Catalog", the computer-conferencing system known as WELL, and, ultimately, the launch of the wildly successful Wired magazine, Brand and his colleagues brokered a long-running collaboration between San Francisco flower power and the emerging technological hub of Silicon Valley. Thanks to their vision, counterculturalists and technologists alike joined together to reimagine computers as tools…
I’ve spent more than a decade working on infrastructure, from my early days at LinkedIn, where we had to do a massive DevOps transformation to save the company, to co-founding Gruntwork, where I had the opportunity to work with hundreds of companies on their software delivery practices. From all of this, I can say the following with certainty: the DevOps best practices that a handful of the top tech companies have figured out are not filtering down to the rest of the industry. This is making the entire software industry slower, less effective, and less secure—and I see it as my mission to fix that.
This book felt like a chance to sit with a few experienced Ops people and hear their war stories.
The book is full of concrete, actionable learnings that are essential for running software, including operational requirements (e.g., configuration, draining, hot swaps, feature toggles, graceful degradation, etc.), software architecture (e.g., three-tier web service, four-tier web service, load balancing models etc.), scaling patterns (e.g., horizontal duplication, service splits, caching, etc.), resiliency patterns (software vs hardware resiliency, spare capacity, failure domains, etc.), and much more.
I loved being able to pick up decades of experience and hard-won knowledge by just flipping through a few pages of a book!
"There's an incredible amount of depth and thinking in the practices described here, and it's impressive to see it all in one place."
-Win Treese, coauthor of Designing Systems for Internet Commerce
The Practice of Cloud System Administration, Volume 2, focuses on "distributed" or "cloud" computing and brings a DevOps/SRE sensibility to the practice of system administration. Unsatisfied with books that cover either design or operations in isolation, the authors created this authoritative reference centered on a comprehensive approach.
Case studies and examples from Google, Etsy, Twitter, Facebook, Netflix, Amazon, and other industry giants are explained in practical ways that…
I have worked in IT for over 25 years, creating and securing software. I am completely obsessed with ensuring that our software is more reliable, that its integrity can be trusted, and that it keeps our secrets safe. I am not only a computer scientist but an ethical hacker who works hard to create a dialogue between software developers and all of the people who work in our security industry. I am a teacher, a community leader, and a computer nerd who shares messages and lessons wherever she goes.
This book is set in the same universe as The Phoenix Project and The Unicorn Project, but it's at a new company named investments unlimited.
It's also a fictitious story, but with all brand new characters, and brand new problems! In this book they cover security much more deeply than any of the other previous books, talking about how compliance and audit can work together with the information security and DevOps teams.
They talk about common problems that I have faced in many organizations, and a lot of the stories feel so familiar I wonder if the authors have followed me around throughout my career.
Although of course they save the day in the end, there are many parts of the book where we're not quite sure if they're going to make it or not with various characters learning to see things in new ways, so that they can make…
In the vein of the bestselling The Phoenix Project and The Unicorn Project, Investments Unlimited radically rethinks how organizations can handle the audit, compliance, and security of their software systems-even in highly regulated industries. By introducing concepts, tools, and ideas to reimagine governance, Investments Unlimited catalyzes a more humane way to enable high-velocity software delivery that is inherently more secure.
Investments Unlimited, Inc. has accomplished what many other firms in their industry have failed to do: they have successfully navigated the transition from legacy ways of working to the digital frontier. With the help of DevOps practices, Investments Unlimited delivers…
I am an information architect, writer, and community organizer on a mission to make information architecture education accessible to everybody. I started practicing IA in pure pursuit of stronger visual design, but in the two decades since have developed an insatiable appetite for understanding and teaching the practical skills that make people better sensemakers, regardless of their role or medium. The books I chose for this list are all foundational to me becoming the sensemaker that I am today. I offer them as suggestions because they are not the books you will find should you search for “Information Architecture” yet they have all become my go-to recommendations for helping others to strengthen their own sensemaking.
You might not think of excitement when you hear the words “Digital Governance” but I can assure you that this book is a real page-turner…especially if your job involves managing large-scale information messes. There is a special kind of chaos that only information and knowledge workers can understand and this book paints a picture so many of us have seen in practice but in a way that leaves the reader inspired to fight another day, instead of wallowing in a sea of information-induced self-pity.
I recommend this book because I have seen too many information architecture efforts die on the vine due to a lack of good governance. The frameworks and recommendations in this book mean I always have a playbook to hand to teams in need.
Few organizations realize a return on their digital investment. They’re distracted by political infighting and technology-first solutions. To reach the next level, organizations must realign their assets—people, content, and technology—by practicing the discipline of digital governance. Managing Chaos inspires new and necessary conversations about digital governance and its transformative power to support creativity, real collaboration, digital quality, and online growth.
Ever since touching my first computer (the Apple IIC) in 1985, broadcasting a radio show in 1988, logging onto the world wide web in 1991, launching my first podcast in 2004 or producing the highly viewed YouTube show The Download in 2020 I've been interested in what Marshall McLuhan has dubbed, "The Medium is the Message." Not only how media and technology are used but how it intersects with humanity, education, entertainment, marketing and popular culture to drive word of mouth. To me, marketing isn't just about the technology or the quantified metrics but about how it shapes long lasting impressions on people and leads to sustained behavioral change.
Shirky explained the fascination with how everyone becomes media long before TikTok was even a gleam in the eye of its founder Zhang Yiming. In this world that becomes louder, faster, and where attention is harder to come by we might think that it becomes every person for themselves. Not so. Communities become stronger and we enter the age of "We" rather than the age of "Me." A fascinating read on the power of organizations that don't rely on traditional organization hierarchies. If you want to know how good ideas spread in the 21st Century, this is a good book to read.
“A fascinating survey of the digital age . . . An eye-opening paean to possibility.” —The Boston Globe
“Mr. Shirky writes cleanly and convincingly about the intersection of technological innovation and social change.” —New York Observer
An extraordinary exploration of how technology can empower social and political organizers
For the first time in history, the tools for cooperating on a global scale are not solely in the hands of governments or institutions. The spread of the internet and mobile phones are changing how people come together and get things done—and sparking a revolution that, as Clay Shirky shows, is changing…
I have been an information technology and cybersecurity professional for over two decades. I’ve learned over and over again that “people are the weakest link.” You can build the most secure system in the world, with stringent password requirements. But if the user writes their password down and leaves it where someone else can see it, system security is irrelevant! The easiest way to gain access to a system is via “social engineering” – to trick a human being into giving you the access you need, rather than trying to hack the systemitself. The books on this list will help the reader lower their chances of being exploited like this.
Security expert Bruce Schneier wrote this excellent book, talking about the “Goliaths” who are looking to exploit individuals’ data. Focusing more on politics (specifically US politics) than the other books on this list, Schneier talks about the Edward Snowden classified information reveal. He talks about mass surveillance conducted by the US and other governments around the world, and lays out in detail why this should concern us all.
Data is everywhere. We create it every time we go online, turn our phone on (or off) or pay with a credit card. This data is stored, studied, bought and sold by companies and governments for surveillance and for control. "Foremost security expert" (Wired) Bruce Schneier shows how this data has led to a double-edged Internet-a Web that gives power to the people but is abused by the institutions on which those people depend.
In Data and Goliath, Schneier reveals the full extent of surveillance, censorship and propaganda in society today, examining the risks of cybercrime, cyberterrorism and cyberwar. He…
I am a scientist and technologist, trained in theoretical quantum physics, who became an Emeritus Professor of Network Technology from Oslo’s metropolitan university. I’ve strenuously tried to communicate the wonder of science to students and industry throughout my career. I’m also a long-standing fan of science fiction who grew up with heroes in both fact and fiction. The idea of future society has haunted me my whole life. I’m an optimist, who looks to the darker tales as warnings of futures we hope to avoid. Read these tales with a determination for us all to do better.
This book is not fiction, but rather a popular book about the direction of technology.
It was part of the original source inspiration for my own book. Written in 2003, it looked into the research about how mobile devices were beginning to change society, and redraw the lines to lead to modern tribalism. The book is now dated, as we have lived through twenty years of experience and much has changed.
Nevertheless, as a portrait of a moment in history, eminently readable, this book is an eye-opener.
How the convergence of mobile communications and computing is driving the next social revolution-transforming the ways in which people meet, mate, work, buy, sell, govern, and create. When Howard Rheingold sneaks off down an untrodden trail, everyone else follows. He is always onto something marvelous no one has seen before. An ever-considerate guide, he navigates this new world with ease, compassion, and grace, and gives you the inside story, with no punches pulled. Tech talk? Howard could get your mother to understand. }From Tokyo to Helsinki, Manhattan to Manila, Howard Rheingold takes us on a journey around the world for…
Researching DevilsGame, about an Internet meltdown caused by an unknown evil, I exposed myself to some harrowing truths. I learned how astonishingly frail our internet ecosystem is and how imperiled it is by bad actors who have burrowed deeply and often invisibly into its infrastructure. So, beyond writing a fictional thriller, I was moved to ring a warning bell! And I hope by formatting DevilsGame as “hyperlinked fiction,” mixing real news sites with fictional sites created for the novel, readers will experience the story in a way that parallels and parodies the way we experience real, live crises these days: navigating from fact to fiction, often without observing the boundaries.
I was stunned by the authors' dire and dramatic warning that the interests and methods of two mighty authoritarian regimes–China and Russia–are increasingly coming into alignment, and this alignment is spawning increasingly deadly threats to, and attacks on, the very foundations of our democracy and national security.
I found myself agreeing as the authors demonstrate how the United States government is failing to fully acknowledge and effectively respond to these massive threats–but I was also somewhat encouraged, as they do offer solutions and provide a ray of hope that we can restructure our approach to Chinese and Russian threats by streamlining our bureaucratic agencies and purpose-building them to directly confront them.
The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response. Halting this digital aggression will require Americans to undertake sweeping changes in how we educate, organize…
