The best computer security books

6 authors have picked their favorite books about computer security and why they recommend each book.

Soon, you will be able to filter by genre, age group, and more. Sign up here to follow our story as we build a better way to explore books.

Shepherd is reader supported. When you buy through links on our website, we may earn an affiliate commission (learn more).

Cybersecurity Is Everybody's Business

By Scott N. Schober, Craig W. Schober,

Book cover of Cybersecurity Is Everybody's Business: Solve the Security Puzzle for Your Small Business and Home

Cybersecurity is Everybody’s Business is a great book that focuses not only on the how to keep your data safe, but on the very critical why this is important. Author Scott Schober suffered a grievous cyberattack in a previous business, and he brings his experience to the forefront in this guide. Joined by his brother as co-author, they focus on cybersecurity for the home and small business – environments that are unlikely to employ full-time cybersecurity professionals. (That’s why these places are often targets for the bad guys!)


Who am I?

I have been an information technology and cybersecurity professional for over two decades. I’ve learned over and over again that “people are the weakest link.” You can build the most secure system in the world, with stringent password requirements. But if the user writes their password down and leaves it where someone else can see it, system security is irrelevant! The easiest way to gain access to a system is via “social engineering” – to trick a human being into giving you the access you need, rather than trying to hack the system itself. The books on this list will help the reader lower their chances of being exploited like this.


I wrote...

10 Don'ts on Your Digital Devices: The Non-Techie's Survival Guide to Cyber Security and Privacy

By Eric J. Rzeszut, Daniel Bachrach,

Book cover of 10 Don'ts on Your Digital Devices: The Non-Techie's Survival Guide to Cyber Security and Privacy

What is my book about?

In nontechnical language and engaging style, 10 Don’ts on Your Digital Devices explains to non-techie users of PCs and handheld devices exactly what to do and what not to do to protect their digital data from security and privacy threats at home, at work, and on the road. These include chronic threats such as malware and phishing attacks and emerging threats that exploit cloudbased storage and mobile apps.

Through ten vignettes told in accessible language and illustrated with helpful screenshots, 10 Don’ts teaches non-technical readers ten key lessons for protecting your digital security and privacy with the same care you reflexively give to your physical security and privacy.

Digital Fortress

By Dan Brown,

Book cover of Digital Fortress

Ah, Dan Brown. Love him or hate him, he’s a paragon of the modern thriller. Let’s go way back to 1998. It was pre-DaVinci Code, and he released his first novel, Digital Fortress. For the time period, it was a unique idea. A woman cryptologist at the NSA gets embroiled in a high-stakes murder mystery and the only way through is to solve the code. There are a lot of issues with this book, primarily that the author couldn’t be bothered to check his work and misuses bits and bytes throughout the whole novel which makes the code-breaking premise ridiculous. But to be fair, this was 1998 and for a first novel, it’s still a fun ride. So, if you’re a Dan Brown fan or love a fast-paced easy read give it a try. If you have even a basic understanding of how encryption works you may…


Who am I?

I’m just a book-loving girl working in a corporate world who’s sick to death of the inaccurate representations of technology in fiction. FYI, tracing a phone call is instantaneous, no need to keep that pesky murderer on the line these days. Technology is so ingrained in our daily lives and most people have very limited knowledge of what it actually does, so I became fascinated with the idea of using real modern-day tech in murder mysteries. I got so obsessed with the idea I decided to write it. No Sci-Fi of future tech, it may seem farfetched, but all the electronic wizardry used in my novels is real and accurately represented.


I wrote...

There is No Cloud

By Kat Wheeler,

Book cover of There is No Cloud

What is my book about?

Cameron Caldwell is living her best life…. Well sort of. Turns out moving to New York City isn’t exactly like Sex and the City. But she does have her dream job working for the world's largest Smart Home Technology company. Her job is basically herding cats with an expense account. The monotony of being a corporate sales rep is made tolerable by her two supportive work besties Bill and Phil. But when Cameron discovers something strange in one of her customer's technology her life takes a dramatic turn. Partnering with NYC homicide detective Will Justus, Cameron uses her insider knowledge to help solve a series of murders with the same technology used to commit them.

Real-World Cryptography

By David Wong,

Book cover of Real-World Cryptography

Although David is a friend, I only recommend his book because it’s great, both in terms of content and presentation. Real-World Cryptography is today’s reference book about cryptographic tools and applications: Modern schemes such as the SHA-3 hash function and the Noise protocol framework, end-to-end encryption protocols, cryptocurrencies’ cryptography mechanisms, as well as emerging techniques like fully-homomorphic encryption and multi-party computation; Wong’s book delivers a practice-oriented, accessible introduction, enriched by many visual illustrations (including original comics strips!), and exercises (with their solutions). 


Who am I?

I started learning cryptography in the early 2000s with books borrowed from my university’s library, and with information I could find online. Since then I’ve practiced cryptography for 15 years in a variety of contexts: as an academic researcher, while working on my PhD; as a cryptography engineer for software and hardware pay-TV systems; as a consultant for private and public sector clients; as a vulnerability researcher in my spare time; as a code auditor for cryptography projects; as a start-up founder in the domain of IoT security; and as CSO (chief security officer) of a fintech start-up. I live in Lausanne, Switzerland, and besides crypto I enjoy literature, rock climbing, and playing classical guitar.


I wrote...

Serious Cryptography: A Practical Introduction to Modern Encryption

By Jean-Philippe Aumasson,

Book cover of Serious Cryptography: A Practical Introduction to Modern Encryption

What is my book about?

This practical guide to modern encryption breaks down the fundamental mathematical concepts at the heart of cryptography without shying away from meaty discussions of how they work. You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.

Building Secure and Reliable Systems

By Heather Adkins, Betsy Beyer, Paul Blankinship, Ana Oprea, Adam Stubblefield

Book cover of Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems

This book captures lessons from many authors at Google, some of whom I’ve worked with over the years. The chapters on availability (7, 8, 9) were a revelation to me. I had no idea how Google approaches the topic of resilience and recovery in their systems, and I now think of the whole topic very differently. The biggest takeaway is how to think about the design of systems.


Who am I?

Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.


I wrote...

Threat Modeling: Designing for Security

By Adam Shostack,

Book cover of Threat Modeling: Designing for Security

What is my book about?

How to anticipate and address software threats before you’ve written a line of code. The proven tools in this book can be applied by anyone. They give you a structured and systematic approach that are be applied at any scale – from a website built with CI/CD to complex waterfall projects like spacecraft.

This book captures years of experience in a simple, accessible, and practical way.

Designing Secure Software

By Loren Kohnfelder,

Book cover of Designing Secure Software: A Guide for Developers

Loren’s been contributing to security for over 40 years, and this book captures his hard-won wisdom in a way that’s both humble and accessible. It scales from principles and design approaches to in-depth explanations of exactly how things go wrong and how to avoid those problems. (Also, I was honored to write the foreword.)


Who am I?

Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.


I wrote...

Threat Modeling: Designing for Security

By Adam Shostack,

Book cover of Threat Modeling: Designing for Security

What is my book about?

How to anticipate and address software threats before you’ve written a line of code. The proven tools in this book can be applied by anyone. They give you a structured and systematic approach that are be applied at any scale – from a website built with CI/CD to complex waterfall projects like spacecraft.

This book captures years of experience in a simple, accessible, and practical way.

Software Security

By Gary McGraw,

Book cover of Software Security: Building Security in

Gary McGraw has been an advocate for the importance of developing secure software during the more than 15 years that I have known him, and before that! He has written a number of books, but this one captures his philosophy on how to develop secure software. It’s an excellent resource for practitioners and management.


Who am I?

As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.  


I wrote...

Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

By Nancy R. Mead, Carol Woody,

Book cover of Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

What is my book about?

I saw a need for books on cybersecurity that could be used both in educational settings and in practice. I like this book because it focuses on developing and acquiring assured software and systems, and it provides a risk-aware orientation, while making practical suggestions for getting started. The book covers a wide variety of software security topics for both developed and acquired software, provides copious references, and gives the readers a roadmap for implementation of good cyber security practices for developing and acquiring assured software.

Secure Coding in C and C++

By Robert C. Seacord,

Book cover of Secure Coding in C and C++

The title says it all. This is probably one of the first, if not the first book on secure coding, by a pioneer in the field. Robert worked tirelessly to make this happen. Although the book has been superseded by the secure coding standards that evolved from it, it is still a good read and contains a lot of useful information for developers.  


Who am I?

As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.  


I wrote...

Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

By Nancy R. Mead, Carol Woody,

Book cover of Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

What is my book about?

I saw a need for books on cybersecurity that could be used both in educational settings and in practice. I like this book because it focuses on developing and acquiring assured software and systems, and it provides a risk-aware orientation, while making practical suggestions for getting started. The book covers a wide variety of software security topics for both developed and acquired software, provides copious references, and gives the readers a roadmap for implementation of good cyber security practices for developing and acquiring assured software.

Computer Security

By Matt Bishop,

Book cover of Computer Security: Art and Science

Although strictly speaking, this book is not on software security, it is so well-known in the field as a general reference that it deserves to be on this list. It discusses the important issues of computer security and can be used as either a textbook or a reference. No doubt that many, if not most, students of computer security are familiar with this book.


Who am I?

As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.  


I wrote...

Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

By Nancy R. Mead, Carol Woody,

Book cover of Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

What is my book about?

I saw a need for books on cybersecurity that could be used both in educational settings and in practice. I like this book because it focuses on developing and acquiring assured software and systems, and it provides a risk-aware orientation, while making practical suggestions for getting started. The book covers a wide variety of software security topics for both developed and acquired software, provides copious references, and gives the readers a roadmap for implementation of good cyber security practices for developing and acquiring assured software.

Headstrong

By Melanie Rachel,

Book cover of Headstrong: Book One

Whereas Darcy caught more of my attention in the last book pick, a modern, resilient Elizabeth drew me into this story. This is the first of three volumes in a trilogy about ex-Marine, terrorism survivor, and cybersecurity expert Elizabeth and businessman Darcy. Not as much angst between the two principal characters, but plenty of action to be had in this one.


Who am I?

Austen-inspired works are nothing new (think the movie Clueless or "The Lizzie Bennet Diaries" vlog) but unless you’re walking around the Austen fan world, you might not realize just how many books are out there. I became immersed in that world around 2006, and since then, I’ve written four Austen retellings, one Austen-inspired original novel, and several short stories. I’ve read countless other works (both published and on the internet,) and now run a little website called Austen Through the Ages. Below I list 5 Pride & Prejudice-inspired novels that ring true for me—they bring Austen’s themes and characters into modern settings, each putting a unique spin on the classic tale. 


I wrote...

1932: Pride and Prejudice Revisited

By Karen M. Cox,

Book cover of 1932: Pride and Prejudice Revisited

What is my book about?

During the upheaval of the Great Depression, Elizabeth Bennet’s life is torn asunder. Her family’s relocation from Chicago to a family farm in Kentucky has changed her future, and now, she must build a new life. William Darcy suffered family turmoil of his own, but he has settled into a peaceful life at Pemberley, the largest farm in the county. Single, rich, and seemingly content, he remains aloof—immune to any woman’s charms. Until Elizabeth Bennet moves to town. 

As Darcy begins to yearn for something he knows is missing, Elizabeth’s circumstances become more precarious. Can they put aside their pride and prejudices long enough to find their way to each other? 1932, Cox’s award-winning debut novel, is a unique twist on Austen’s classic tale.

How to Stay Safe on Social Media

By Effie Manolas,

Book cover of How to Stay Safe on Social Media: Social Media Dos and Don'ts: What Kids and Parents Should Know

This book focuses on cybersecurity for parents and teenagers, specifically focusing on social media. As a parent of a teenager myself, I know how critical this area really is. Teens are often using social networks and communication channels that their parents are mostly or completely unfamiliar with. Due to that lack of familiarity, parents have a hard time monitoring or setting appropriate limits on the ways their children use social media. Author Effie Manolas wrote this book for both parents and teens, enabling an open conversation on both the benefits and the risks of social media.


Who am I?

I have been an information technology and cybersecurity professional for over two decades. I’ve learned over and over again that “people are the weakest link.” You can build the most secure system in the world, with stringent password requirements. But if the user writes their password down and leaves it where someone else can see it, system security is irrelevant! The easiest way to gain access to a system is via “social engineering” – to trick a human being into giving you the access you need, rather than trying to hack the system itself. The books on this list will help the reader lower their chances of being exploited like this.


I wrote...

10 Don'ts on Your Digital Devices: The Non-Techie's Survival Guide to Cyber Security and Privacy

By Eric J. Rzeszut, Daniel Bachrach,

Book cover of 10 Don'ts on Your Digital Devices: The Non-Techie's Survival Guide to Cyber Security and Privacy

What is my book about?

In nontechnical language and engaging style, 10 Don’ts on Your Digital Devices explains to non-techie users of PCs and handheld devices exactly what to do and what not to do to protect their digital data from security and privacy threats at home, at work, and on the road. These include chronic threats such as malware and phishing attacks and emerging threats that exploit cloudbased storage and mobile apps.

Through ten vignettes told in accessible language and illustrated with helpful screenshots, 10 Don’ts teaches non-technical readers ten key lessons for protecting your digital security and privacy with the same care you reflexively give to your physical security and privacy.

Or, view all 21 books about computer security

New book lists related to computer security

All book lists related to computer security

Bookshelves related to computer security