You are here: Home / InfoSec Beginners Reading List

InfoSec Beginners Reading List

This is a reading list for those interested in learning more about Information Security (InfoSec).

An InfoSec beginner's reading list.

My youngest son asked about some recommended reading for ramping up on Information Security architecture and development.

This is of course a massive topic I've been involved with for decades, but I gave him my usual starter readers list (see attached photo), that I have found effective for other prospective students in the field.

There are many other great resources, but I found this an effective incremental and differential learning approach to get, and importantly keep, people excited by InfoSec.

Too many programs drown them too quickly in minutiae, or gatekeepers intentionally trying to drive away many,

I have found these a good solid beginner foundation, that has lead many on to a successful career path long term.

Side note: my youngest two sons are now both professional developers in their early 20s now making 6-digit incomes. (I was homeless at their age, so glad they are doing so well!).

This is just a very quick posting. If I have time later to elaborate about each, and why I recommend them, I will update this posting, or add new ones for each. for now I am too busy, so this will have to suffice for now.


  • Stoll's The Cuckoo;s Egg
  • Bamford's Puzzle Palace & Body of Secrets
  • Menn's Fatal System Error - has a lot of "truth" and technical reality issues but makes for good discussion related to spin in this field
  • Levy's Crypto & Hackers
  • Schneier's Secrets & Lies and Applied Cryptography
  • Stephenson's Cryptonomicon (and others of his books)
  • Kahn's Codebreakers
  • Johns' Piracy
  • Haines' Cryptanalysis


There is MUCH more once these are consumed (some need to be done so iteratively).