There is a lot of information available these days on information security (which is often called cybersecurity), threats, vulnerabilities, data breaches, and cybersecurity news in general. Where does one go, and importantly, how do people know if they are getting good, trustworthy information.
I often use the CARS Checklist for Evaluating Sources (Bellevue University, n.d.):
trustworthy source, author’s credentials, evidence of quality control, known or respected authority, organizational support. Goal: an authoritative source, a source that supplies some good evidence that allows you to trust it.
up to date, factual, detailed, exact, comprehensive, audience and purpose reflect intentions of completeness and accuracy. Goal: a source that is correct today (not yesterday), a source that gives the whole truth.
fair, balanced, objective, reasoned, no conflict of interest, absence of fallacies or slanted tone. Goal: a source that engages the subject thoughtfully and reasonably, concerned with the truth.
listed sources, contact information, available corroboration, claims supported, documentation supplied. Goal: a source that provides convincing evidence for the claims made, a source you can triangulate (find at least two other sources that support it).
Below, I list some sites that I check regularly and find useful for cybersecurity information. This is not a comprehensive list by far, but this would give most people a good starting place.
The Security Bloggers Network: http://securitybloggersnetwork.com/
Krebs on Security. Brian Krebs’ excellent security news and investigative site. Well written blog on current cybersecurity events: https://krebsonsecurity.com/
Blogs at the SANS Institute. The SANS Institute hosts various blogs on different cybersecurity topics. Some very good work here: https://www.sans.org/security-resources/blogs
Security Magazine: http://www.securitymagazine.com/topics/2236-cyber-security-news
US-CERT. The United States Computer Emergency Readiness Team: https://www.us-cert.gov/
CARS Checklist (n.d.). CIS 629, Managing Emerging Technologies, Bellevue University.
Harris, R. (2015, January). Evaluating Internet Research Sources. Retrieved June 18, 2017, from http://www.virtualsalt.com/evalu8it.htm
C.A.R.S. Checklist (n.d.). CLRC Writing Center. Santa Barbara City College. Retrieved from https://www.sbcc.edu/…/CARS%20Checklist%20for%20Evaluating%20Sources.pdf