Security awareness

Top Ten Information Security Thought Leaders

Dan Virgillito
February 18, 2018 by
Dan Virgillito

Living in an information age can be daunting. Even if you manage to cut out the noise of social media, and the unceasing barrage of ads, there is still an element of digital dependence that can torment you. We rely so heavily on the World Wide Web in daily life – everything from accessing our bank account to buying movie tickets. However, cybercrime is a topic that rarely strays from the headlines. It is enough to make people panic.

Essentially information security has become a critical concern for governments, companies, and individuals across the globe. Cyber-attacks and data breaches have become too lethal and too common. 2017 witnessed more than 15 data breaches, including Bell's breach that resulted in the theft of 1.9 million customer records. After experiencing large-scale data breaches and other adverse cybersecurity incidents like the WannaCry attack, we anticipate another challenging year.

Two year's worth of NIST-aligned training

Two year's worth of NIST-aligned training

Deliver a comprehensive security awareness program using this series' 1- or 2-year program plans.

However, you do not have to be on the lookout. Information security professionals are tasked with scrutinizing the systems and networks we utilize for potential threats. Cyberspace is rapidly evolving – as are the methods used by adversaries. Whether you are a student, an online consumer, or a seasoned cyber analyst, following the top information security thought leaders is a great way to stay safe and up to date on what could happen in the upcoming years.

We have compiled a list of the top 10 information security thought leaders who have shaped (and continue to impact) how we consume and exchange information over the internet.

  1. Joseph Steinberg

Currently CEO of SecureMySocial, Joseph Steinberg has spearheaded divisions and companies within the information-security arena for nearly two decades, has authored the official study guide from which CISO's worldwide study for their certification exams, and is one of the only 28 individuals worldwide to hold a collection of advanced information security certifications, CSSLP, ISSMP, CISSP, and ISSAP, implying that he holds robust knowledge of the field. Steinberg is also one of the most popular columnists in the information security field – amassing millions of readers as a regular columnist for Inc. and Forbes.

1.Allison Miller

As the president of the board of directors at the SIRA (Society of Information Risk Analysts), head of Ads Risk strategy at Google, and a board member at the ICS2 (International Information Systems Security Certification Consortium), Allison Miller's work and research in anti-abuse/anti-fraud automation keeps her at the top of the cybersecurity pack. She is also active internationally and locally on challenges relevant to online safety. Also, Allison holds expertise in building and deploying risk detection and prevention systems running at internet scale.

2. Brian Krebs

Krebs has a decade's experience of publishing cybersecurity-related blogs. His own blog,, has won 12 awards. As a regular speaker on cybercrime subjects, Krebs reported for The Washington Post between 1995 and 2009. He is perhaps best known for breaking a number of stories on essential breaches, including the breaches at Staples, Ashley Madison, Home Depot, Target and many others. Krebs has been featured on a number of top media outlets, including Bloomberg Business Week, The New York Times, and 60 minutes.

3. Mikko Hypponen

Hypponen is the chief research officer of Finland-based cybersecurity research firm F-secure. He and his teammates have worked for over two decades debugging some of the most dangerous viruses in the world, including the SoBig.F worm. Hypponen's work has been featured in numerous publications (like the Wired and New York Times magazine) and has given several high-profile TED talks on information security. Hypponen was named among the 50 most significant people on the web by PC World magazine and has also been featured in the FP Global 100 Thinkers list.

4. Bruce Schneier

Schneier is a globally renowned security thought leader, labeled a "security guru" by The Economist. He has authored 13 books, including the popular Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, as well as hundreds of academic papers and articles. Schneier has also testified before Congress, has served on numerous government committees, and is a regular guest on radio and television. His influential blog Schneier on Security and newsletter Crypto-Gram are read by thousands of people.

5. Scott N. Schober

Schober is the CEO of BVS (Berkeley Varitronics Systems) which offers advanced wireless security and test solutions. He is a highly sought after information security thought leader for media appearances. He regularly discusses wireless technology and the part it plays in cybersecurity breaches and often appears on Bloomberg TV, Good Morning America, Fox, CNN, CNBC and many other channels. Also, Schober speaks at events such as GovSec, IEEE, Espionage Research International, Espionage and many more conferences.

6. Eva Galperin

Eva Galperin is the Director of cybersecurity at EFF. Before her role at EFF, she worked in IT and Security at Silicon Valley. Her work is essentially geared towards security and privacy for vulnerable populations around the world. In that aspect, she has leveraged the combination of her technical background and political science career for everything from setting up the Tor Relay Challenge to authoring privacy and security training materials and producing research on malware in Kazakhstan, Vietnam, and Syria.

7. Katie Moussouris

Katie Moussouris is an information security pioneer. She is the founder of Luta Security and is in high demand as a consultant in both the public and the private sector. She holds expertise in helping governments and businesses work with hackers to protect themselves against cyber threats better. The cybersecurity world also recognizes Katie as the architect of the first highly effective bug bounty programs for the US government and Microsoft. She defines herself as a hacker and frequently uses Twitter to rant about new InfoSec developments.

8. Graham Cluley

Graham Cluley is a veteran of the information security industry having worked for a number of security firms since the early 1990s when he authored the first-ever release of Dr. Solomon's Anti-Virus Toolkit for Windows. In 2011, he was inducted into the Infosecurity Europe Hall of Fame. Now an independent information security analyst, he frequently makes media appearances and shares his knowledge of cybercrime on the Smashing Security podcast.

9. Alex Hutton

Alex Hutton specializes in understanding risk and security through models and metrics. He previously worked as a principal for Research & Intelligence with the Verizon Business RISK Team where he developed risk models for their Cybertrust offerings and contributed to the Verizon Data Breach Investigations Report. With a background in finance and several years of experience in information security, Hutton is a well-respected thought leader in regards to security metrics, risk management, and information security. Also, he is a founding member of the Society of Information Risk Analysts.

Get six free posters

Get six free posters

Reinforce cybersecurity best practices with six eye-catching posters found in our free poster kit from our award-winning series, Work Bytes.

Based on our judgment, these individuals are the top 10 information security thought leaders, but certainly not the only ones. If you believe another name deserves to be mentioned, let us know in comments, and we might feature them in the next iteration of this list.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.