Product News

Find out about our new product features, the latest platform changes, and discover company announcements before anyone else.

Risk Management

Stay up to date on third-party risk management best practices and techniques, and learn about new regulations for third party risk.

Security Research

Keep up with research around the biggest data breaches, malware infections, IoT risks and all the latest news in cybersecurity.

Top 12 Information Security Twitter Accounts You Have to Follow

The information security industry moves at an incredibly quick pace, and sometimes it’s difficult to keep up with the the most recent updates, hacks, and data leaks that pose a threat to your organization. Social media is an excellent and quick way to ensure that you’re continuously informed on the latest security threat what’s most pressing.

We’ve curated a list of 12 Twitter accounts that you and your department might find helpful

1. @Troyhunt and @haveibeenpwned | Troy Hunt



Troy Hunt is a security researcher, blogger, and speaker who currently runs, a service that notifies subscribers if their email address is part of a data breach. We’ve featured Troy Hunt on our blog before, and the two Twitter accounts he runs often discuss the latest data breach, new site vulnerabilities, or the rumblings of a potential data breach before it’s widely reported.


2. @e_kaspersky | Eugene Kaspersky



Eugene Kaspersky is currently the CEO of Kaspersky Lab, a major security software provider that also manages ThreatPost, a well-known security publishing site. Kaspersky’s Twitter account links to details on the newest vulnerabilities, news stories surrounding hacks and data breaches, and covers everything from government hacking, to cryptocurrency, to new threats across the globe.


3. @StewartRoom | Stewart Room



Stewart Room is a partner at PwC and the Global Head of Cyber Security & Data Protection Legal Services. His Twitter account offers insight on how data breaches, data protection laws, and recent changes in policies or regulations may affect enterprises. His personal website features articles on the same topics in an in-depth fashion.


4. @mikko | Mikko Hypponen



Mikko Hypponen is the Chief Revenue Officer for F-Secure, a Finnish security and privacy company that offers solutions and software for homes and businesses. As a global professional immersed in the cybersecurity space, Mikko offers unique insight into nation-state actions, protecting private and employee data, and security information in various industries, such as AI, Gaming, and IoT.


5. @joshcorman | Josh Corman



Josh Corman is the Director of the Cyber Statecraft Initiative, which ‘focuses on international cooperation, competition, and conflict in cyberspace’ as part of the Atlantic Council. In addition to tweeting about recent vulnerabilities that could affect individuals and organizations, Josh also takes on a policy-first perspective on cybersecurity and discusses cybersecurity as part of a national priority.


6. @k8em0 and @lutasecurity | Katie Moussouris



Katie Moussouris is the founder of Luta Security, a new bug bounty and vulnerability disclosure company. Both her and her company’s Twitter accounts offer insight on bug bounty program and vulnerability disclosure and coordination. (Bug bounty programs are when an organization sets up a reward program for independent security researchers to find vulnerabilities within their organization. Vulnerability disclosure coordination is the procedure of publicizing vulnerabilities in hopes that users and organizations patch the vulnerability before it is exploited.)


7. @BrianHonan | Brian Honan



Brian Honan is the head of Ireland’s first Computer Security Incident Response Team (CSIRT). His Twitter account aggregates the most recent news and updates from reputable information security sources and security research sites such as Dark Reading, Naked Security, and ThreatPost. His account is perfect for consistently updates on new stories on a day-to-day basis.


8.  @annie_bdc | Ann Barron-DiCamillo



Ann Barron-DiCamillo is a cybersecurity expert and former US-CERT Director, which is the US Computer Emergency Readiness Team, an agency that provides alerts to newly discovered vulnerabilities and coordinates defense against potential cyberattacks. Ann provides a long-term policy perspective on cybersecurity, offering insight on the security industry, how governments should treat information security as a department, and what we may be able to expect from large-scale response to recent vulnerabilities and attacks.


9. @taosecurity | Richard Bejtlich



Richard Bejtlich is a former Chief Security Strategist at FireEye, a cybersecurity company that provides a number of products and services for enterprises. Richard also runs TaoSecurity, a digital security blog. His Twitter account offers insight in response to many recent events in the global security space and also livestreams a number of related events and summits.


10. @briankrebs | Brian Krebs



Brian Krebs is an independent security journalist that is often the first to respond to major data breaches with a detailed look into who was responsible, why, and what the consequences may be for organizations and individuals. His Twitter account is a reflection of his KrebsOnSecurity site and is always up to date with the latest in attacks and security incidents.


11. @jeremiahg | Jeremiah Grossman



Jeremiah Grossman is the founder of WhiteHat Security and is the Chief of Security Strategy for SentinelOne, an endpoint protection solution provider that uses machine-learning in its approach. Jeremiah offers direct security advice and insight in his account for individuals, companies, and software developers, offering a deeper look into secure practices than others do.


12. @USCERT_gov | US-CERT



This Twitter account is the official account of the previously mentioned US Computer Emergency Readiness Team (US-CERT). It’s an automated account that links to US-CERT alerts and tips which provide information on newly discovered information, recently released security updates and patches, and general advice for keeping network and devices secure.


Get your company's Instant SecurityScorecard

Top 10 Information Security Websites You Have to Follow
Why are typosquats a risk to your organization?