A blog about IT security by Bruce Schneier, I don't have much to say about it, I kept it in my bookmarks to look about recent IT security issues, he seems to be some kind of major authority on his field, but I'm not that of an expert in that.
One post I liked very much is: https://www.schneier.com/essays/archives/2016/03/data_is_a_toxic_asse.html
I totally agree on that, all that data that is stored is just problematic and should be deleted by default, if no longer needed, that is at least how I handle things and how I argue with sheeple that do not understand those issues. The mere existence of data is a security risk, so it should be deleted by default, never stored by default. All or most of other IT security related issues probably boil down to that point. IT security is only needed, if there is something to protect and the best security is to have nothing that needs to be secured, but I'm already going too philosophical again, this is just a link entry.