Workforce Identity
Endpoint Management
Endpoint Detection & Response
Vulnerability Management
Compliance Automation
Trust Center
12 IT and security voices shaping the conversation in 2026
Finding good information in IT and security has never been the hard part. Finding the people who are genuinely advancing the conversation — the ones with fresh perspectives who are helping shape where the industry is heading — takes more effort.
We put together this list of practitioners, researchers, educators, and analysts who are active voices in the IT and security space. Whether you follow all of them or a handful, it's a starting point for building a more informed feed.
John Hammond — Security Researcher and Content Creator
Specialty: CTF challenges, malware analysis, penetration testing, security education
John Hammond is one of the most popular security educators on YouTube, known for his walkthroughs of CTF challenges, malware samples, and penetration testing techniques. He has an unusually strong ability to make technical attack and defense concepts approachable without stripping out the depth that makes them useful.
His content attracts everyone from students earning their first certifications to seasoned practitioners staying sharp on offensive techniques. He also regularly covers real-world incidents and emerging threats, making his channel a useful mix of education and timely analysis.
Best platforms:
Kane Narraway — Head of Enterprise Security, Canva | Zero Trust
Specialty: Enterprise security architecture, Zero Trust, AI security
Kane Narraway has built security programs at Shopify, Atlassian, and Canva, plus time with the UK government. He's stood up Zero Trust architectures from scratch at multiple large organizations and is notably candid about what that work actually involves: the organizational friction, the tooling tradeoffs, and the unglamorous problem-solving that most leaders don't talk about publicly.
His perspective is squarely practitioner-first, not theory-first. He digs into how security programs hold up under real enterprise conditions, and he's been a guest on Iru's own podcast. If you're in security leadership or building toward it, his work is consistently worth your time.
Best platforms:
Ross Haleliuk — Founder, Venture in Security | Security Market Analyst and Writer
Specialty: Cybersecurity market trends, venture investment, industry strategy
Ross Haleliuk writes Venture in Security, one of the most substantive newsletters analyzing the cybersecurity industry from a market and strategic perspective. His work covers how security products are built and sold, how venture capital flows through the industry, and how practitioners should think about vendor claims, market consolidation, and technology decisions.
His audience of 80,000+ includes founders, investors, security leaders, and practitioners who want to understand the industry they operate in, not just the technical problems in front of them. If you make purchasing decisions, evaluate vendors, or think about where the security market is heading, Ross is one of the most useful voices to follow.
Best platforms:
Arek Dreyer — Principal Solutions Engineer, Iru | Apple Platform Author and Community Builder
Specialty: Apple device management, IT administration, enterprise training
With more than 25 years in IT, Arek Dreyer is one of the most recognized names in the Apple platform world. He co-authored Managing Apple Devices and multiple titles in Apple's Pro Training Series, including macOS Support Essentials, and helped develop Apple's official Directory Services curriculum. He also helps run the Mac Admins Slack, a community of more than 76,000 IT professionals.
Arek hosted the first season of Patch Me If You Can, a podcast covering the real work behind modern IT and security. Whether you manage Apple devices, mixed-platform fleets, or are simply trying to understand how Apple fits into enterprise environments, his combination of technical depth and community focus makes him one of the most valuable follows in the space.
Best platforms:
Patrick Wardle — Founder, Objective-See Foundation | Author, The Art of Mac Malware
Specialty: macOS security research, malware analysis, Apple threat intelligence
Patrick Wardle is arguably the most prominent independent voice in Apple platform security. A former NSA and NASA researcher, he founded the Objective-See Foundation, which builds and distributes free macOS security tools used by practitioners worldwide. He wrote The Art of Mac Malware and created Objective by the Sea, a conference dedicated to Apple security research.
His work regularly surfaces nation-state threats, novel malware, and unpatched vulnerabilities affecting enterprise Apple deployments, often well ahead of mainstream coverage. For anyone responsible for endpoint security where Apple devices are in scope, Patrick's research is essential.
Best platforms:
Network Chuck — Content Creator | IT and Networking Educator
Specialty: Cloud, cybersecurity fundamentals, IT career development
Network Chuck has built one of the largest IT education audiences on the internet by making complex networking and security concepts genuinely accessible. His YouTube channel covers everything from home lab setup to cloud certifications to ethical hacking, and his content tends to make even dry topics engaging.
He's particularly popular with IT professionals early in their careers and with self-taught practitioners who prefer learning through hands-on demonstration. If you're building or managing an IT team, he's also a useful lens into how the next generation of IT talent is learning.
Best platforms:
Cole Grolmus — Founder, Strategy of Security | Cybersecurity Business Analyst and Writer
Specialty: Cybersecurity strategy, market analysis, business of security
Cole Grolmus spent 12 years at PwC in the Cybersecurity, Privacy, and Risk practice before founding Strategy of Security, where he writes about the business side of the security industry. His work covers company and market analysis, strategic concepts, and the financial dynamics shaping how security products and organizations evolve.
He's particularly useful for anyone who needs to think beyond the technical layer: security leaders making vendor decisions, practitioners trying to understand where the market is heading, or anyone who wants a sharper read on the business forces influencing the tools and companies they work with.
Best platforms:
Brian Krebs — Independent Journalist | Founder, Krebs on Security
Specialty: Cybercrime investigations, data breaches, threat actor research
Brian Krebs has been one of the most important cybersecurity journalists working for more than two decades. Krebs on Security is known for original investigative reporting on cybercriminal operations, ransomware groups, data breaches, and underground markets.
His work has directly contributed to law enforcement actions against major threat actors, and he remains one of the most cited sources in the security industry. For IT and security professionals who need to understand the human and criminal infrastructure behind the threats they defend against, Krebs on Security is required reading.
Best platforms:
Caitlin Sarian — Founder, Cybersecurity Girl | Security Educator and Content Creator
Specialty: Cybersecurity education and awareness, accessible security content
Caitlin Sarian has built a 1.7 million-strong audience around one core mission: making cybersecurity understandable to people who aren't security professionals. As more organizations grapple with the human side of security, her ability to translate complex concepts into language that lands with non-technical audiences is genuinely useful.
For security leaders trying to build a security-aware culture inside their organizations, or for communications and HR teams working on security training, Cybersecurity Girl is one of the most effective models of how to do it right.
Best platforms:
Tanya Janca — Founder, SheHacksPurple | Application Security Educator
Specialty: Application security, secure coding, AppSec for developers
Tanya Janca founded SheHacksPurple to bring application security education to developers and AppSec engineers who don't always have access to high-quality training. Her community, courses, and newsletter are focused specifically on secure software development: how to build security into code from the start rather than bolt it on after.
Her audience skews toward developers and AppSec engineers, but her perspective is valuable for any IT or security team that works closely with engineering or is trying to shift security left. She's also a consistent advocate for making the security industry more inclusive and accessible.
Best platforms:
Troy Hunt — Founder, Have I Been Pwned | Security Researcher and Writer
Specialty: Data breach awareness, identity security, security education
Troy Hunt created Have I Been Pwned, the widely used service that lets individuals and organizations check whether their email addresses or passwords have appeared in known data breaches. It has become a standard tool for security teams globally, integrated directly into browsers, password managers, and enterprise security platforms.
Beyond the service itself, Troy writes and speaks consistently on identity security, breach disclosure ethics, and the practical implications of large-scale data exposure. His newsletter and weekly video updates are among the more substantive ongoing security communications in the industry.
Best platforms:
Ron Eddings — Co-founder, Hacker Valley Media | Security Podcaster and Storyteller
Specialty: Security leadership, culture, and career development
Ron Eddings co-founded Hacker Valley Media to explore a side of cybersecurity that technical blogs often miss: the human stories behind security careers, leadership challenges, and organizational culture. The Hacker Valley Studio podcast features candid conversations with CISOs, practitioners, and founders about what the work actually looks like from the inside.
For security leaders thinking about team building and culture, or for practitioners trying to understand how to grow into leadership, Ron's work fills a real gap. It's a useful complement to the more technically focused voices on this list.
Best platforms:
The practitioners, researchers, and educators shaping the conversation
The people on this list cover a lot of ground between them, spanning threat research, compliance, identity, education, and market analysis. Building a feed that pulls from a few of those areas tends to be more useful than going deep on any one, especially as the lines between IT and security continue to blur in practice. The researchers and educators on this list think across those lines regularly, and that breadth tends to show up when it matters.
If IT operations and device management are in your wheelhouse, Patch Me If You Can is worth adding to your rotation. The podcast goes deep on the day-to-day reality of managing devices and keeping organizations running. The kind of conversations that don't make it onto product pages but tend to be the most useful ones.
