Many people have asked me to put together a list of links to things to read that may help them become a security expert. I am not sure I can do that, but doing some reading is not a bad starting point. What you read out of this really depends on your interests. As I have said elsewhere, I do not believe you can be an expert on security without being an expert on some domain that security is being applied to. However, there are also some fundamentals that are important.
This list is somewhat skewed toward network and Windows security, because it is what I do. It is also woefully incomplete because I could not think of everything that would be useful. If you can, let me know. I will keep adding to it as I come up with more things. At any rate, here are some of the things that have informed my thinking.