Eight Cybersecurity Podcasts That Experts Say You Should Be Listening To Right Now
Increasingly, cyber and information security experts have turned to podcasts as a source of news and analysis. But with numerous podcasts to choose from, it’s becoming more difficult to decide what’s worth listening to.
Michael Bazzell, a veteran government computer crime investigator and author of Open Source Intelligence Techniques, knows cyber podcasts. His own is called “Privacy and Security,” and he says a good podcast should contain actionable information, timeliness, relevance and, of course, entertainment. (Bazzell is also a technical advisor for the hacker drama “Mr. Robot.”)
We asked a group of cybersecurity experts about what podcasts they listen to, and listed them below.
1. “Risky Business,” hosted by Patrick Gray, a former penetration tester, takes what it calls “a lighthearted look at information security news and features.” Cindy Dion-Schwarz, manager of cyber and data sciences programs at RAND, said she enjoys the show because it’s funny, smart and focuses on news. She also likes that Gray books great guests, including, in the past year, White Ops founder and chief scientist Dan Kaminsky, internet security evangelist Alec Muffett, and Fitbit security director Sarah Biskup.
“Patrick Gray has a great sense of humor.”
– CYNTHIA DION-SCHWARTZ
2. Steve Gibson, who is credited with coining the term “spyware” co-hosts “Security Now” with tech pundit Leo Laporte. The show covers important issues of computer security including current events and general best practices. Gibson is the wonky technical expert while Laporte plays the straight man who keeps things grounded.
3. The SANS Institute’s short-form daily podcast, called SANS Daily Stormcast, updates listeners on the latest security threats. Only five to ten minutes long and technical in nature, the podcast is geared toward busy security professionals. Bobby Bermudez, president of Symposit LLC, said the no-nonsense show grabs listeners and says, “Here’s what you need to pay attention to” in an age of unlimited information.
4. “Steptoe Cyberlaw” takes a look at cybersecurity issues through a legal lens. Host Stewart Baker, former general counsel for the National Security Agency, interviews journalists, policy analysts and fellow lawyers. A recent show tackled European disdain for the U.S. Computer Fraud and Abuse Act. Another discussed the difference between intelligence and cyberwarfare. RAND’s Dion-Schwarz said the podcast is especially good for those interested in government security, and is a great way to gain insight into how government security professionals think.
5. Co-hosted by cyber executive Jerry Bell and security architect Andrew Kalat, the long-form “Defensive Security” podcast covers breaches and strategies for defense. Bell and Kalat “really know their stuff,” said Adam Janofsky, a cyber reporter at The Wall Street Journal. Janofsky said he enjoys the pair’s informal yet thorough explanation of cyber headlines
“If you are listening to both [“Cyberwire” and “Defensive Security”], you won’t miss anything in the cybersecurity world.”
– ADAM JANOFSKY
Wall Street Journal
6. “Unsupervised Learning,” formerly known as the “Take 1 Security Podcast,” is the brainchild of information security professional and writer Daniel Miessler. Like other cyber podcasts, it reflects on top security stories, but, said Dion-Schwarz, Miessler’s U.S.-centric, “sky is falling” point of view helps it stand out.
7. Casey Priester, vice president at Prometheus Global, recommended “Cyberwire,” a daily podcast featuring the biggest cyber stories from the previous 24 hours. It typically packs four stories into a 15-minute listen. The Wall Street Journal’s Janofsky said he finds “Cyberwire” useful when he’s looking for a quick refresher on a particular topic while reporting a story.
8. Dating back to 2005, “Security Weekly” is ancient in podcasting term. Priester described the podcast, hosted by Paul Asadoorian, a former SANS instructor, as a “nice mix of technical and non-technical.” Episodes range from eight minutes to more than an hour and are categorized using labels like, Startup Security, Enterprise Security and Hack Naked News.