Security for your ears: recommended infosec podcasts

Posted by   Martijn Grooten on   Feb 14, 2017

"Don't waste your commute listening to pop music. Listen to infosec lectures and podcasts." Industry veteran Mikko Hyppönen recently shared some useful advice for those wanting to start a career in cybersecurity.

I fully agree with Mikko. In fact, I think this advice should be extended to anyone already working in cybersecurity – listening to podcasts is a good way to keep up with the constant changes in the world of security. Though I am not blessed with a daily commute, I still manage to find a lot of time to listen to podcasts, among them quite a few on security.

Here are some of my favourites.

  • If you really only have time for one short podcast a day, let it be SANS ISC's Stormcast. Presented by SANS Dean of Research Johannes Ullrich, the Daily Stormcast provides an excellent 5-minute summary of what matters in the world of security. Johannes has a very good understanding of security issues and is thus able to distinguish FUD from those threats and vulnerabilities that really matter. For this reason the podcast is very useful for those directly tasked with protecting systems and networks.

  • Almost ten years old, the weekly Risky Business podcast has long been an important fixture in the security landscape. The show is well produced and its guests often have insightful things to say, even when they are sponsored guests: host Patrick Gray never forgets that he is a journalist. It is an essential listen, both for those who want a weekly summary of security news and for those who are interested in the changes in the threat landscape and our efforts to fight those threats.

stormcastriskybusiness.jpg

  • Cyberwire is another daily security news podcast. Though not shy to mention its sponsors, the show does manage to provide a good and concise summary of what's been going on in the world of security. It too tends to avoid FUD in favour of facts and nuances.

  • The three presenters of the brand new Smashing Security are all past VB authors and speakers, thus I was excited to learn about their new adventure in podcast land. Though aimed at an audience whose understanding of security is slightly below that which I claim to possess, the podcast is presented with a good sense of humour, which has already made it one of my favourite security shows.

  • If you like interviews with security experts (or "gurus", as the show calls them), make sure you add the monthly Silver Bullet to your podcast feed. Gary McGraw, Vice President at Synopsys, tends to find interesting guests who talk about their work in and views on security. Past guests have included VB keynote speakers Ross Anderson (who was interviewed twice), Katie Moussouris, and the aforementioned Mikko Hyppönen.

Of course there are many more excellent podcasts. Most weeks, the Threatpost team look back at the stories they published that week, as well as fitting in the odd interview. Sophos researchers Chet Wisniewski and Paul Ducklin look at what was published on the Naked Security blog in their podcast. And if you'd like to hear Bruce Schneier's popular monthly Cryptogram newsletter in audio format, there is a podcast for that too.

Happy listening!

 

 

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.