There are many different ways to learn. Many of us are busy and try to squeeze all we can into days. My daily ‘cheat’ is to listen to cyber security podcasts during my commute. It isn’t really a ground-breaking idea and I’m not the first to write about it. Nevertheless, it is the only way I keep up with news and new technology and I recommend it to you all.
Cyber Security Podcasts
Cyber Security is a very large world. It encompasses everything including both technical and non-technical groups. I’ve broken up the different cyber security podcasts that I listen to into several categories. Many podcasts might be considered for multiple categories, but they are only in one. If you disagree with a category, let me know! If you are the owner of the podcast and want me to say something else, let me know too. I will be updating more each week so check back!
Auditing In Cyber Security Podcasts
Auditing is an important part of Cyber Security. Organizations must comply with regulations and auditing proves they are in compliance. It is a highly specialized skillset and can be a rewarding career choice.
There is one organization that has been the leader in security auditing, and that is ISACA. It used to be known by its full name, Information Security Audit, and Control Association. ISACA controls four certifications, CISA, CISM, CGEIT, and CRISC. These certifications deal with auditing, management, governance, and risk and controls. Their podcast covers their certifications, news, and interviews with industry experts in these fields. Each episode is typically between 10-20 minutes. Details can be found here.
Career Advice For Cyber Security Podcasts
This section will cover topics about how to get into a Cyber Security role. It might include interview tips, resume tips, or interviews with professionals. If you are struggling to secure your first job in Cyber Security, check these out. If you are looking for blog posts in this category, you can check out my popular introduction to Cyber Security Roles article.
Cyber Work Podcast
The Cyber Work Podcast is run by the InfoSec Institute, a well-known training company. Many of their topics revolve around getting into certain fields within the realm of Cyber Security. The show averages about 30 minutes an episode, but some are as much as an hour long. You can check it out here.
Getting Into InfoSec Podcast
The Getting Into InfoSec Podcast is a show by a friend of the site, Ayman Elsawah. The main theme is that not everyone has the same path to a role inside Cyber Security. He highlights the many paths by interviewing people from all walks of life. The episodes are between 30-45 minutes long, and the page can be found here.
Pardon the Penetration
This youtube podcast is co-hosted by a friend of the site, Jordanne. The show started out as news and commentary and evolved into what it is today. They do a deep dive into important topics for career-minded professionals. Each episode is about 20-30 minutes, and you can find their youtube channel here.
Digital Forensics Podcasts
Digital Forensics is a very important, very technical field. These are the experts that analyze digital equipment to find what remains. They could work for law enforcement, government, private shops or freelance. If you enjoy finding needles in haystacks, this might be a good option for you.
Digital Detectives is a podcast about Digital Forensics, eDiscovery, and InfoSec. It is co-hosted by Sharon Nelson and John Simek, two forensics professionals. Their show discusses the legal issues in this arena, and the main site is a site dedicated to lawyers. It is a unique point of view and very informative. Their episodes are typically between 20 and 30 minutes long. You can find the podcast here.
Digital Forensic Survival Podcast
This podcast focuses on all aspects of Digital Forensics. It focuses on one technical topic and drills down into it for the entire episode. They have over 170 episodes and they are typically 10-20 minutes long. The website for the podcast is here and has blog posts as well as the podcast.
This podcast is a conversation between two forensic professionals, David Cowen and Matthew Seyer. They cover a range of Digital Forensics topics including news and trends, and technology. Each episode is approximately 60 minutes and is chock full of good information. I found their podcast website here but stopped posting here in 2018. 2018 to current can be found on youtube here.
Hacking covers any podcast that is about Capture-the-Flag events, learning to hack, or exploiting vulnerabilities. Some of these are very technical, like the specific coding of the exploit. Others cover the basics and are great for people looking to get started.
The Bug Hunter Podcast
This podcast created by Pentesterland can be found here. Pentesterland is a site dedicated to educating about vulnerabilities, exploits, and hacking methodology. There is a newsletter that contains some technical and non-technical information, and the same content is in the podcast. Each episode is about 20 minutes long.
Hacking Culture Podcast
This is a very interesting podcast. They do discuss hacking culture but also go into some technical details with an emphasis on Drupal. The episodes are about 60 minutes long, and the site can be found here.
Hak5 Podcast Family
Hak5 is a very popular source for hacking gear and information. Their YouTube channel has several different podcasts that cover industry news, tutorials on hacking or tech and more. The episodes average between 5 and 15 minutes apiece. Their channel can be found here.
Intrusion Diversity System Podcast
This show focuses on three topics: hacking, news, and diversity in tech. There are not enough people that talk about diversity and this show gets it. They share tips and tricks, offer career advice, and hope to inspire people as well. The episodes are about 30-45 minutes. You can find the website here.
Security Now Podcast
Security Now Podcast is hosted by Steve Gibson and Leo Laporte. Steve Gibson coins himself as the man who invented the term ‘spyware’ and the first anti-spyware program. Each week, they cover trending topics including vulnerabilities and attacks. Each episode is just about 2 hours long. You can find their website here.
Incident Response Podcasts
Incident Response professionals are Cyber Security first responders. They are the experts called in to handle complex situations. These podcasts cover the basics of what to gather on-scene, how to secure the scene, and crucial other first steps.
Brakeing Down Incident Response Podcast
This is a great, detailed show that covers anything from Malware Analysis to Threat Hunting and securing systems. The episodes run about an hour in length and can be found here. It is an offshoot of the popular Brakeing Down Security (hence the Brake-ing). This podcast is hosted by Brian Boettcher and Michael Gough.
Influencer Interview Podcasts
Some Cyber Security podcasts have an open theme where they interview people who are leaders in the field. The people being interviewed could be C-level executives, trainers, innovators, hackers, anyone that has a message. These make for some of the best podcasts because I’ve learned a lot from listening to the experiences of others. Sometimes you need to hear about a topic from someone else’s point of view to understand it better.
DevSecOps (OWASP Podcast)
The DevSecOps podcast is made by the Open Web Application Security Project (OWASP). They are an online community that gathers to discuss hacker methodology, vulnerabilities & exploits, and standard security practices. The podcast runs from about 20 minutes to 40 minutes. The discussion varies but is always cyber security-related. You can find it here.
Down the Security Rabbithole
DtSR is a podcast that alternates between news analysis and interviews. It could fit in either category, but I’ll leave it here. The show has been going on for a very long time, and the older episodes are as valid as the new ones. They mostly cover higher-level topics like Cyber Security management, frameworks, and cloud security. The episodes are between 45-60 minutes, and you can find a link here.
The New Cyber Frontier
NCF is a podcast based in Colorado, USA. The show covers topics like the economics of Cyber Security and interviews with some very interesting people. It is run by a community of intellectuals called the Logic Central Online. There are multiple hosts with different styles, but each episode runs about 30 minutes. You can find the New Cyber Frontier Podcasts here.
Recorded Future is a threat intelligence company. Their podcast, though, is much more than just about threat intelligence. Dave Bitner (also hosts the Cyberwire and Hacking Humans) is great, and interviews people who work in the field. They tell stories about technologies and tactics used and current events. It is a great listen, and usually runs about 25 minutes. You can find it here.
Sandbox Security is about the makers and breakers of Cyber Security. The host, Sean Sun, tries to capture the culture as well as the technical aspects. It is produced by Hacker Culture FM, a channel devoted to exploring the stories and knowledge of the people being interviewed. The episodes average around 30 minutes each. You can find it’s website here.
Leadership Of Cyber Security Podcasts
Podcasts in this category provide insight into the minds of CISO’s, CTO’s, CIO’s, etc. Leadership tends to have a unique perspective and I feel it is important to listen to one of these types of Cyber Security Podcasts. They have to focus on the entire security landscape and think strategically not tactically. I’ve learned a lot about the bigger picture which was invaluable to me in my career.
The CISO-Vendor Relationship Podcast
David Spark and Mike Johnson co-host the CISO-Vendor Relationship Podcast with a guest. CISO’s are often bothered by sales and marketing people. They need security tools but don’t have much time. The wrong approach can completely turn them off to whatever is being sold, even if it’s the best tool. This podcast is about how to help communication between these two groups. Each episode averages about 30 minutes. You can find the website here.
David Spark also co-hosts the Defense in Depth Podcast with Allan Alford and a guest. The point of this podcast is to take a topic and take a deep dive into it for about 30 minutes. It is always great information and from the eye of the CISO. They typically pick controversial topics and I usually learn something from each episode. You can find this podcast here.
News About Cyber Security Podcasts
There is so much that happens on a regular day to day basis in the world of Cyber Security. I follow several different podcasts to catch the news from different angles and stay up to date. These are a few of the Cyber Security podcasts I listen to every day.
Cyber Security Today
Cyber Security Today is a three-times a week news podcast. It is produced by IT World Canada and is about 5 minutes per episode. I enjoy listening to it because it is quick and to the point. They typically talk about the latest hacks, technology, and tips to keep you safe. You can find the podcasts here.
The Cyberwire Daily
The Cyberwire has two shows that I listen to and the daily news episodes are awesome. Dave Bittner is intelligent, funny and entertaining. They cover the latest news briefly, usually have an interview about a similar topic and the show is informative too. The episodes run from 20-30 minutes on average. You can find the show here.
Security in Five
Security in Five is a great news podcast that covers a lot in just 5 minutes. The show is a campaign of awareness for the risks in the world of Cyber Security. It covers topics related to current events and general security hygiene. It is informative and very quick. You can find a link to the show’s website here.
Off The Clock Podcasts
The podcasts here can still be informative but are more entertaining than the rest. This group can cover pop culture, diversity, tv shows or current events. Don’t overlook these podcasts because it is important to take breaks and have fun.
The Coolest Nerds in the Room Podcast
It’s fun, it covers trendy topics but also some serious ones too. Co-hosted by friends of the site Steph and Reggie, this podcast is great to listen to. They talk about some real stuff like diversity in Cyber Security as well as nerdy stuff like Game of Thrones. It is definitely worth a listen. The episodes are about an hour-long, and you can find it here.
Risk Management Cyber Security Podcasts
Risk Management is a huge part of the world of Cyber Security. It is much more business-oriented than other areas of cybersecurity. Risk management focuses on risk analysis, business continuity plans, and offers a new perspective on what we do.
Cyber Risk Management Podcast
This podcast is hosted by Kip Boyles from Cyber Risk Opportunities and Jake Bernstein, a cybersecurity counsel from Newman Du Wors. They speak about all aspects of risk management including some news and personal stories. They produce new episodes every 2 weeks, and each episode is about 20 minutes to 30 minutes long. You can find their website here.
True Story Cyber Security Podcasts
These podcasts take you inside the world of Cyber Security. The stories can cover Blue/Red team activities or crime stories. If you want to hear what happens behind the scenes then this category might be your favorite.
This podcast is an investigative series. They do a deep dive into a specific breach. Analyzing it from many angles, they explain how it happened. Each episode is about 40 minutes. The feature “Seasons” that cover the Russia hack and the Equifax breach. You can find the Breach podcast here.
This is one of my all-time favorite podcasts. Jack Rhysider has the perfect tone and pacing when he tells his stories. He chooses stories about hacks and interviews people involved. My favorite episode was the one about Stuxnet. It is very informative! The episodes are about 60 minutes and you can find it here.
Do You Know of Any More?
I want this list to be the best list of Cyber Security Podcasts. If you are the creator of a new podcast and want it added to the list, let me know. If you are a fan of one that I missed, let me know as well.