One of my favorite parts about talking to cybersecurity professionals is asking how they landed in the industry. Few tell me about a straight path to their career, like attending college or earning a certification. Most launch into an interesting tale of their non-traditional career paths.

When I share these stories, I’m often asked how someone can find their way into the field. One of the best ways is by listening to podcasts. Those wondering about the field can learn about potential professions this way. Experts can also use podcasts to learn how cybersecurity relates to business. And even better, some of the podcasts will make you laugh.

Here are my top five picks for podcasts to follow in 2022:

Unsupervised Learning

If you want to get a concise (8 to 15 minutes) roundup of what has happened in cybersecurity over the past week, then this is your podcast. Recent episodes touched on a bounty paid by Coinbase for a security bug and whether the TikTok algorithm rewards different types of content based on geography. The episodes meet the promise of their tagline. It’ll give you something to think about and prepare you for what’s happening next. But fair warning, the host does liberally sprinkle in his view on politics and policies.

Smashing Security

Want to laugh? Press play on Smashing Security and hear about the funny side of SNAFUs, which often border on the absurd. This podcast tends to pick up more lesser-known events that will usually make you laugh out loud. Everything ranging from cosplay, dead hamsters and Pokemon has been discussed recently – and yes, he manages to tie it all back to security, at least in some fashion. Most episodes include guests, which is a great way to get more perspective.

The CISO Minute

Literally, got two minutes? This podcast boils down the news to the top stories and gives you just the facts. And the host is about as high profile as you can get: Theresa Payton, former White House CIO. Sadly this podcast isn’t producing new episodes, but listening to previously recorded podcasts is a great way for a newbie to the industry to learn about past events.

Darknet Diaries

Think “This American Life” where every episode talks about the dark web, and you’ve got Darknet Diaries. This one ranks as my favorite with its journalistic flair and real-life tales. I especially like how the host talks to different experts each week to add a different perspective. But I have to admit that my favorite episodes are those where he interviews a threat actor to get a firsthand view of their world. I especially enjoyed episode 107, about how attacker Alethe worked as a social engineer and even won a contest. Her account of wondering how the person she scammed felt was especially insightful and thought-provoking. The episodes in this podcast are about an hour long. Because of that, it’s a good one to save for a jog or a road trip.

Risky Business

This show is the longest-running podcast on this list, having been ‘on the air’ since 2007. While other podcasts on this list upload new content weekly, Risky Business posts two or three episodes a week. Each episode discusses multiple topics related to current events and typically goes very deep on the subject. Risky Business focuses more on global news and how political events affect cybersecurity than the others, which adds a new point of view.

Honorable Mention: Into the Breach

Security Intelligence has its very own cybersecurity podcast too! Consisting of just six episodes, this show aired earlier this year as a limited mini-series. Into the Breach dives into the cyber world and helps to provide the knowledge and tools necessary to better protect against security breaches. Each episode includes an interview with a security expert from varying fields to provide different and insightful perspectives on a number of cybersecurity topics.

So the next time you are out for that run, riding that commute or just looking for some audio entertainment, check out one of these podcasts. You might be surprised at what you learn, or how hard you laugh.

More from CISO

How to Solve the People Problem in Cybersecurity

You may think this article is going to discuss how users are one of the biggest challenges to cybersecurity. After all, employees are known to click on unverified links, download malicious files and neglect to change their passwords. And then there are those who use their personal devices for business purposes and put the network at risk. Yes, all those people can cause issues for cybersecurity. But the people who are usually blamed for cybersecurity issues wouldn’t have such an…

The Cyber Battle: Why We Need More Women to Win it

It is a well-known fact that the cybersecurity industry lacks people and is in need of more skilled cyber professionals every day. In 2022, the industry was short of more than 3 million people. This is in the context of workforce growth by almost half a million in 2021 year over year per recent research. Stemming from the lack of professionals, diversity — or as the UN says, “leaving nobody behind” — becomes difficult to realize. In 2021, women made…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…