March 17, 2022 By Jennifer Gregory 3 min read

One of my favorite parts about talking to cybersecurity professionals is asking how they landed in the industry. Few tell me about a straight path to their career, like attending college or earning a certification. Most launch into an interesting tale of their non-traditional career paths.

When I share these stories, I’m often asked how someone can find their way into the field. One of the best ways is by listening to podcasts. Those wondering about the field can learn about potential professions this way. Experts can also use podcasts to learn how cybersecurity relates to business. And even better, some of the podcasts will make you laugh.

Here are my top five picks for podcasts to follow in 2022:

Unsupervised Learning

If you want to get a concise (8 to 15 minutes) roundup of what has happened in cybersecurity over the past week, then this is your podcast. Recent episodes touched on a bounty paid by Coinbase for a security bug and whether the TikTok algorithm rewards different types of content based on geography. The episodes meet the promise of their tagline. It’ll give you something to think about and prepare you for what’s happening next. But fair warning, the host does liberally sprinkle in his view on politics and policies.

Smashing Security

Want to laugh? Press play on Smashing Security and hear about the funny side of SNAFUs, which often border on the absurd. This podcast tends to pick up more lesser-known events that will usually make you laugh out loud. Everything ranging from cosplay, dead hamsters and Pokemon has been discussed recently – and yes, he manages to tie it all back to security, at least in some fashion. Most episodes include guests, which is a great way to get more perspective.

The CISO Minute

Literally, got two minutes? This podcast boils down the news to the top stories and gives you just the facts. And the host is about as high profile as you can get: Theresa Payton, former White House CIO. Sadly this podcast isn’t producing new episodes, but listening to previously recorded podcasts is a great way for a newbie to the industry to learn about past events.

Darknet Diaries

Think “This American Life” where every episode talks about the dark web, and you’ve got Darknet Diaries. This one ranks as my favorite with its journalistic flair and real-life tales. I especially like how the host talks to different experts each week to add a different perspective. But I have to admit that my favorite episodes are those where he interviews a threat actor to get a firsthand view of their world. I especially enjoyed episode 107, about how attacker Alethe worked as a social engineer and even won a contest. Her account of wondering how the person she scammed felt was especially insightful and thought-provoking. The episodes in this podcast are about an hour long. Because of that, it’s a good one to save for a jog or a road trip.

Risky Business

This show is the longest-running podcast on this list, having been ‘on the air’ since 2007. While other podcasts on this list upload new content weekly, Risky Business posts two or three episodes a week. Each episode discusses multiple topics related to current events and typically goes very deep on the subject. Risky Business focuses more on global news and how political events affect cybersecurity than the others, which adds a new point of view.

Honorable Mention: Into the Breach

Security Intelligence has its very own cybersecurity podcast too! Consisting of just six episodes, this show aired earlier this year as a limited mini-series. Into the Breach dives into the cyber world and helps to provide the knowledge and tools necessary to better protect against security breaches. Each episode includes an interview with a security expert from varying fields to provide different and insightful perspectives on a number of cybersecurity topics.

So the next time you are out for that run, riding that commute or just looking for some audio entertainment, check out one of these podcasts. You might be surprised at what you learn, or how hard you laugh.

More from Threat Hunting

Ermac malware: The other side of the code

6 min read - When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the MalwareHunterTeam discovered a new variant of Cerberus — known as Ermac (also known as Hook) — in late September of 2022.To better understand the new version of Cerberus, we can attempt to shed light on the behind-the-scenes operations of the…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today