One of my favorite parts about talking to cybersecurity professionals is asking how they landed in the industry. Few tell me about a straight path to their career, like attending college or earning a certification. Most launch into an interesting tale of their non-traditional career paths.

When I share these stories, I’m often asked how someone can find their way into the field. One of the best ways is by listening to podcasts. Those wondering about the field can learn about potential professions this way. Experts can also use podcasts to learn how cybersecurity relates to business. And even better, some of the podcasts will make you laugh.

Here are my top five picks for podcasts to follow in 2022:

Unsupervised Learning

If you want to get a concise (8 to 15 minutes) roundup of what has happened in cybersecurity over the past week, then this is your podcast. Recent episodes touched on a bounty paid by Coinbase for a security bug and whether the TikTok algorithm rewards different types of content based on geography. The episodes meet the promise of their tagline. It’ll give you something to think about and prepare you for what’s happening next. But fair warning, the host does liberally sprinkle in his view on politics and policies.

Smashing Security

Want to laugh? Press play on Smashing Security and hear about the funny side of SNAFUs, which often border on the absurd. This podcast tends to pick up more lesser-known events that will usually make you laugh out loud. Everything ranging from cosplay, dead hamsters and Pokemon has been discussed recently – and yes, he manages to tie it all back to security, at least in some fashion. Most episodes include guests, which is a great way to get more perspective.

The CISO Minute

Literally, got two minutes? This podcast boils down the news to the top stories and gives you just the facts. And the host is about as high profile as you can get: Theresa Payton, former White House CIO. Sadly this podcast isn’t producing new episodes, but listening to previously recorded podcasts is a great way for a newbie to the industry to learn about past events.

Darknet Diaries

Think “This American Life” where every episode talks about the dark web, and you’ve got Darknet Diaries. This one ranks as my favorite with its journalistic flair and real-life tales. I especially like how the host talks to different experts each week to add a different perspective. But I have to admit that my favorite episodes are those where he interviews a threat actor to get a firsthand view of their world. I especially enjoyed episode 107, about how attacker Alethe worked as a social engineer and even won a contest. Her account of wondering how the person she scammed felt was especially insightful and thought-provoking. The episodes in this podcast are about an hour long. Because of that, it’s a good one to save for a jog or a road trip.

Risky Business

This show is the longest-running podcast on this list, having been ‘on the air’ since 2007. While other podcasts on this list upload new content weekly, Risky Business posts two or three episodes a week. Each episode discusses multiple topics related to current events and typically goes very deep on the subject. Risky Business focuses more on global news and how political events affect cybersecurity than the others, which adds a new point of view.

Honorable Mention: Into the Breach

Security Intelligence has its very own cybersecurity podcast too! Consisting of just six episodes, this show aired earlier this year as a limited mini-series. Into the Breach dives into the cyber world and helps to provide the knowledge and tools necessary to better protect against security breaches. Each episode includes an interview with a security expert from varying fields to provide different and insightful perspectives on a number of cybersecurity topics.

So the next time you are out for that run, riding that commute or just looking for some audio entertainment, check out one of these podcasts. You might be surprised at what you learn, or how hard you laugh.

More from CISO

Who Carries the Weight of a Cyberattack?

Almost immediately after a company discovers a data breach, the finger-pointing begins. Who is to blame? Most often, it is the chief information security officer (CISO) or chief security officer (CSO) because protecting the network infrastructure is their job. Heck, it is even in their job title: they are the security officer. Security is their responsibility. But is that fair – or even right? After all, the most common sources of data breaches and other cyber incidents are situations caused…

Transitioning to Quantum-Safe Encryption

With their vast increase in computing power, quantum computers promise to revolutionize many fields. Artificial intelligence, medicine and space exploration all benefit from this technological leap — but that power is also a double-edged sword. The risk is that threat actors could abuse quantum computers to break the key cryptographic algorithms we depend upon for the safety of our digital world. This poses a threat to a wide range of critical areas. Fortunately, alternate cryptographic algorithms that are safe against…

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Emotional Blowback: Dealing With Post-Incident Stress

Cyberattacks are on the rise as adversaries find new ways of creating chaos and increasing profits. Attacks evolve constantly and often involve real-world consequences. The growing criminal Software-as-a-Service enterprise puts ready-made tools in the hands of threat actors who can use them against the software supply chain and other critical systems. And then there's the threat of nation-state attacks, with major incidents reported every month and no sign of them slowing. Amidst these growing concerns, cybersecurity professionals continue to report…