Regardless of where you are in your career in cybersecurity – whether you have been a trusted expert for decades or are just starting out – it can be difficult to keep up with what’s happening in this fast-moving field. One way to kick-start continual learning is to tune into top cybersecurity podcasts.
Here are 10 of them that are perfect for anyone looking to stay up to date with the industry. Each of these podcasts is hosted by experienced cybersecurity journalists and features knowledgeable and noteworthy guests.
[ See RL's ConversingLabs podcast: Stay on top of key issues in SecOps and supply chain security ]
Smashing Security
The Smashing Security podcast, hosted by industry veterans Graham Cluley and Carole Theriault, is an award-winning cybersecurity podcast renowned for its coverage of topics such as cybercrime, hacking, online privacy, and internet threats. With a humorous and entertaining approach, Cluley and Theriault, along with invited guests from the cybersecurity world, engage in lively debates and discussions, offering insights and experiences.
The podcast has featured notable guests such as former world chess champion and human rights activist Garry Kasparov, renowned cybersecurity expert Mikko Hyppönen, journalist and host of the T-Minus Space Daily podcast Maria Varmazis, and more.
The hosts cover a wide range of topics, from high-profile data breaches to the latest trends in cybercrime and online privacy concerns, earning Smashing Security significant recognition within the cybersecurity community. The podcast won the Best Cybersecurity Podcast award at the Security Blogger Awards in 2018 and 2019 and the title of most entertaining cybersecurity podcast in 2022 and 2023.
Risky Business
The Risky Business podcast, hosted by Patrick Gray, is a weekly information security news and current affairs podcast covering breaking hacking news, airing insightful interviews with security professionals, and holding discussions on the latest cybersecurity trends and events.
Risky Business is highly regarded for its comprehensive coverage of cybersecurity news and its ability to analyze and dissect major security events, qualities that make it a valuable resource for staying informed about the latest developments in the cybersecurity landscape.
One of the podcast's most notable interviews was its coverage of the 2016 Democratic National Committee leaks. Gray and his team were among the first to recognize and report that the DNC hack was a state-backed operation, likely carried out by Russia, based on the evidence and indicators they observed. This coverage stood out for its insightful analysis amid the disinformation and politicization surrounding the incident.
Darknet Diaries
Darknet Diaries, hosted by Jack Rhysider, features interviews and narratives that center on hackers, cybercriminals, security researchers, and law enforcement. It covers a wide range of topics related to hacking, cybersecurity incidents, and the underground internet economy.
Notable episodes include Episode 42, which highlights Dave Kennedy's expertise in social engineering and hacking during the early days of MUDs (multi-user domains, or text-based virtual worlds), and Episode 98, where Nicole Perlroth, a cybersecurity reporter for The New York Times, provides insights into the secretive world of zero-day exploit brokers.
Rhysider's compelling storytelling and his connections within the hacking community make Darknet Diaries a captivating listen for those interested in cybercrime and internet subcultures.
"Rhysider’s hypnotic narration and deep expertise creates results that are never less than gripping."
—The New York Times
Malicious Life
The Malicious Life podcast (by Cybereason) delves into the untold stories and insider accounts behind major cybersecurity incidents, hacks, and events of the past. Ran Levi interviews hackers, security experts, and industry insiders to get their perspectives and firsthand experiences. Episodes cover a wide range of topics, including Citibank's $10.7 million hack, the Mariposa botnet, malware incidents such as Triton, deepfakes made with generative adversarial networks, and broader cybersecurity issues such as the Huawei ban and cyber-insurance.
The podcast aims to explore the human side of cybersecurity, shedding light on the motivations and backgrounds of those involved. Notable guests interviewed on the show include Yonatan Striem-Amit, CTO and co-founder of Cybereason, who discussed hacking back and active defense strategies, and veteran Russian hackers, who shared the real story behind Vladimir Levin's infamous Citibank hack in 1994.
CISO Series
The CISO Series podcast, hosted weekly by cybersecurity journalist David Spark and veteran CISOs Mike Johnson and Andy Ellis, delves into discussions, tips, and debates among security practitioners and vendors on how to improve security collaboratively. Guests have included CISOs and security leaders from organizations such as Equifax, Zions Bancorporation, World Kinect Corp., and Code42.
Recent noteworthy episodes include "Can't Talk, I'm Onboarding My Kids to Their First Soccer Practice," featuring TC Niedzialkowski, CISO of Nextdoor, who discusses the intersection of work and personal devices, as well as securing company data on personal gadgets. Another compelling episode, "We'll Invest in Resilience as Soon as the Ransom Payment Clears," features guest Thom Langford, CISO of Velonetic, who explores why companies often end up paying ransomware demands despite pledging not to.
The Security Podcasts
The Security Podcasts (by Security magazine) is hosted by Ian Thornton-Trump, CISO at Cyjax; Lisa Forte, partner at Red Goat Security; and Philip Ingram, CEO of Grey Hare Media. It delves into cybersecurity and geopolitical issues with industry experts and thought leaders, covering a broad spectrum of topics including security, defense, cyberthreats, intelligence, business, terrorism, current affairs, and geopolitical events.
Notable discussions include the Russia-Ukraine conflict, the geopolitics of the space industry, the influence of cryptocurrencies, and the role of disinformation and social media manipulation in elections. One of their recent episodes stands out for its fascinating content: Episode 22, titled "The Cybersecurity and Geopolitical Discussion," where the hosts delve into the intricacies of the contemporary space race. They explore its implications for global security and the geopolitical landscape, providing insights into the challenges and opportunities that emerge within this rapidly evolving sphere.
Down the Security Rabbit Hole (DtSR)
The Down the Security Rabbithole podcast is a long-standing weekly cybersecurity podcast that has been led by Rafal Los – also known as "@Wh1t3Rabbit" – and James Jardine since its inception in 2011. It serves as a comprehensive source for news, discussions, and insights into the cybersecurity domain. The podcast aims not only to entertain, but also to educate its audience on diverse cybersecurity facets through interviews, analyses, and discussions on current events, emerging threats, and industry trends.
Among its notable episodes, Episode 577 delves into the lawsuit that the U.S. Securities and Exchange Commission brought against SolarWinds and its CISO, Timothy Brown, unraveling misconceptions surrounding the indictment, and Episode 575 explores strategies for managing an excessive array of security tools, with insights from Andrew Morris and Tom Venables from Turnkey Consulting.
CyberWire Daily
The CyberWire Daily podcast, hosted by Dave Bittner, is a daily podcast offering news and analysis on the latest developments, threats, and insights in the cybersecurity industry. It features interviews with experts from various organizations, providing in-depth analysis and commentary on current cybersecurity events, vulnerabilities, and trends. One episode worth checking out is "Operation Endgame," which covered the takedown of major malware operations, the Ticketmaster data breach, and an alleged leak of Google's search algorithm.
Notable guests have included Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, who discussed software security and the importance of addressing vulnerabilities, and Carrie Hernandez Marshall, CEO of Rebel Space Technologies, who spoke about the need to extend cybersecurity practices into the space domain.
Security Now
Security Now is an award-winning podcast hosted by cybersecurity expert Steve Gibson and technology journalist Leo Laporte. It focuses on analyzing the latest cybersecurity threats, vulnerabilities, and digital privacy issues in depth. The show airs live every Tuesday and covers a wide range of topics related to cybercrime, malware, data breaches, encryption, authentication, software/hardware vulnerabilities, and more.
Among its notable episodes, Episode 973 raises concerns about digital security that have intensified with the vulnerability of GPS systems, raising alarms about the potential weaknesses in all VPN systems. Additionally, it explores the implementation and management of multi-user passkeys and YubiKeys.
Paul's Security Weekly
Paul's Security Weekly is a popular cybersecurity podcast, hosted by Paul Asadoorian, covering a wide range of topics related to information security, hacking, and cyberthreats. It features interviews with notable figures in the security community, technical segments on specific security concepts, and discussions on the latest security news and trends.
Notable guests on the show have included Winn Schwartau, who discussed the evolution of cyberthreats and the need for new security strategies; Jeremiah Grossman, who shared insights from his experience in web security and risk management; and Joshua Corman, who offered practical strategies and perspectives on industry challenges. Key episodes have explored supply chain security with James McMurry, discussed PCI 4.0, and featured a keynote by Mikko Hyppönen on the evolution of ransomware and AI's impact on its future.
Don't miss ReversingLabs' ConversingLabs podcast
Join host Paul Roberts, content lead at ReversingLabs, for practitioner-focused podcast aimed at getting you up to speed on malware analysis, threat hunting and software supply chain security. Each episode of ConversingLabs dives into the most pressing security topics, with the help of some of the industry’s brightest experts.
