Keeping up with cybersecurity news is a full-time job – no one has time to wade through white papers or the tech press. Thankfully, the best cybersecurity podcasts allow us to stay up to date as we’re going on with our lives.
There are some amazing shows out there for fans to listen to, all available for free. We’ve chosen the Top 8 of our favorite ones.
1. Unsupervised Learning
- Owner: Daniel Miessler @DanielMiessler
- Date of podcast launch: January 2015
- Average episode length: 20 minutes, weekly
- Three typical topics: Reports back from ENIGMA conferences, Google security breaches, Cyberwar updates
- Website: danielmiessler.com
- Available on: iTunes, Overcast, Stitcher, Spotify
Those in the cybersecurity space may know Daniel Miessler – one of the world’s top infosec experts, often seen speaking at industry conferences and shaping debates on various topics in the sphere.
His appetite for stories and new ideas led him to create Unsupervised Learning back in 2015. Since then, Miessler’s mix of eclectic subject matter and his measured authority have made UL a must-listen for those in the sector – and anyone with a geeky interest in cybersecurity.
What can you expect from a typical episode? Plenty of content, for starters. If it’s being discussed in the media and has a cybersec slant, Miessler will cover it. Or he might devote an entire episode to a major story, providing a deep dive that you won’t find anywhere else. Either way, it’s compelling stuff.
We recommend: Unsupervised Learning Ep. 241
2. Darknet diaries
- Owner: Jack Rhysider @JackRhysider
- Date of podcast launch: September 2017
- Average episode length: 60 minutes, bi-weekly
- Three typical topics: ATM hacking, the history of carding, Stuxnet
- Website: darknetdiaries.com
- Available on: RSS, iTunes, Spotify, YouTube, Google, Stitcher, Overcast (and more)
Covering “true stories from the dark side of the internet,” Darknet Diaries offers crucial reading for people who are realistic about the cyber-threats posed to today’s businesses and individuals. There’s no romanticization here, just cool analysis of hot topics dealing with crime and technology.
The person behind Darknet Diaries is Jack Rhysider of TunnelsUp blog fame – a cybersecurity expert. This podcast focuses on stories that are relevant to everyday situations. Common examples may be credit card security, IoT risks and vulnerabilities, and more.
Darknet Diaries doesn’t aim to alarm people, rather, the content is there to educate and entertain. Sure, he lapses into geekdom every now and then, but most people with a passing knowledge of tech will get a kick out of his work.
We recommend: Darknet diaries Ep. 72 – Bangladesh bank heist
3. The Social-Engineer Podcast
- Owner: Chris “loganWHD” Hadnagy @humanhacker
- Date of podcast launch: October 2009
- Average episode length: 50 minutes, monthly
- Three typical topics: Is online privacy possible?, misinformation techniques, the psychology of social engineering
- Website: social-engineer.org
- Available on: Spotify, iTunes
Internet-imposed changes to our lives have created a fertile hunting ground for fraudsters and social engineers. That’s what the Social-Engineer podcast covers: how social engineering is applied by individuals and businesses to gain an advantage.
The audience varies from ruthless marketers who want to get an edge, to cybersecurity officers who want to know about phishing threats, to regular people whose goal it is to stay secure in a digital world.
Unlike other cybersecurity podcasts, this show also wrestles with human psychology. It’s like a mix of Scientific American and Hakin9 – offering a measured take on what makes humans vulnerable to social engineers. Expect plenty of interviews from reformed hackers, cryptocurrency mavens, and even an academic or two.
Again, Social Engineering differs from other cybersecurity podcasts by posting relatively infrequently. It’s been broadcasting since 2009, and has just reached a century milestone. That’s no bad thing, though. It’s just a sign of the quality control exercised by Chris Hadnagy and his collaborators.
We recommend: The Social-Engineer Podcast Ep. 130 – The Emoji Code with Dr. Vyv Evans
4. Smashing security
- Owner: Graham Cluley and Carole Theriault @SmashinSecurity
- Date of podcast launch: December 2016
- Average episode length: 50 minutes, weekly
- Three typical topics: Abusive corporate apps, adult website censorship, the pros and cons of 2FA
- Website: smashingsecurity.com
- Available on: RSS, iTunes, Overcast, Google, Pocket Casts, Spotify
Smashing Security describes itself as “helpful and hilarious,” which is an apt description for this lighthearted podcast on current infosec concerns, that nevertheless manages to provide expertise. Co-hosts Cluley and Theriault don’t particularly limit themselves in the topics they cover, instead casting their net over anything related to cybercrime and more.
This is one of those podcasts which you can dive right into – the presenters keep the jargon light and make a point of not patronizing the listeners. Perhaps it’s this ability to balance knowledge and approachability that earned Smashing Security the title of “Best Security Podcast” at the 2018 European Security Blogger Awards.
Every episode seeks to anchor the content in the real world, which is another huge strength. For instance, recent shows have talked about how major corporations like Office Depot have used scams to trick customers into purchasing unnecessary security tools. There have been shows on motel owners using apps to “hijack” customers devices, as well as security threats related to LinkedIn profiles. In other words, the kind of stories you wish you’d hear more about in the MSM, but tend to get lost in the churn.
As with the best cybersecurity podcasts, Smashing Security’s hosts don’t do it alone. They invite plenty of engaging guests to share their expertise (and bad jokes). And the hosts know what they are talking about. Before helming the podcast, Cluley wrote the very first iteration of “Dr. Solomon’s Anti-Virus Toolkit,” while Theriault’s Sophos Naked Security is one of the best sources of anti-virus news around.
We recommend: Smashing Security Ep. 173 – 5G fiascos, Zoom gloom, and butt biometrics
5. The Shared Security podcast
- Owner: Scott Wright and Tom Eston @SharedSec
- Date of podcast launch: 2009
- Average episode length: 20 minutes, about 5 episodes per month
- Three typical topics: Five Eyes surveillance updates, WhatsApp privacy, are elections safe from hackers?
- Website: sharedsecurity.net
- Available on: Stitcher, iTunes, Google, YouTube, Spotify, Overcast, iHeartRadio (and more)
The Shared Security podcast has earned quite a reputation over the years, which makes sense because it began as much as 10 years ago, back in 2009 when the topic of cybersecurity was far from the hot topic it is today. Podcast creators Scott Wright and Tom Eston cover a lot of topics that range from IoT, mobile devices, PoS threats to more abstract topics like global politics. The result is a general source of privacy updates that are sure to be relevant to everyone’s online lifestyle.
The concept behind the podcast is simple. In an interconnected world, huge numbers of people rely on platforms and technology that are “shared” like a common resource. And the only way to keep that technology safe is to educate users to know about threats to its integrity.
At the moment, content is divided into the old school Shared Security podcast, which appears infrequently, and weekly updates, which (as the name suggests) are delivered every week. Subscribers can rely on the hosts to cover the week’s most pressing topics, then look forward to in-depth discussions informed by serious expertise, when the main podcast drops. And it’s well worth the wait because Eston and Wright put vast amounts of research into every segment.
We recommend: The Shared Security Ep. 135
6. Security Now!
- Owner: Leo Laporte @leolaporte, Steve Gibson @SGgrc
- Date of podcast launch: 2005
- Average episode length: 100 minutes, weekly
- Three typical topics: Personal security, vulnerabilities, malware
- Website: grc.com
- Available on: iTunes, RSS, Podnova
Started in 2005, Security Now! is one of the longest-running cybersecurity podcasts with some of the longest episodes that often span well beyond a feature movie length. Gibson and Laporte focus on personal security but also take time to reflect what’s happened in the last week across the globe. Because one episode is nearly two hours long, this podcast rarely leaves a cyberstone unturned.
Their page is a bit old-school, offering to download MP3s instead of expanding to more podcast sites. On the other side, each episode comes with Steve’s notes and a transcript in three different formats. Every two weeks, the hosts read selected questions from the listeners.
Subscribers will notice that SprintRite software is mentioned regularly. That’s Gibson’s tool for scanning, relocating, and recovering data on storage devices, with the last version released back in 2004. It’s not free, but apparently it still does the job at the fraction of a price that the latest tools ask.
We recommend: Security Now! Ep. 765 – An Authoritarian Internet?
7. Down the Security Rabbithole
- Owner: Rafal Los @wh1t3rabbit, James Jardine @JardineSoftware
- Date of podcast launch: 2011
- Average episode length: 45 minutes, weekly
- Three typical topics: Business security, legal aspect, non-traditional sectors
- Website: podcast.wh1t3rabbit.net
- Available on: RSS, Apple Podcasts, Stitcher, Google Podcasts (and more)
You can tell that the site owners are serious when its name is partially written in 1337. Started in 2011, this podcast is still among the most poplar ones for businesses. Not to be confused with New York Times’ user-oriented Rabbit Hole, Down the Security Rabbithole tries to tackle such issues as cybersecurity-related laws, the vulnerability of SMBs, and healthcare security during the COVID-19 pandemic.
Contrary to others, this podcast has a guest speaker most of the time. One week it can be Tom Nichols, author of “The Death of Expertise,” and the other we may hear Allan Alford, a host of his own podcast “Defense In Depth.” All of them have something interesting to say, so those 45 minutes fly by, and you find yourself binge listening to the next episode.
We recommend: Down the Security Rabbithole Ep. 393 – Smartish Cities
8. The CyberWire Daily Podcast
- Owner: David Bittner @thecyberwire
- Date of podcast launch: 2015
- Average episode length: 20 minutes, every weekday
- Three typical topics: Cybersecurity news, industry analysis, interviews
- Website: thecyberwire.com
- Available on: RSS, Apple Podcasts, Google Podcasts, Pandora, Castbox, Overcast, Spotify, Stitcher
The CyberWire Daily Podcast differs from the rest on this list because it’s run by a news service and not by some cybersecurity enthusiasts. It’s also purely news-related, aggregating what you have to know about the latest InfoSec developments. That’s why new episodes come out each weekday and are shorter when compared to some weekly podcasts above.
At the time of writing this article, The CyberWire Daily Podcast was among the Top 40 US Technology podcasts, as per iTunes. That’s a significant achievement, given that some like Security Now! are no longer that popular.
There’s already over a thousand of Daily Podcast episodes, but The CyberWire offers much more free and premium content. Putting everything else aside, there are more than ten podcasts, all related to cybersecurity in one way or another. They range from those covering social engineering (Hacking Humans) to personal stories of cybersecurity experts (Career Notes).
We recommend: The CyberWire Daily Podcast Ep. 1155