With a few exceptions, InfoSec podcasts sound the same to me as they did in 2014, both in production quality and in content.
There are two daily shows: SANS ISC Storm Cast and the Cyberwire. They run the gamut – SANS has a brief unpolished production sense and the Cyberwire is perhaps overproduced and over sponsored. Both provide solid daily content. I’m happy to skip both show’s “research” component.
And then there’s the rest.
Most non-vendor podcasts fall into two general categories: echo chambers and interviews.
The “echo chambers”, essentially panel shows full of inside jokes, are mostly gone from my pod catcher. Their production quality is close to zero and they’re mostly op-ed (opinion & editorial) with no counter argument. On PVCSec we tried and mostly failed to counter the standard InfoSec podcast.
The interview shows can be better. The production quality tends to be higher. Several make the interview more about the show host/interviewer and less about the interviewee. Sponsored shows are just that.
There is a third category: “NPR”-style free podcasts. These are the ones that talk about topics most other typical security podcasts miss – legal, governmental, and diplomatic.
Here’s what I’m catching:
- SANS Internet Storm Center Storm Cast
- The CyberWire
- The Cyberlaw Podcast
- Exploring Information Security (full disclosure: we worked together on PVCSec, I was a guest on EIS, and we’re friends)
- The Lawfare Podcast
- Rational Security
- Brakeing Down Security
- Liquidmatrix Security Digest
If your InfoSec podcast is not on my list and you want it on there, let me know why I should include it.