3.1 Which podcasts and blogs?
At the time of writing, the blog WordPress.com [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] boasts of having over 400 million people viewing more than 22.3 billion pages each month! According to the Pew Research Center (2012), over 91,000 podcasts were produced in 2011 alone. Finding the most relevant resources from all of these is a difficult task and one that will get more difficult as the number of blogs and podcasts increases.
With a focus on information security, however, the number of relevant web resources comes down to a more manageable number. However, not all podcasts are equal: they vary in content, presentation, sound quality and support (for example, the availability of transcripts, resource lists and other supporting material). For instance:
- Podcasts on InfoSec are generally, but not exclusively, produced in the US.
- Podcasts vary greatly in their length, from fewer than ten minutes to an hour or more, and so finding and managing the time to engage with them can be a challenge.
- A popular podcast format is an unscripted conversation between experts. Such podcasts can sometimes appear unfocused, containing material only loosely related to the topic and shallow in their coverage. Whether you grow to like this ‘feature’ of a podcast or not is unimportant.
- There are a great number of podcasts which contain content related to InfoSec without being dedicated to InfoSec.
Because of this, and because no two students’ capabilities or interests are the same, we suggest a range of podcasts to work with. Feel free to find your own!
Activity 6: Tracking the leading edge
Have a quick look at the list of podcasts contained below, and make a note of any web resources that jump out at you as interesting. For example, if you are working within the banking industry you may find that the ‘Banking Industry Security Podcast’ stands out. There are specialist podcasts for Business Leaders, Cyberlaw, Government and Healthcare. Bruce Schneier's Crypto-Gram Security Podcast is also very popular.
After those, listen to at least two more podcasts. If you enjoy them, they can become quite addictive.
The way that you access these web resources is up to you – the lists contain links for (where available) both iTunes and standalone versions of the podcasts.
Instructions for accessing podcasts through iTunes are available in the Podcast section.
Table 1 Podcasts
| Podcast title | Links | Description (from the website) |
| Banking Information Security Podcast | Audio interviews with banking/security leading practitioners and thinkers. | |
| BTR: Security with Caleb Barlow | Blog Talk Radio | Caleb Barlow, Director of Application, Data and Mobile Security at IBM presents a podcast on the changing landscape of information security, featuring topics for both business executives and security professionals. | |
| BrightTALK IT Security Webcast | Direct | Presentations by leading experts in information security. Covers topics such as application, computer, network and internet security, access control management, data privacy and other hot topics. |
| BrightTALK Information Security Community Webcast | Direct | Primarily concerned with topics such as compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security and virtualisation. |
| BrightTALK Governance, Risk and Compliance Webcast | Direct | Presentations by respected commentators in the fields of governance, risk and compliance. |
| CERIAS Security Seminar Podcast | No direct link available | Purdue faculty and visitors give in-depth presentations on topics in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, and the computing ‘underground’. |
| CERT’s Podcast Series: Security for Business Leaders | No direct link available | Both general principles and specific starting points for InfoSec leaders. |
| Crypto-Gram Security Podcast | The Crypto-Gram Newsletter by Bruce Schneier in audio format, read by Dan Henage. | |
| Data Breach today | News, research and education on the top industry, security, regulatory and technology challenges facing InfoSec leaders around the globe. | |
| Eurotrash Security Podcast | An InfoSec podcast for the technically inclined with a dedicated European focus. | |
| Government Information Security Podcast | For public sector security leaders implementing InfoSec in their organisation. | |
| Healthcare Information Security Podcast | For healthcare security leaders implementing InfoSec in their organisation. | |
| InfoRisk Today | News, opinions, education and other related content to assist senior executives and information security professionals. | |
| PaulDotCom Security Weekly | Providing technical analysis and insight in a ‘friendly and entertaining manner’. | |
| Sans Internet Storm Center Daily | Aimed at developing the information security technology leaders the world needs by providing instruction, research and public service programmes. | |
| Security Now! | Focuses on personal computer security. | |
| Security Wire Weekly | Direct | Timely details about information security threats and vulnerabilities, and their control. |
| The CyberJungle | News and chat about security, privacy and relevant law. | |
| The Malware Report | No direct link available | Discusses the latest news and information related to internet and computer security, including tips and best practices for keeping users safe. |