The other day, I was participating in an after-work panel centring on the professional opportunities cybersecurity at large presents. The panel was primarily focused on drawing in women to the field as a way to diversify and enrich the talent pool although a few of us insisted on focusing on diversity, be it gender, social, etc.
Amongst the main question was: how do I get into the field? Trying to provide sound advice on that made me realise we have a handful of resources to building up new and/or additional skills within the realm. However, starting off if you are, say, a developer or a legal person may turn rather bumpy and challenging.
Rather often, we hear that technical knowledge is not required for a career in infosec when one has other competencies. IMHO, such a standpoint is highly debatable. Indeed, you do not — and cannot reasonably — learn and know and meaningfully mobilise any technical bit out there. And nobody will ever ask of you to be the absolute technical authoritative encyclopaedia. However, my position is that if you ignore the very makeup and fundamentals of the topic, you will be imprecise at best when providing consultancy services, however great your non-technical skills are.
Of course, learning new, complex, technical stuff demands time, effort, method and rigour. But it does not need to be boring or tedious. That is why I decided to put up a list of resources of my choosing. The criteria are rather basic: content needs to be diverse, engaging, accessible. I curated the below list of podcasts, in English and French. They are fun enough to get you learn things, be it help you out in a self-teaching strive, be it help you spend a more pleasant commute to work.
And naturally, should you have suggestions, let me know: contact details are over here (scroll). Thanks, and enjoy!
Podcasts in English
- Risky Business https://risky.biz/ (Twitter account https://twitter.com/riskybusiness)
- Smashing Security https://www.smashingsecurity.com/ (Twitter account https://twitter.com/SmashinSecurity)
- Darknet Diaries https://darknetdiaries.com/ (Twitter account https://twitter.com/tunnelsup)
- Down the Security Rabbithole http://podcast.wh1t3rabbit.net/ (Twitter account https://twitter.com/@DtSR_Podcast)
- Talos Intelligence https://www.talosintelligence.com/podcasts
- Flashpoint Intelligence https://www.flashpoint-intel.com/blog/podcasts/
- Stormcast https://isc.sans.edu/podcast.html
- Security Now https://twit.tv/shows/security-now (its author also publishes the transcripts in PDF format, follow his Twitter feed for links)
- Recorded Future https://www.recordedfuture.com/resources/podcasts/
- Cybersecurity Sauna https://www.f-secure.com/en/web/business_global/our-approach/cyber-security-sauna
- ThreatPost Podcasts https://threatpost.com/category/podcasts/
- Troy Hunt’s Weekly Update https://www.troyhunt.com/tag/weekly-update/
- UK’s Data Protection Agency has a nice podcast, too https://ico.org.uk/for-organisations/resources-and-support/webinars-and-podcasts/
Podcasts in French
- NoLimitSécu https://www.nolimitsecu.fr/ (Twitter account https://twitter.com/nolimitsecu)
- Le comptoir sécu https://www.comptoirsecu.fr/ (Twitter account https://twitter.com/comptoirsecu)
- Hackstock https://hackstock.net/
- Crypto.Québec – Les chiens de garde https://crypto.quebec/ (ht Christopher Madinina)