The other day, I was participating in an after-work panel centring on the professional opportunities cybersecurity at large presents. The discussion primarily focused on drawing in women to the field as a way to diversify and enrich the talent pool. Yet, few of us insisted on focusing on diversity, be it gender, social, etc.
Amongst the main questions was: how do I get into the field? Trying to provide sound advice on that made me realise we have a handful of resources to building up new and/or extra skills within the realm. However, starting off if you are, say, a developer or a legal person may turn bumpy and challenging.
Get to know the industry which interests you: infosec
Often, we hear that technical knowledge is not required for a career in infosec when one has other competencies
IMHO, such a standpoint is debatable. Indeed, you do not — and cannot — learn and know and meaningfully mobilise any technical bit out there. And nobody will ever ask of you to be the a complete technical authoritative encyclopaedia. Yet, I hold that should you ignore the very makeup and fundamentals of the topic, you will be imprecise at best when providing consultancy services. This is true regardless of your non-technical skills.
Podcasts to the rescue
Of course, learning new, complicated, technical stuff demands time, effort, method and rigour. But it does not need to be boring or tedious.
That is why I decided to put up a list of resources of my choosing. The criteria are rather basic: content needs to be diverse, engaging, accessible. I curated the below list of podcasts, in English and French. They are fun enough to get you to learn things, be it help you out in a self-teaching strive, be it make your commute to work more enjoyable.
And naturally, should you have suggestions, let me know: contact details are over here (scroll). Thanks, and enjoy!
Podcasts in English
- Risky Business https://risky.biz/ (Twitter account https://twitter.com/riskybusiness)
- Smashing Security https://www.smashingsecurity.com/ (Twitter account https://twitter.com/SmashinSecurity)
- Darknet Diaries https://darknetdiaries.com/ (Twitter account https://twitter.com/DarknetDiaries)
- Down the Security Rabbithole http://podcast.wh1t3rabbit.net/ (Twitter account https://twitter.com/@DtSR_Podcast)
- Talos Intelligence https://www.talosintelligence.com/podcasts
- Flashpoint Intelligence https://www.flashpoint-intel.com/blog/podcasts/
- Stormcast https://isc.sans.edu/podcast.html
- Security Now https://twit.tv/shows/security-now (its author also publishes the transcripts in PDF format, follow his Twitter feed for links)
- Recorded Future https://www.recordedfuture.com/category/podcast/
- Cybersecurity Sauna https://www.f-secure.com/en/web/business_global/our-approach/cyber-security-sauna
- ThreatPost Podcasts https://threatpost.com/category/podcasts/
- Troy Hunt’s Weekly Update https://www.troyhunt.com/tag/weekly-update/
- UK’s Data Protection Agency has a nice podcast, too (it has not been updated since end 2018, though) https://ico.org.uk/for-organisations/resources-and-support/webinars-and-podcasts/
- Lock and Code by Malwarebytes Labs
- Naked Security by Sophos
Podcasts in French
- NoLimitSécu https://www.nolimitsecu.fr/ (Twitter account https://twitter.com/nolimitsecu)
- Le Comptoir Sécu https://www.comptoirsecu.fr/ (Twitter account https://twitter.com/comptoirsecu)
- Hackstock https://hackstock.net/
- Crypto.Québec – Les chiens de garde (it has not been updated since end 2018, though) https://crypto.quebec/ (ht Christopher Madinina)