The information security industry (InfoSec) is a small and rather obscure part of the IT workforce. When trying to understand the field, there is a lot of jargon being thrown around, and there is a subculture with many references that can be hard to understand, for many trying to become a part of the field.

In this article, I will list my personal favorite podcasts that I think give the best insight into the world of hacking, cyber security, and InfoSec in general. The last two are Norwegian speaking treasures.

Darknet Diaries is a gem of a true-crime podcast that focuses on cyber security stories. The host Jack Rhysider is a wonderful storyteller that has been able to get a long list of attackers, defenders, and personalities to be interviewed and tell their stories. Jack manages to make the stories both educational and fascinating by asking great questions that help the people being interviewed tell detailed and personal versions of their own experiences.

This is perhaps the podcast that gave me the most interesting and beginner-friendly introduction to Infosec when I discovered it a couple of years ago. The episodes are typically one hour long and act as a history lesson for both newcomers and those with some experience in the field.

I especially like the way you get insight into how cybercriminals operate, and on the opposite end how defenders actually work balancing the technical aspect perfectly for non-technical people.

Security is only as strong as its weakest link, and sometimes that link is humans. The social engineering podcast, led by the legendary Chris Hadnagy has been running for over 10 years and provides fascinating discussions and interviews with academics and InfoSec professionals that share their knowledge and participate in fascinating discussions about how humans interact with each other and how social engineers abuse social structures of human psychology to gain advantages and trick others to into doing things that might not be in their own best interest.

The podcast's first seasons are plagued by very bad audio quality, but the last 4 to 5 seasons have good audio quality. The interviews are thought-provoking and guaranteed to provide material for fantastic topics to discuss during lunch and dinners with friends and family.

I think social engineering is a knowledge domain many have little to no knowledge about. And for me, it sparked an interest in psychology that I confidently can say made me a better husband, father, son, and friend.

The Hacked podcast has a lot of cross-coverage with Darknet Diaries but has a completely different spin on cyber true-crime. In this podcast, the two show hosts Jordan Bloemen and Scott Francis keep the listener on their toes with pure storytelling skills.

In many ways, Hacked is a more high-level and a bit easier-to-digest introduction and coverage of cybercrime topics and stories compared to Darknet Diaries. While Darknet Diaries in many ways feel like in-depth documentaries and history lessons, Hacked is more comparable to a medium-length youtube documentary. High-level, Short, and sweet.

The episodes last from 15 minutes to about one hour, and every episode is pure joy to listen to if you are interested in the field. I always look forward to new episodes of Hacked.

"The Ransomware Fils" is an excellent podcast that talk about and interview organizations that has been hit with ransomware and survived the incident. They talk about what they did, and how they got up and running after the incident.

This podcast may not be the most polished, and professional sounding one, but I think it compensates with good content and amazing interview subjects. Where other podcasts are general regarding ransomware attacks and mitigations, this podcast is specific and provides tangible and actionable recommendations from the people who were there when the shit hit the fan and had to do the cleanup afterwards. You hear what they think worked and what they wish they did differently.

As a security enthusiast and initiative taker this podcast has helped me come up with better recommendations to mitigate ransomware impact based on insight in a much better way than I otherwise would be able to.

Listening to the Norwegian podcast 5h3llcast is both entertaining and educational. In this podcast, a cast of charismatic and skilled hackers talk about InfoSec-related topics in a light-hearted and humorous way.

For me, the podcast is a nice reminder that InfoSec people are just nerds that specialize in helping companies defend against attacks. Not the cyber gods that tend to imagine them as being. If I have a drop in motivation in my own studies it always helps to listen to the latest episode of 5h3llcast to get my blood running and keep me focused on the goal of becoming a skilled cyber practitioner.

The episodes usually last for about one hour and are packed with interesting takes on current InfoSec news and events. For Norwegian-speaking InfoSec students and practitioners, I think this is THE most important podcast to listen to.

"Cyber Security med Olav og Karim" is a Norwegian-speaking podcast that talks about InfoSec in a more educational and business-related way compared to the other podcasts in this article.

The first season is a crash course in how to apply basic security best practices in simple and effective ways. The value of the podcast is immense, but unfortunately, it's a bit dry and does use a lot of InfoSec jargon that can prevent listeners from understanding what is being said.

The later seasons are a lot more light-hearted and do not feel as much like a lecture. I have listened to several of the episodes in the first seasons multiple times to fully grasp the material. In my opinion, they give fantastic inspiration for any organization that wants to tighten its security posture.

Each episode lasts from 20 to 40 minutes. This podcast is a treasure trove of knowledge that is curated and condensed. This is a wonderful podcast that deserves way more attention than what it gets.