Re: InfoSec Podcasts

[John Hoffoss <john.hoffoss () CSU MNSCU EDU>]

On May 3, 2011, at 4:31 PM, John Ladwig wrote:
> One of my coworkers is involved in the The SIRA Podcast (Society of Information Risk Analysts), but I haven't spent 
> much time with it, since he and I chat regularly.  :-)


That's me. We're not overly technical, focusing more on risk assessment, management, quantification, reporting, 
communication, etc. We also have a mailing list and monthly meetings via WebEx with a different speaker, some deep in 
risk assessment, some from finance backgrounds, etc. I've found the group to be extremely helpful as I help grow our 
risk management capabilities.

Check us out or join at http://societyinforisk.org. (The podcast is listed in iTunes as well.)

I go in bursts through IT Conversations, but I can't keep up with the episodes I care about. I've also listened to a 
few episodes of PaulDotCom. I more regularly listen to Exotic Liability (some earlier episodes are nearly unlistenable 
for the language and immaturity, but it's gotten better) and Eurotrash Security (enjoyable from ep1). Ranum also did a 
few episodes of "Rear Guard Security", which were typical Ranum: entertaining, mostly spot-on, and mostly not helpful 
in the least as far as what we should do about some of the less-than-intelligent areas of our industry. Last, I usually 
listen to the SANS ISC podcast from Johannes Ullrich. They're short, pointed, and generally cover the important bits 
from the ISC diary.

Happy listening!

-jth