Three security podcasts
Test System security is becoming more important. If you want to learn about cybersecurity these podcasts can help.
If you have followed this blog you probably know I have been interested in cyber security for a long time. I was vaguely interested in it as a teen. My interest was renewed a decade ago when I started my own consulting company. In my first official gig, I was handed a 40-page contract. It was kind of overwhelming. One of the stipulations that stuck out to me was: "Must use the latest and greatest cybersecurity best practices." I had no idea what that meant. I thought "Well I better figure that out." I started doing some research and the first thing I stumbled upon was a podcast called Security Now.
Security Now
Security Now is a podcast that has been going on for a long time, something like 20 years. I started listening at episode 500-something and there are well over a thousand now. It is a weekly podcast. Each episode is somewhere around 2 hours. The first part of each episode is a general news section where the hosts Steve and Leo talk about general cybersecurity news. It's good for an overview of what's going on in the world of cybersecurity. It talks about all the various threats and threat actors. It also goes into the political angle and upcoming legislation. Listening over time helps to pick up on all the major trends, how they shift over time, and how they are related. For the last half, they dive deep into a particular security topic. Leo refers to Steve as the "Explainer in Chief". They take some particular incident or technology and go way into the weeds on it. Steve is very good at taking complex security topics and breaking them down and making them easier to understand. This section helps promote some deep understanding. If you like this podcast, I also recommend This Week in Tech, for a more broad overview of the Tech Industry.
Darknet Diaries
The next cybersecurity podcast I stumbled upon was Darknet Diaries. It is a very different format from security now. It is a story-telling podcast centered around cybersecurity and the Dark Web. The host Jack interviews a variety of characters from the cybersecurity world, both black and white hat hackers. He often interviews some hacker who pulled off some daring hack. Sometimes it feels like Jack glorifies these heists a little, and I feel like it is more just his awe at the skill and audacity of the hackers. He definitely talks about the consequences. Several guests get interviewed from jail and/or talk about their time in jail. Jack also interviews several feds, white hat hackers, and pen-testers. Overall it is very entertaining. Jack is a great storyteller. The podcast gives a good overview of all the high-profile cybersecurity incidents (it covers many if not all of them). It is also a good peek into the life on both sides of the fence. He really captures the day-to-day operations of his guests. You end up with a good feel for their actions, their mental state, and what drives them.
Risky Bizness
I was at a local store recently wearing a Darknet Diaries sweatshirt (they have some really cool merch) and someone recognized the logo so we started talking. He recommended Risky Bizness. It is an energetic podcast out of Australia. Like Security Now it offers a good overview of cybersecurity news. They also occasionally do some deep dives. It is shorter. It is usually less than an hour. Risky Bizness has a much more enterprise and public-policy focus. There is lots of talk about upcoming legislation and regulations. The hosts appear to be enterprise consultants so there is a lot of talk about compliance. The hosts both have a healthy sense of humor and it's very easy listening, whereas Security Now can sometimes get a little heavy.
Relevance
Why is this relevant to LabVIEW programmers? In case you are unaware is some new security legislation is in the works, both in the US and EU that impact test systems. In the US, the big topic is the CMMC and in the EU it is the Cyber Resilience Act. If you want to know more, NI has a Security Forum where you can asked questions and talk about these things. I've often felt like LabVIEW programmers don't take security seriously enough. In the past the argument was always "It's on its own network and air-gapped and therefore we don't have to worry about security." With AI, ERP, and cloud systems our test systems are often no longer disconnected from the network and even for those that are still air-gapped, that is no longer an excuse to avoid security practices. The times are changing and we must change with them.
Need Help
Want to talk about test system security? Me too! Let's connect using the button below.
