Security with Caleb Barlow-logo

Security with Caleb Barlow


Information is now the fuel behind business, politics and many aspects of our personal lives. Hosted by Caleb Barlow, Director of Application, Data and Mobile Security at IBM, this podcast focuses on the changing landscape of Information Security and features topics for both business executives and security professionals.

Information is now the fuel behind business, politics and many aspects of our personal lives. Hosted by Caleb Barlow, Director of Application, Data and Mobile Security at IBM, this podcast focuses on the changing landscape of Information Security and features topics for both business executives and security professionals.
More Information


Boston, MA




Information is now the fuel behind business, politics and many aspects of our personal lives. Hosted by Caleb Barlow, Director of Application, Data and Mobile Security at IBM, this podcast focuses on the changing landscape of Information Security and features topics for both business executives and security professionals.






Innovation Talks: Voices of IBM Security

Today, IBM made a series of announcements, including the planned acquisition of Resilient Systems, Inc., that will aim to provide organizations with a proactive, comprehensive approach to respond to cyber breaches more quickly and effectively across consulting, services and products. With Resilient Systems, a leader in incident response, IBM will be in a position to provide the industry’s first integrated end-to-end Security Operations and Response Platform offering that spans the entire...


Security, Mobile & Cloud - Caleb Barlow

Security, Mobile & Cloud - Caleb Barlow


Data at Risk - Is there a weakness in self-encrypting hard drives?

Self-encrypting hard drives (SEDs) have been dubbed the security industry’s best-kept secret, but is the data inside really secure? With its ability to accelerate the drive-redeployment process, SEDs have been rising in popularity. Tune into this podcast to hear Rick Robinson, IBM Security Product Manager of Data Security, examine the security behind self-encrypting hard drives and some new-found security vulnerabilities that have recently been disclosed with SEDs.


Containerization in a DevOps World: Can AppSec Keep Pace?

Containerization (like Docker and IBM Containers) takes application portability to a new level. Applications can be packaged with everything they need to run for simplified, high-velocity deployment. By using native separation within the OS (Linux or Windows) organizations get many of the benefits of a VM without the overhead of a hypervisor. So what's the downside? Most security tools weren't designed to "play well" with containers. And many security teams aren't aware of the emerging...


IoT Security: Reality or Thriller Plot Threats?

When researchers discover vulnerabilities in Internet of Things (IoT) devices, the media hypes the consequences as if the movie "Maximum Overdrive" has jumped off the big screen and into reality. Will your connected car refuse to respond to your stabs at the brake pedal? Will soda machines start shooting cans at unsuspecting passers by? When will our robot vacuums rebel, controlled by Skynet? Join Caleb Barlow and Chris Poulin, Research Strategist for IBM's X-Force Security Threat...


Tips to Protect Your Mobile Environment

Organizations are constantly faced with evolving mobile technologies as well as finding new ways to secure them. The challenge is determining which mobile security strategy best fits your company's needs now and in the future. In this session, you will discover the key considerations for deploying a mobile security strategy based on your security and business requirements.


Mobile Security Is A Love-Hate Relationship

Caleb Barlow, dives further into the recent findings made by IBM Security -- 60% of dating apps are easily hackable. Discover the "love connection" between IBM Security solutions and a more secure mobile world. Additional perspectives provided by Diana Kelley and Michael Montecillo. Read the full report at


Can you trust your Smartphone? Let's talk Encryption and iOS8.

Enhanced levels of data encryption on Smartphones have been applauded by data privacy advocates but law enforcement has expressed concerns about the ability to get access to data on a smart phone while investigating a crime. But what about the enterprise? Are these new forms of encryption a good thing or a bad thing for our corporate data? In this podcast we will leave the politics aside and get underneath the technology - What's different? How does it work? What are the implications? To...


Mobile Apps under Attack – New Frontiers for Securing Mobile Applications

In this podcast, Caleb talks with Jukka Alanen about how mobile apps are under attack, how apps are being exploited by hackers, and what organizations can do safeguard their brands, data, IP, and revenue while developing and releasing new mobile apps. Already 78% of Top 100 iOS and Android apps have been found as hacked, rogue versions, and industry organizations across OWASP, security consultancies, and analysts have started recommending new protection measures. Jukka Alanen is Vice...


Assets Gone Wild? Your Asset Management Squad.

Did you know there are approximately 9 billion devices, assets, and ‘things’currently connected to a network? Over the next decade that number is expected to increase significantly with estimates ranging from 50 billion to nearly 1 trillion! It's about engine control units on industrial vehicles, track signaling equipment on railways, water pumps in power generation stations, and the list goes on and on. It's all about Enterprise Asset and Facility management (EAM, IWMS) solutions which...


Beyond Testing: Application Security Management

In this podcast Caleb talks with Diana Kelley and Doug Wilson, two experts in the field of application security to discuss how software testing is rapidly maturing to risk based application security approach. We will introduce a new framework for application security that covers Test, Assure and Protect (TAP). Let's face it, you cannot scan and remediate everything, but if you aren't scanning the right assets you're putting your corporate assets at risk, so let's talk about a practical...


Methods for Extending Visibility to Servers to Detect APT and Insider Abuse

Security and Information Event Managers (SIEM) tools rely heavily on perimeter security logs, like those from firewalls, IPS and router NetFlow, The sharing of these logs with SIEMs have been very successful in identifying sophisticated external attacks in very early stages. Now, for most organizations, the most severe data breaches are coming from privileged insiders or from Advanced Persistent Threats (APT) that imitate the privileged user. In this podcast Caleb talks with experts from...


Understanding Heartbleed - What you need to know.

As security professionals scramble to address the potential impact of Heartbleed we take a moment to pause and describe what Heartbleed is all about, how it occurred and practical advice on how to address the risk on your systems. Michael Hamelin from the IBM X-Force research team joins us to describe this in plain english and give you some practical advice on what you need to be doing now. Join us if you are a CEO, CISO or management professional looking to understand the basics of this...


Don't Risk Your Reputation or Your Mainframe

Mainframes host mission critical corporate information and production applications for many financial, healthcare, government and retail companies requiring highly secure systems and regulatory compliance - making them a target for attack as your enterprise continues to grow and change. Demonstrating compliance for your industry can be complex and failure to comply can result in vulnerabilities, audit failures, loss of reputation, security breaches, and even system shut down. How can you...


If everything is about the data, doesn't it make sense to protect it?

Learn of the increased focus placed on data security, compliance, and privacy to deal with the constant threats to enterprises, and how a leading industry actor effectively makes data protection possible in their growing diverse IT ecosystem. As company's environments become more open and complex, sensitive data can be found not only on internal databases, but also in datawarehouses, Big Data (Hadoop or NoSQL) platforms, and file systems including those outsourced and in the Cloud. We will...


38 Millions Reasons to use Cryptography for Business

Cryptography is a necessary component to for protecting data, regulatory compliance, and mitigating the risk of breaches, for government, retail, financial, and healthcare companies. Recent events in the news show how the a compromise of 38 million accounts could have been much worse if encryption had not been adopted as part of the data management solution. The only question is: why wasn't it used to protect all of the data? Rick Robinson leads us thru the discussion and everything you need...


The Chameleon in Your Network --- Combatting the Mutating Threat

Today's information security threats don't stand still. They persevere, adapting to traditional defenses, changing form and appearance quickly and frequently until they succeed in their mission --- to own your most critical assets. Without defense mechanisms that can accurately detect these types of mutating threats, they will win --- lurking like chameleons in your network. Is your network intrusion prevention system up to the challenge? Find out what it takes, and learn how IBM's adaptive...


PCI: Comply to Survive; Exceed to Prosper

It's all mandatory. Nothing is voluntary. The rule is if you store, process, or transmit credit card data you must be compliant with the PCI standards. And that's a global rule. In this podcast, security experts will engage in a lively discussion about PCI Compliance and how the planned publication date of PCI DSS and PA DSS version 3.0 will effect security teams within organizations. Join us to better understand what incremental requirements are included, when your organization must adopt...


Unlocking the promise of mobile: IBM Announces Intent to Acquire Fiberlink

Today IBM announced a definitive agreement to acquire Fiberlink Communications, a mobile management and security company. Join executives from Fiberlink and IBM - Wing To, Caleb Barlow, Phil Buckellew and Chris Clark moments after the announcement to discuss the Fiberlink solution, and how IBM will extend its bring your own device (BYOD) capabilities to deliver a complete mobile management and security solution through IBM MobileFirst that includes trusted transactions and security...


How many security attacks did you fend off today?

2013 is well on its way to be another record year for cyber intrusions, keeping security as a topic in every corporation’s boardroom and in every government agency. How many vulnerabilities did your security team find scanning today, last month, or this year? And how many were high risk? In the first six months of 2013, the IBM X-Force Research and Development team analyzed 4,100 new security vulnerabilities and 900 million new web pages and images. The IBM X-Force team just released their...