Security Intelligence Podcast-logo

Security Intelligence Podcast

Technology Podcasts >

More Information


United States




Cloud Security and the Road to Transformation

Cloud is not the ultimate destination; it's the path to an end goal. "The idea of cloud is to get you a modern architecture," says Vikram Chhabra, who leads product management for IBM Security Services with a focus on cloud and infrastructure security. "The destination is transformation to help you innovate and drive modern experiences for your end customers." Chhabra identifies multiple challenges as CISOs steer their businesses down this path to a modern architecture: talent, cloud...


Are You Prepared to Respond to a Destructive Malware Attack?

What’s the difference between a destructive attack and a traditional breach? “Destructive malware is malicious software that has the capability to render an effective system inoperable and also challenges reconstitution,” explains Charles DeBeck, a senior cyber threat intelligence researcher at IBM X-Force IRIS. A kind of attack originally associated with nation-states, new research suggests an expanding trend in who is employing destructive attacks, and where. Wendi Whitmore, director of...


Adapting to Evolving Data Privacy Regulations

As regulations such as GDPR and CCPA go into effect around the world, organizations are seeing the impact of data privacy laws on their businesses. As recent headlines show, fines are one possible impact, but they shouldn't be the only impetus to review privacy compliance and run through incident response plans. "It really comes down to a matter of trust," says Monica Dubeau, privacy program director for IBM Security. "You need your clients to trust you. You want your clients to trust you....


What Factors Contribute to the Cost of a Data Breach?

On average, according to the 2019 Cost of a Data Breach Report, it takes 279 days to contain a data breach, up from 266 days last year. "I think it's true we're getting better identifying data breaches," says Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. However, at the same time as organizations improve their security postures, cybercriminals are becoming stealthier. While factors such as a lack of preparedness or third-party risk can amplify the cost of a data breach,...


The Evolving Security Operations Center

"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep pace with your security operations center (SOC)? Bickerstaffe and Jamie Cowper, Product Marketing Manager at IBM Security, join the podcast for a discussion about building and enhancing a SOC, or "the eyes and ears of an organization." They cover...


Reducing Third Party Risk

"We, as CISOs, and as risk management practitioners, and as risk executives, have to be aware that a risk rating vendor isn't the entire answer to our risk posture," says Shamla Naidoo, a Managing Partner at IBM Security who was most recently the global CISO for IBM. "It is a part of the answer, not the entire answer." Naidoo joins David to discuss taking a 360 degree view of third party risk. They explore why risk rating reports are the beginning of risk management but not the end; why...


Development Agility and Open Source Vulnerability Prioritization

"Open source is increasingly being acknowledged as an indispensable means for promoting and driving innovation," says Rami Elron, Senior Director of Product Management at WhiteSource. But at the same time, there's been a proliferation in open source security vulnerabilities. Elron attributes the phenomenon to both increased adoption of open source and increased attention following publicized data breaches. He joins David to discuss the challenges in prioritizing open source vulnerabilities,...


Lateral Movement: Combating High-Risk, Low-Noise Threats

"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a problem." Lateral movement is one way threat actors escalate annoyances into problems. "Lateral movement consists of a series of techniques that enable an adversary to access and control remote systems in a network," Joey Victorino, a consultant for IBM...


Travel Security: Why Data Safety Doesn't Get a Day Off

Sunscreen? Check. Boarding pass? Got it. The resolve not to connect to the airport WiFi? Getting there. This summer, add cyber hygiene best practices to your travel checklist. Caleb Barlow, Vice President of X-Force Threat Intelligence for IBM Security, shares insights on travel and transportation industry security. Caleb explains why the transportation industry is a target for attackers and how individual travelers can protect their personal information. Pam and David discuss the tension...


Lessons from a Gray Beard: Transitioning from the Military to Cybersecurity

With thirty years of experience in the military, JC Vega now shares his experiences as a "gray beard" in the role of a cyber range coach. When asked about transitioning from the military to cybersecurity, JC offers advice that applies across fields: consider a path that lets you prioritize quality of life, career advancement, and job satisfaction however best suits your personal goals. JC explains why military veterans possess innate security training, shares lessons learned from...


Foundations for a Winning Operational Technology (OT) Security Strategy

Conversations about operational technology (OT) security have been bubbling up more and more, and justifiably so. The term may not be as well known as it should be — or even entirely settled upon yet — but the consequences of risk in operational technology environments impact our daily lives. As Rob Dyson, OT Security Services Leader for IBM Security, explains, "These are environments that produce things that keep our economies going every day, whether it's our electricity, water or...


"You Can Never Have Too Much Encryption"

Data encryption can feel like the enterprise version of a kid's least favorite chore: cleaning their room. "One of the biggest challenges," says Stephanie Balaouras, "is just the inertia against getting started." Considering the ways in which a holistic encryption strategy can reduce security and privacy concerns, breaking through the inertia is worth it. Balaouras, Research Director at Forrester Research, joins Pam and David for a conversation on how to get started on your data encryption...


Automating Cyber Resilience Best Practices with Dr. Larry Ponemon

What does it take to be cyber resilient? In the words of Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, a cyber resilient enterprise is "one that can prevent, detect, contain, and recover from a myriad of serious threats against data applications and IT infrastructure." Dr. Ponemon joins co-hosts Pam Cobb and David Moulton to discuss findings of the 2019 Study on the Cyber Resilient Organization. He explains why Germany stands out as a case study for cyber resilience and...


Muscle Memory and Cyber Fitness Training

Just as physical training improves strength and health, cyber fitness training keeps security professionals in shape to handle a breach at a moment's notice—prepared to duck "that virtual cyber punch in the face." Caleb Barlow, Vice President of IBM Security's X-Force Threat Intelligence group, discusses the importance of going beyond tabletop exercises when training teams to respond to breaches: "The more we can immerse people into what that's going to look like, the better we can train...


Three Identities Walk into a Bar…

When you think of identity and access management (IAM), what comes to mind? For guest Bert Vanspauwen, it's the metaphor of a bar. Before ordering a drink, you need to prove to the bartender that you're of age. Rarely do you see someone walk up to the bar with their driver's license, social security, and passport in hand—why give your full identity when the only thing between you and a drink is your age? In his experience working with a European team of IAM experts at IBM Security, Bert sees...


Digital Identity Trust, Part 3: Powering Digital Growth With Digital Identity Trust

Accelerating growth without sacrificing security — this may be the holy grail of digital transformation. Jason Keenaghan, director of offering management for IBM's identity and access management (IAM) and fraud portfolio, joins this episode of our digital identity trust series to discuss how organizations can effectively identify and authenticate end users without introducing extra complexity or friction. Listen to the complete series at and learn more about IBM Trusteer at...


Monitoring Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Do you have concerns about election security or other issues of national cybersecurity? If so, don't miss this episode, in which former National Security Agency (NSA) Deputy Director Bill Crowell shares his insights and expertise. Listen in for a conversation in which we tackle critical questions around national cybersecurity, emerging enterprise threats, and strategies for organizations to improve their security outlook. To learn more about the benefits of encryption, read the IBM white...


X-Force Red In Action 011: Spotlight on Password Security With Evil Mog

As we prepare to enter 2019, are passwords on their way to obsolescence? Dustin Heywood, a.k.a. Evil Mog, says no. Heywood brings his expertise as a penetration tester and password cracker to this episode of the X-Force Red in Action series []. Listen in for valuable tips on how to improve password security in your organization.


Demystifying the Role of AI in Cybersecurity

Artificial intelligence (AI) has been making headlines for several years now, but what's the story behind the hype? And what opportunities and risks does AI present for the security industry in particular? In this episode we're demystifying AI in cybersecurity with the help of three IBM experts: Carma Austin, Worldwide Sales Leader, Security Intelligence SaaS; Doug Lhotka, Executive CyberSecurity Architect, CISSP-ISSAP; and Jeff Crume, IT Security Architect, Distinguished Engineer and IBM...


Fraud Trends, Digital Transformation and More — 2018 Cybersecurity Wrap-up with Limor Kessem

What cybercrime threats dominated 2018, and how can we be better prepared to protect our critical data, empower digital transformation and drive stronger business outcomes in 2019? These are the questions that IBM Security Global Executive Security Advisor Limor Kessem [] answers in our 2018 cybersecurity wrap-up episode. To learn more about how to accelerate growth and digital adoption with seamless identity trust, visit