July 2, 2020
"APT groups jump at the chance to take advantage of people's emotions," says Ryan Castillo, an analyst on the threat hunt and discovery team within IBM X‑Force IRIS. One such advanced persistent threat (APT) group has recently been detected mining the "treasure trove of COVID-19 lures" activated by overall uncertainty and misinformation in the face of the global pandemic. Castillo and Joshua Chung, a strategic cyber intel analyst for IBM X-Force IRIS, join the hosts to discuss recent activity from ITG16, a North Korean government state‑sponsored threat group. The conversation covers the threat group's targets and tactics and how they anticipate ITG16 to evolve their operations in the future. Read the full episode transcript on the SecurityIntelligence blog:
May 12, 2020
If you introduced yourself at a dinner party and a short time later the host forgot your name, maybe you'd be confused and a little frustrated. The same goes for consumers when interacting with a brand, signing up or verifying their identity. "That kind of experience is something we see on a regular basis in many consumer applications where you're asking for information that isn't necessary or maybe you already have and should not be asking again," says Sean Brown, Program Director for IBM's identity and access management team. "And with that friction, consumers lose confidence."  For more stories on identity and access management, visit Brown and Martijn Loderus, Global CIAM Lead for IBM, join the podcast for a discussion of consumer identity and access management, or CIAM. The conversation covers the distinction between CIAM and traditional identity and access management; what happens when there's friction in the consumer authentication process; and how to create friction-less CIAM experiences for consumers without reducing any levels of security.
April 7, 2020
ITG08, which shares overlap with the group FIN6, is a financially motivated threat group known for currently targeting e-commerce platforms. Chris Caridi from IBM's Threat Intelligence Production Team and Ole Villadsen from the Threat Hunt and Discovery team of IBM X-Force IRIS join the hosts to explore research around the threat group. The conversation covers a discussion of advanced persistent threats (APTs); ITG08's tools, techniques and procedures (TTPs); and how organizations can effectively defend their assets against ITG08 and related criminal threat activity.   Learn more about the ITG08 threat group on the SecurityIntelligence blog:
March 17, 2020
Human beings have inherent biases. That's all the more reason to make an effort to be "consciously unbiased" when developing artificial intelligence (AI). "When we build AI technology for mission-critical applications like security...we don't get to use that excuse of being unconsciously biased," said Aarti Borkar, Vice President of OM for IBM Security. Borkar joined the podcast for a conversation about steps in developing unbiased AI, why subject matter experts are instrumental in the process and how data security best practices come into play. Read the full episode transcript on the SecurityIntelligence blog:
February 11, 2020
Every year, IBM Security releases the X-Force Threat Intelligence Index. When asked what finding surprised him most from the 2020 report, Charles DeBeck, senior cyber threat intelligence researcher, highlighted OT security. "We saw threat actors in 2019 much more actively targeting the operational technology field than we saw in any previous year," he said. At the same time that threat actors are leveraging new targets, previously identified trends continue to have traction: ransomware, phishing and even leveraging spam vulnerabilities that are up to two years old. DeBeck returns to the podcast to unpack these trends, explore the impact on various industries and discuss how organizations can prioritize security measures. Read the full episode transcript on the SecurityIntelligence blog:
January 28, 2020
Nearly a decade ago, Forrester championed the concept of "Zero Trust." Fast forward to today, and the industry is seeing a confluence of technology and strategy that has pushed Zero Trust from the theoretical realm into the practical. In brief terms, Zero Trust boils down to "never trust, always verify." Forrester analyst Chase Cunningham joins the podcast to dig into the depths behind that definition, including how the concept evolved, why the journey towards Zero Trust needs to begin with devices and users, why organizations benefit from a simplified security portfolio and how to coach the next generation on identity best practices. Plus, Pam and David discuss their resolutions for the new year and consider a line of security merch. For more security stories, visit or follow IBM Security on Twitter and LinkedIn. Read the full episode transcript:
December 17, 2019
"It's work to put together and come up with a diverse panel," co-host Pam Cobb observes about her work in the cybersecurity industry. "And diversity here is not just male and female. It is backgrounds and ways of thinking, and all of the different ways that we think of diversity." Bestselling author and entrepreneur Jane Frankland, whose company Cyber Security Capital focuses on gender inclusion in science, joins the podcast for a discussion about diversity in cybersecurity, particularly recruiting and retaining women. Cobb and Frankland discuss the skills that are needed in the security industry, how professionals can raise awareness about the skills gap, what people can do to get a foot in the door, and the benefits of a more diverse workforce. "I'm obsessional about this," Frankland says, "to be that change agent, and to enable both women coming into it and women already in it so that they can progress through the industry at whatever level that they want to be at." For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
November 12, 2019
"State and local governments’ IT infrastructure is currently in a state of what we would call transformative change...making information technology now a primary medium for citizens to interact with their local government," explains Claire Zaboeva, an expert in identifying and assessing cyber-based threats for IBM X-Force IRIS. For all the benefits these changes bring, there's a flip side: there are now more vectors for threat actors to conduct malicious activities within government infrastructures.  Why are threat actors targeting state and local governments and how can states protect public infrastructure? Melissa Frydrych, who researches cyber threat intelligence for IBM X-Force IRIS, joins Zaboeva in a conversation about the kinds of preventative measures states are taking to protect everything from citizens to utilities to elections.  For more security stories and to learn more about the research covered in this episode, visit or follow IBM Security on Twitter and LinkedIn.
October 15, 2019
Recovering from a ransomware attack isn't like paying your electric bill; there's no guarantee that the lights suddenly come back on. How, then, should organizations like municipalities and hospitals plan to remediate in the case of a ransomware attack — or better yet, take preventative security measures? Matthew DeFir and Robert Gates, both members of the IBM X-Force IRIS team, share their advice on how organizations can prevent ransomware attacks. They discuss why attackers choose moments when they can apply maximum pressure, the importance of backing up systems, insights into taxpayers' views on ransomware, and why organizations should not pay the ransom. Plus, Pam and David discuss how ransomware has impacted the cities they live in.  For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
September 10, 2019
Cloud is not the ultimate destination; it's the path to an end goal. "The idea of cloud is to get you a modern architecture," says Vikram Chhabra, who leads product management for IBM Security Services with a focus on cloud and infrastructure security. "The destination is transformation to help you innovate and drive modern experiences for your end customers." Chhabra identifies multiple challenges as CISOs steer their businesses down this path to a modern architecture: talent, cloud controls, centralized strategy, compliance. Security — beginning with automation — can act as an enabler in light of these challenges. Chhabra chats with David about types of cloud models, who the CISO should partner with on cloud migration, and how to manage threats and prove continuous compliance in a cloud environment. Plus, Pam and David discuss their opinions on pineapple pizza (it's relevant, promise).  For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
August 6, 2019
What’s the difference between a destructive attack and a traditional breach? “Destructive malware is malicious software that has the capability to render an effective system inoperable and also challenges reconstitution,” explains Charles DeBeck, a senior cyber threat intelligence researcher at IBM X-Force IRIS. A kind of attack originally associated with nation-states, new research suggests an expanding trend in who is employing destructive attacks, and where. Wendi Whitmore, director of the IBM X-Force Threat Intelligence team, says, “The average cost of one of these attacks — a destructive incident versus a traditional breach — is actually 61 times higher.” DeBeck and Whitmore join our hosts for a conversation about the evolution of destructive attacks, how organizations can defend against them, and how to best prepare for remediation. For a further look at trends in destructive attacks, visit
July 30, 2019
As regulations such as GDPR and CCPA go into effect around the world, organizations are seeing the impact of data privacy laws on their businesses. As recent headlines show, fines are one possible impact, but they shouldn't be the only impetus to review privacy compliance and run through incident response plans.  "It really comes down to a matter of trust," says Monica Dubeau, privacy program director for IBM Security. "You need your clients to trust you. You want your clients to trust you. And your clients expect you to take care of their data and to make sure it's protected." Dubeau joins the podcast for a discussion about how GDPR has changed the way organizations are required to respond to data breaches, steps to building out a documented incident response plan, and the importance of continued cybersecurity education for consumers. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
July 23, 2019
On average, according to the 2019 Cost of a Data Breach Report, it takes 279 days to contain a data breach, up from 266 days last year. "I think it's true we're getting better identifying data breaches," says Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. However, at the same time as organizations improve their security postures, cybercriminals are becoming stealthier.  While factors such as a lack of preparedness or third-party risk can amplify the cost of a data breach, the good news is that, according to the findings in this year's report, incident response strategy, encryption technology, and other factors can mitigate the financial impact of a breach. In fact, the combination of having an incident response team and testing that plan can save $1.2 million for a business. Dr. Ponemon returns to the podcast to discuss the lifecycle of a data breach, variations by industry and region, and why organizations are increasingly sensitive to privacy and data protection. For more security stories, visit or follow IBM Security on Twitter and LinkedIn. Explore the 2019 Cost of a Data Breach Report at
July 16, 2019
"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep pace with your security operations center (SOC)?    Bickerstaffe and Jamie Cowper, Product Marketing Manager at IBM Security, join the podcast for a discussion about building and enhancing a SOC, or "the eyes and ears of an organization." They cover business drivers for improving a SOC; perspectives on internal, external, and hybrid models; and the five core capabilities of a SOC. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
June 25, 2019
"We, as CISOs, and as risk management practitioners, and as risk executives, have to be aware that a risk rating vendor isn't the entire answer to our risk posture," says Shamla Naidoo, a Managing Partner at IBM Security who was most recently the global CISO for IBM. "It is a part of the answer, not the entire answer."  Naidoo joins David to discuss taking a 360 degree view of third party risk. They explore why risk rating reports are the beginning of risk management but not the end; why trust and transparency is critical in relationships among all parties; and the value in taking an objective approach to testing risk postures.  For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
June 18, 2019
"Open source is increasingly being acknowledged as an indispensable means for promoting and driving innovation," says Rami Elron, Senior Director of Product Management at WhiteSource. But at the same time, there's been a proliferation in open source security vulnerabilities.  Elron attributes the phenomenon to both increased adoption of open source and increased attention following publicized data breaches. He joins David to discuss the challenges in prioritizing open source vulnerabilities, the importance of agile DevSecOps practices, and approaches to dealing effectively with the growing number of open source security vulnerabilities. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
June 11, 2019
"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a problem." Lateral movement is one way threat actors escalate annoyances into problems. "Lateral movement consists of a series of techniques that enable an adversary to access and control remote systems in a network," Joey Victorino, a consultant for IBM X-Force IRIS, explains. In some cases, all it takes is four seconds for an adversary to pivot across a network. Charles and Joey join Pam to discuss the implications of lateral movement becoming more automated for threat actors; the potential business impact of lateral movement; how to limit the success of a threat actor in an environment; and how security precautions such as multifactor authentication (MFA) can mitigate the impact of lateral movement. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
May 28, 2019
Sunscreen? Check. Boarding pass? Got it. The resolve not to connect to the airport WiFi? Getting there.   This summer, add cyber hygiene best practices to your travel checklist. Caleb Barlow, Vice President of X-Force Threat Intelligence for IBM Security, shares insights on travel and transportation industry security. Caleb explains why the transportation industry is a target for attackers and how individual travelers can protect their personal information. Pam and David discuss the tension between convenience and security while traveling and offer more tips for traveling securely. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
May 14, 2019
With thirty years of experience in the military, JC Vega now shares his experiences as a "gray beard" in the role of a cyber range coach. When asked about transitioning from the military to cybersecurity, JC offers advice that applies across fields: consider a path that lets you prioritize quality of life, career advancement, and job satisfaction however best suits your personal goals. JC explains why military veterans possess innate security training, shares lessons learned from participants in the cyber range, and suggests resources for embarking on a career in cybersecurity (including getting interested in the field through science fiction — live long and prosper). For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
May 7, 2019
Conversations about operational technology (OT) security have been bubbling up more and more, and justifiably so. The term may not be as well known as it should be — or even entirely settled upon yet — but the consequences of risk in operational technology environments impact our daily lives. As Rob Dyson, OT Security Services Leader for IBM Security, explains, "These are environments that produce things that keep our economies going every day, whether it's our electricity, water or manufacturing of oil and gas or other devices." Dyson, along with Anshul Garg, Product Marketing Manager for IBM Security, join Pam to discuss how digital transformation in industrial environments has revealed the need for OT security, the environmental and safety risks inherent in these environments, and why industrial organizations need to develop OT-specific incident response plans. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
April 30, 2019
Data encryption can feel like the enterprise version of a kid's least favorite chore: cleaning their room. "One of the biggest challenges," says Stephanie Balaouras, "is just the inertia against getting started." Considering the ways in which a holistic encryption strategy can reduce security and privacy concerns, breaking through the inertia is worth it. Balaouras, Research Director at Forrester Research, joins Pam and David for a conversation on how to get started on your data encryption strategy; why the cloud is a major use case for encryption; and why the savviest companies prioritize data privacy not only for compliance, but with customers' best interests in mind. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
April 23, 2019
What does it take to be cyber resilient? In the words of Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, a cyber resilient enterprise is "one that can prevent, detect, contain, and recover from a myriad of serious threats against data applications and IT infrastructure." Dr. Ponemon joins co-hosts Pam Cobb and David Moulton to discuss findings of the 2019 Study on the Cyber Resilient Organization. He explains why Germany stands out as a case study for cyber resilience and how automation and support from senior-level executives go hand-in-hand with high performance. Plus, our hosts get into the ins and outs of sports ball (as it relates to cybersecurity, naturally). For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
April 16, 2019
Just as physical training improves strength and health, cyber fitness training keeps security professionals in shape to handle a breach at a moment's notice—prepared to duck "that virtual cyber punch in the face."  Caleb Barlow, Vice President of IBM Security's X-Force Threat Intelligence group, discusses the importance of going beyond tabletop exercises when training teams to respond to breaches: "The more we can immerse people into what that's going to look like, the better we can train them to be resilient during that event." Barlow explains the importance of building incident response muscle memory, what we can learn from observing professionals with a military or EMS background in a cyber range environment, and responding to the ever-evolving attack surface.   For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
April 9, 2019
When you think of identity and access management (IAM), what comes to mind? For guest Bert Vanspauwen, it's the metaphor of a bar. Before ordering a drink, you need to prove to the bartender that you're of age. Rarely do you see someone walk up to the bar with their driver's license, social security, and passport in hand—why give your full identity when the only thing between you and a drink is your age?  In his experience working with a European team of IAM experts at IBM Security, Bert sees questions around distributed identity arising in tandem with digital transformation: "[The problem is] how can you as an identity stay in control of your data and only share the relevant pieces with the different service providers that you interact with." Bert joined co-hosts Pam Cobb and David Moulton to talk about addressing IAM challenges, the benefit of re-evaluating strategy around legacy identity programs and the cloud, and the impact on users and business goals. Pam and David wrap up the episode with their impressions of the temperature of the cybersecurity landscape after attending the industry conference RSA. For more security stories, visit or follow IBM Security on Twitter and LinkedIn.
January 10, 2019
Accelerating growth without sacrificing security — this may be the holy grail of digital transformation. Jason Keenaghan, director of offering management for IBM's identity and access management (IAM) and fraud portfolio, joins this episode of our digital identity trust series to discuss how organizations can effectively identify and authenticate end users without introducing extra complexity or friction. Listen to the complete series at and learn more about IBM Trusteer at We also invite you to play our online game at
January 8, 2019
Do you have concerns about election security or other issues of national cybersecurity? If so, don't miss this episode, in which former National Security Agency (NSA) Deputy Director Bill Crowell shares his insights and expertise. Listen in for a conversation in which we tackle critical questions around national cybersecurity, emerging enterprise threats, and strategies for organizations to improve their security outlook. To learn more about the benefits of encryption, read the IBM white paper, “Guard Your Organization’s Data With Intelligent IBM Encryption” at
December 27, 2018
As we prepare to enter 2019, are passwords on their way to obsolescence? Dustin Heywood, a.k.a. Evil Mog, says no. Heywood brings his expertise as a penetration tester and password cracker to this episode of the X-Force Red in Action series []. Listen in for valuable tips on how to improve password security in your organization.
December 20, 2018
Artificial intelligence (AI) has been making headlines for several years now, but what's the story behind the hype? And what opportunities and risks does AI present for the security industry in particular? In this episode we're demystifying AI in cybersecurity with the help of three IBM experts: Carma Austin, Worldwide Sales Leader, Security Intelligence SaaS; Doug Lhotka, Executive CyberSecurity Architect, CISSP-ISSAP; and Jeff Crume, IT Security Architect, Distinguished Engineer and IBM Master Inventor. Listen now, and visit to learn more about QRadar Advisor with Watson.
December 18, 2018
What cybercrime threats dominated 2018, and how can we be better prepared to protect our critical data, empower digital transformation and drive stronger business outcomes in 2019? These are the questions that IBM Security Global Executive Security Advisor Limor Kessem [] answers in our 2018 cybersecurity wrap-up episode. To learn more about how to accelerate growth and digital adoption with seamless identity trust, visit
December 13, 2018
Meet Kat Tasiopoulou. For the past year, Kat has worked on the IBM X-Force Incident Response and Intelligence Services (IRIS) team as a client engagement lead, helping clients train and prepare for proactive incident response. In this episode, Kat discusses her multifaceted X-Force IRIS role, shares how it felt to win the British Computer Society (BCS) 2018 'Young IT Professional of the Year' award, and makes predictions for the future of incident response. To learn more about X-Force IRIS, visit and watch the on-demand webinar, "5 Ways X-Force IRIS Can Help You Manage Your Incident Response Strategy" at
December 11, 2018
Telecom and media entertainment enterprises serve millions of customers and handle massive volumes of sensitive data. Unsurprisingly, these industries also face unique cybersecurity challenges. Klint Borozan, IBM worldwide security industry leader, joins this episode for a look at how telecom and media companies are handling growing security concerns while managing complex infrastructure, safeguarding valuable data and improving information security policies. Find more industry-focused podcasts at And to discover how IBM Security provides fast, integrated and efficient solutions for your industry, visit
December 6, 2018
Worried about phishing attacks this holiday season? Senior security consultant Chris Sethi joins this episode of our ongoing X-Force Red in Action series [] to discuss how companies like yours can promote phishing awareness to limit overall risk and protect critical data and assets. For more information on X-Force Red, visit, and check regularly for new X-Force Red in Action podcast episodes.
December 4, 2018
How can enterprises deliver the frictionless experience customers demand without compromising security? This is one of the critical questions IBM Trusteer sales leader Shaked Vax takes on in part 2 of our digital identity trust podcast series (find the rest of the series at Listen in to learn how your organization can establish the foundation it needs to create effective threat prevention logic without under- or overburdening users along their digital experience journeys. Stay tuned for the concluding episode of this series, and in the meantime learn more about IBM Trusteer [] and discover if you have what it takes to become a Trusteer digital trust authority operative by playing our online game:
November 27, 2018
If you're seeking an in-depth look into data discovery, classification and the future of corporate big data strategies, don't miss this podcast episode featuring Forrester data analyst Heidi Shey. Listen now, and read the complete Forrester report, "Rethinking Data Discovery & Classification Strategies" [] to learn even more.
November 20, 2018
Cyberattacks can happen anywhere and at any time. IBM Security recently made a giant leap toward leveling the playing field with its new Cyber Tactical Operations Center (C-TOC), a fully mobile cyberthreat training simulator modeled after the tactical and incident command centers used by the military and first responders. In this episode, IBM X-Force Threat Intelligence Global Partner and Director Wendi Whitmore details the critical roles of the C-TOC and IBM X-Force Incident Response and Intelligence Services (IRIS) in helping companies improve incident response and remediation. To learn more about how the X-Force C-TOC is putting cybercrime on the road to ruin, visit
November 15, 2018
We all know that retail cyberattacks increase during the holiday season. So, how can companies keep e-commerce sites secure over the holidays and into the new year? In this episode of the podcast, we examine the current state of retail cybersecurity and review some best practices for the holiday season with the help of retail security expert Justin Ball, . Find more industry-focused podcasts at And to discover how IBM Security provides fast, integrated and efficient solutions for your industry, visit
November 1, 2018
Is your organization struggling with the paradox of open source? Open source vulnerabilities are gaining publicity, data breaches are on the rise, and data privacy is paramount. And yet, at the same time, open source accelerates productivity in a way that's impossible with proprietary software. Rami Elron, senior director of product management at WhiteSource, and David Marshak, senior offering manager for application security at IBM Security, discuss this paradox in today’s podcast. Listen in to hear their take on the future of open source and discover why companies need to embrace new strategies to ensure open source security. To learn more, check out the “State of Open Source Vulnerabilities Management” infographic [] and watch the on-demand webinar, “Know What You Don’t Know: Gain Visibility Into Your Open Source Risk” [].
October 30, 2018
With data volumes skyrocketing and scanning solutions reporting thousands or even millions of potential vulnerabilities, how can organizations identify high-priority threats and reduce total risk? Krissy Safi joins this episode of our ongoing X-Force Red in Action series [] to discuss the growing challenges of vulnerability management, the benefits of a risk-based approach, and how X-Force Red can help enterprises prioritize threats and reduce of impact of attacks. To learn more, read the recent Gartner report, “Implement a Risk-Based Approach to Vulnerability Management” [].
October 25, 2018
Implementing industrial Internet of Things (IIoT) devices can help improve efficiency and boost worker safety, but – no big surprise – it also comes with potential cybersecurity challenges. Yet prior to the release of a new IBM Institute for Business Value (IBV) study, specific data on IIoT security was conspicuously absent. In this podcast, three experts from the IBM IBV discuss the growing cybersecurity impact of IIoT adoption and the findings of their two new reports, "Automotive Industrial Internet of Things: Quick to Implement, Slow to Secure" [] and "Industrial Internet of Things Cybersecurity: As Strong as Its Weakest Link” []. Listen now, and download the reports to learn more.
October 18, 2018
Identity and access management (IAM) is now a fundamental part of any cybersecurity program, and yet two-thirds of organizations don't have an IAM solution that secures business assets, supports digital transformation and enables digital trust. In this episode of the podcast, IAM experts Dustin Hoff and Bert Vanspauwen discuss the state of the industry and look at why design thinking is critical to delivering value-driven IAM. Visit to learn more about identity and access management.
October 11, 2018
Forrester analyst and unified endpoint management (UEM) expert Andrew Hewitt joins today’s podcast to share his insights on the current state of endpoint management and its future in the enterprise. Listen now to better understand the evolution of endpoint management and what’s driving the present uptick in adoption of UEM solutions. You’ll also get a glimpse into the months and years ahead with Hewitt’s predictions of which devices will next be integrated into UEM. To learn more, visit and download the 2018 Gartner Magic Quadrant for for UEM Tools:
October 9, 2018
The push for digital transformation has shifted the way many organizations are approaching cybersecurity fraud. Companies today must balance the need for fraud and risk reduction against evolving customer expectations and the functionality of always-connected apps and services. In this podcast, IBM’s Rob Rendell draws on his many years of experience in fraud prevention to share valuable advice for companies looking to build digital identity trust and embrace digital transformation. Stay tuned for additional episodes of this “Digital Identity Trust” series, and in the meantime learn more about IBM Trusteer [] and discover if you have what it takes to become a Trusteer digital trust authority operative by playing our online game:
October 2, 2018
What's even scarier than Halloween? The vast array of cyberthreats facing organizations today. October is National Cybersecurity Awareness Month (NCSAM) in the United States, and who better to speak about securing end-user devices than X-Force Red's very own Space Rogue? In this edition of the X-Force Red in Action podcast series, he outlines must-have security basics and offers best practices for protecting connected devices and managing small business risk. Listen now to discover the 3 "p"s of online safety (hint: the first is passwords), and learn how to practice cybersecurity awareness all year long. For more information on X-Force Red, visit, and visit regularly throughout October for more special NCSAM tips and content.
September 27, 2018
Fifty-four percent of organizations today still use paper- or Excel-based processes to manage credentials. This remarkable statistic reveals that privileged access management (PAM) remains a significant challenge. The good news is Dustin Hoff and Bert Vanspauwen of IBM Security are here to break down the problem of privileged access security gaps and to introduce IBM's new privileged access management-as-a-service (PAMaaS)offering. To learn more, read the blog, "Protect Your ‘Matrix’ With Strong Privileged Access Management" at and register for the Oct. 1 6 webinar, "Privileged Account Attacks – Are You Ready?" at
September 25, 2018
For federal agencies, every cyberthreat is credible — and improving data security must therefore be a top priority. In this edition of our industry podcast series, Ian Doyle, business unit executive for cybersecurity strategy and growth initiatives at IBM, joins host Bill Venteicher to break down the challenges policy makers and decision makers are facing in federal cybersecurity. Find more industry-focused podcasts at And to discover how IBM Security provides fast, integrated and efficient solutions for your industry, visit
September 20, 2018
Rhonda Childress has earned more than her share of "firsts" over her 25 year IBM career: She was the first woman in IBM Security to become an IBM Fellow as well as the first woman in IBM Services to be named an IBM Master Inventor. Rhonda is a force to be reckoned with, and these day she's using her influence to help inspire the next generation of women in the security industry. Today, she joins the podcast to share her story and remind us all of a simple but inconvenient fact: growth and comfort cannot coexist. To read about more remarkable security professionals like Rhonda, view the entire Voices of Security series at
September 13, 2018
When a cyber crisis hits, your communication strategy can make or break your company's fate. Loren Dealy Mahler, president and founder of Dealy Mahler Strategies, returns to the podcast today to share more of her crisis communications expertise. The topic this time around is stakeholder analysis. In the wake of a data breach or other security incident, who needs to know? What do they need to know? When? And how? The list of questions goes on, but fortunately Loren and IBM Security's Mitch Mayne also have the questions. For more valuable insights from Loren Dealy Mahler, visit the Communications War Room at
September 6, 2018
Have you ever wanted to be a supervillain? When X-Force Red research baron Daniel Crowley and his team set out test a variety of smart city devices, their explicit goal was to discover what types of “supervillain-level” attacks might actually be possible. Fresh from a standout presentation at Black Hat, Crowley joins the podcast today to discuss the results of his research (spoiler: they found more than a dozen vulnerabilities!) and offer recommendations for both manufacturers and users of smart city and other IoT devices. To read the complete X-Force Red white paper on the dangers of smart city hacking, visit To learn more about X-Force Red Labs, visit
August 30, 2018
Healthcare organizations reported more cyberthreats in the second quarter of 2018 than in the first, and July 2018 may be the worst month on record for the industry. Jennifer Kady, IBM's director of security solutions specializing in healthcare, has spent years working with chief medical and healthcare security officers and has a deep knowledge of industry concerns. In this episode, she identifies 3 key security trends for healthcare enterprises and offers actionable recommendations for improving the healthcare security landscape. To learn more about how IBM Security provides fast, integrated and efficient solutions for your industry, visit To learn about IBM X-Force Incident Response and Intelligence Services (IRIS), visit
August 20, 2018
With ATM fraud dominating the headlines, David "VideoMan" Bryan — X-Force Red global leader of technology — joins the podcast to talk about the need for improved ATM security and how his team is prepared to help. To learn more about ATM security and the brand new X-Force Red ATM testing practice, visit, and make sure to listen to all the past episodes of X-Force Red in Action at
August 16, 2018
"Do you know who Tony Stark is? Do you know who Iron Man is? Would you be interested in having a Tony Stark-like experience with your computer?" These are the questions that led IBM Master Inventor Mike Spisak – and his 11 year old son Evan – to begin the development of Havyn, a voice-enabled digital assistant for cybersecurity analysts that uses Watson technology. But Mike’s many professional achievements are not the subject of this podcast. Instead, he and Heather Ricciuto, academic outreach leader at IBM Security, have a spirited conversation about their joint passion for cybersecurity education and share ideas for “hacking” the skills and diversity gaps that exist within the cybersecurity field. To meet more IBM Security team members who are working alongside Mike and Heather to make the world more cyber secure, follow our ongoing “Voices of Security” series on
August 7, 2018
As Black Hat heats up in Las Vegas, Nick Rossmann and Jordan Rogers of IBM X-Force Incident Response and Intelligence Services (IRIS) join the podcast to discuss the hottest threats in today's security landscape and the critical advantage of intelligent incident response. To learn more, register for the webinar, "5 Ways X-Force IRIS Can Help You Manage Your Incident Response Strategy" [] and visit the X-Force IRIS homepage:
August 6, 2018
"Hacking anything to secure everything." X-Force Red is rolling out its new mission statement just in time for Black Hat. Global partner and team lead Charles Henderson joins the podcast live from Las Vegas for a special conversation about the team's plans for Black Hat and DEF CON this week — and to make a couple announcements you won't want to miss. Listen now to learn about the latest steps IBM X-Force Red is taking to secure the world's IoT, IIoT and OT devices from development to launch and beyond. Read more at
August 2, 2018
Bubonic plague, influenza… spear phishing? In today’s episode, cyber risk strategist Chris "Dr. InfoSec" Veltsos and cybersecurity expert and attorney Paul Ferrillo return to the podcast to discuss whether spear phishing has reached epidemic proportions. They also tackle the importance of identity access management (IAM) solutions and the benefits of user behavior analytics (UBA). To learn more, check out the blog, “Identity is the New Perimeter” [] and read about IBM QRadar User Behavior Analytics [].
July 31, 2018
Be honest. After listening the first few episodes of the X-Force Red in Action series, are you wondering what it would be like to join the team? If so, you're not alone — and you're also in luck! Today, host Anshul Garg goes behind the scenes with 4 of X-Force Red's 2018 summer interns to discover what it's like working side by side with the industry's top offensive security experts. To learn more about X-Force Red, visit And don't miss the team at Black Hat and DEF CON in early August — here's where you can find us on-site:
July 26, 2018
Threat actors today are finding new ways to exploit industrial control (ICS) and supervisory control and data acquisition (SCADA) systems that often lack robust security controls — and the consequences could be catastrophic. On this episode, Kate Scarcella, executive security architect at IBM, discusses emerging trends and critical next steps to defend energy environments. To learn more about how IBM Security provides fast, integrated and efficient solutions for your industry, visit
July 24, 2018
The 2018 Cost of a Data Breach Study from Ponemon Institute, released earlier this month, breaks down precisely what lost and stolen records could cost companies this year. So, there's no better time to chat with Dr. Larry Ponemon, founder of the Ponemon Institute, about historical highlights of the annual study, how things have changed in the last decade, and what's next for corporate data breaches and cybersecurity overall. To learn more, read the blog [] and download the complete 2018 Cost of a Data Breach Study [].
July 19, 2018
When Space Rogue testified before Congress in 1998 as part of activist group L0pht Heavy Industries, he never expected to work for IBM. And yet, that's just where he finds himself today — and he couldn't be happier. Space Rogue, a.k.a. Cris Thomas, joins the X-Force Red in Action podcast this week to talk about everything from penetration testing to Black Hat 2018 to his extensive sticker collection. To learn more about the team and their adventures in offensive security, visit
July 12, 2018
Forrester analyst Heidi Shey joins IBM Security's Dan Goodes and Ken Brisco for a conversation about the challenges of secure data management. Listen in as Shey and Goodes share their thoughts on how to make data risk management a priority within the C-suite, how to recognize the symptoms of poor data risk management, and how to use data risk management to meet compliance requirements. To learn more, read the complete Forrester report, "Is Your Company In Peril If Critical Data Is Breached?" [] and watch the on-demand webinar featuring Heidi and Dan [].
July 10, 2018
Cyberattack preparation takes center stage on today’s podcast. Listen in as global security intelligence analyst Alexandrea Berninger zooms in on IBM X-Force Incident Response and Intelligence Services' (IRIS) new cyberattack preparation and execution frameworks. To learn more, visit X-Force IRIS homepage [], read the SecurityIntelligence article [] and download the interactive white paper [].
July 5, 2018
Have you ever nearly blown up your home while attempting to hack a smart washing machine? Ivan Reedman, global hardware security and capability development lead at IBM X-Force Red, has — and his wife isn't letting him forget it. In this second episode of the X-Force Red in Action series, Reedman, who’s known as “the Toymaker” among his colleagues, discusses his passion for creating hardware-based tools to compromise physical devices. X-Force Red is an autonomous organization within IBM Security and has a global team of hackers who test everything from applications to airplanes. To learn more, visit
June 28, 2018
Curious about the threats and challenges keeping CISOs up at night? In this podcast, security leaders from a range of IBM business partners, including Cisco Systems, Carbon Black, Fortinet, Palo Alto Networks and VMware, share their thoughts on the evolving role of chief information security officers (CISOs) in meeting the key security challenges of both today and tomorrow. To watch the video, "How Unlikely Pairings Work for Collaborative Defense," visit
June 26, 2018
Do you know a teenager looking for a way to fill his or her time this summer? Pete Herzog, managing director at the Institute for Security and Open Methodologies (ISECOM) and co-founder of Hacker Highschool, recommends a crash course in hacking. In this podcast, Herzog joins IBM’s David Jarvis and Heather Ricciuto to talk about why cybersecurity awareness and hacking skills are critical for today’s youth. To visit the new Hacker Highschool lesson on defensive hacking, developed in coordination with IBM Security, go to
June 21, 2018
Hacking a smart toilet is more than just fun and games. With that pronouncement, we welcome you to the inaugural episode of the X-Force Red in Action podcast series! In this series, IBM Security’s Anshul Garg will talk with the security industry's top penetration testers about the work they're doing and the trends and developments that excite them. In today's episode, Thomas MacKenzie, European associate partner at X-Force Red, looks at the growing impact of Internet of Things (IoT) security. X-Force Red is an autonomous organization within IBM Security and has a global team of hackers who test everything from applications to airplanes. To learn more, visit
June 14, 2018
Financial services remain a top target for cyberattacks as we head into the second half of 2018. While organizations understand the need for better protection, many struggle to articulate ideal spending strategies. In this podcast, Lauren Jensen, host and worldwide industry marketing lead at IBM Security, sits down with Matt Konwiser, first-line manager in the North American financial sector at IBM, to discuss the emerging role of digital trust as the new foundation of financial cybersecurity. To learn more about establishing digital identity assurance, read this recent blog:
June 7, 2018
Could the Girl Scouts' new science, technology, engineering and mathematics (STEM) badge program help stem the information security gap? Listen in as Kymberly Miller, Senior Director of Program at Girl Scouts of Northern California and Jean Fahy, STEM Program Director at Girl Scouts of Northern California, talk with IBM Security's Mitch Mayne and Heather Ricciuto about a new Girl Scouts' program that offers 23 badges for STEM-related activities, including cybersecurity. To make a donation or find volunteer opportunities with Girl Scouts of Northern California, visit And don’t miss your chance to help support programs like the STEM initiative by buying your favorite Girl Scout cookies every February!
May 31, 2018
With overlapping areas of interest, why should IBM Security and Cisco Security collaborate rather than compete? In this podcast, Dov Yoran, senior director of strategy and business development at Cisco Security, talks with IBM Security’s George Mina and Mitch Mayne about the need for strong partnerships in an infosec landscape that’s more complex than ever. Resources: Attend the June 15 Webinar, Cisco Security Integrations with IBM QRadar SIEM & IBM Resilient: Download the Cisco Firepower App: Download the Cisco Identity Services Engine (ISE) pxGrid App: Learn more about Cisco Security and IBM Security integrations:
May 24, 2018
Episode 9 of the "Deciphering Today's Cyber Headlines” series. For past episodes in this series, visit Paul Ferrillo, Chris Veltsos and Mitch Mayne are back, and this time they're offering up a surprising solution to defend against cyberattacks: the organization's entire workforce. And yes, that includes YOU. RESOURCES: Listen to the “Five Data Types to Consider When Conducting a Risk Assessment” podcast: Listen to the “Social Engineering 101: How to Hack a Human” podcast: Listen to the complete "Deciphering Today's Cyber Headlines" podcast series:
May 17, 2018
With mere days left until GDPR (General Data Protection Regulation) comes into force, now is the perfect time to revisit our December 2017 podcast on data encryption. Whether you’re working toward GDPR compliance, considering cloud migration or just looking for best practices to get encryption right, take 16 minutes and listen to this podcast with special guest Chase Cunningham, Principal Analyst Serving Security and Risk Professionals at Forrester Research. To learn more, read the white paper, "Guard Your Organization’s Data with Intelligent IBM Encryption" [].
May 10, 2018
Whether a company is deploying to a public, private, hybrid or even multi-cloud scenario, one of the most common concerns is protecting the sensitive or business critical data that resides there. In this podcast, IBM Security Data Security Product Marketing Manager Grace Murphy speaks with Heidi Shey, Senior Analyst at Forrester Research, about how organizations should face the challenges of cloud transformation in the context of competing priorities. To learn more, read the interactive white paper, "Overcome the Challenges of Protecting Data That is Here, There and Everywhere" [].
May 8, 2018
It’s once again National Teacher Appreciation Week in the United States! In celebration of all our most memorable teachers and mentors, we’re replaying a special podcast from last year. Listen now to hear IBM Security subject matter experts Limor Kessem, Pam Cobb and Neil Jones reflect on the teachers who shaped their young minds or guided them on the path to their current careers. Visit to read the latest security content from all the IBM experts.
May 3, 2018
Just 3 weeks remain until the General Data Protection Regulation (GDPR) takes effect. In this week's podcast, IBM experts Cindy Compert and David Jarvis discuss the state of GDPR compliance and offer advice to help organizations use the remaining weeks to prepare most effectively. To learn more, attend the May 22 webinar, "The Transformative Power of GDPR for People and Business." Register now:
April 26, 2018
Does the future of digital trust lie in artificial intelligence (AI)? Join Andras Cser, Vice President, Principal Analyst Serving Security & Risk Professionals at Forrester, to discover how AI is changing the landscape of digital identity. You'll also learn why organizations are relying on identity trust as a the foundation of the digital customer journey and how to stay ahead of evolving fraud attacks. Visit to learn more about detecting digital identity fraud.
April 19, 2018
This podcast was originally broadcast in November 2017. Listen in for great threat hunting insights from Bob Stasio, program director of cyber threat hunting and analysis at IBM Security and special guest Dr. Eric Cole, founder of Secure Anchor Consulting. To learn more, read Eric's Security Intelligence blog series on threat hunting [] and follow both Bob [] and Eric [] on Twitter.
April 12, 2018
In this podcast, IBM Senior Security Architect Joe Gray outlines the basics of social engineering, including what it is, why it can be so dangerous and what companies can do protect themselves, their employees and their assets. Listen now for a firsthand account of Joe's vast experience with Open Source Intelligence (OSINT) collection and social engineering. For more from Joe, attend his RSA Conference session, "Compromising a Fortune 500 Business without Hacking a Thing!" at 9:15 a.m. on April 19 [] or visit his website, Advanced Persistent Security [].
April 3, 2018
IBM's recently released "Future of Identity Study" reveals global and generational preferences on authentication. Among the study's many interesting findings, it was discovered that consumers of different generations have different preferences on authentication and take substantially different approaches to cybersecurity overall. IBM Security's Dillon Townsel recently interviewed Payton, a 24 year-old community manager, and Susan, a 68 year-old grandmother and retired schoolteacher about their online preferences. Listen now to discover if Payton and Susan are representative of their respective generations, or if they break the mold. For more content from the "Future of Identity" series, visit To read the complete report, visit
March 27, 2018
In the world of cybersecurity, collaboration is much more than a buzzword. In this podcast, Mitch Mayne, Public Information Officer for IBM X-Force Exchange, talks with George Mina, Program Director of IBM Security Strategic Alliances, about the importance of collaboration among different security products and even between different security vendors. To learn more about collaborative defense in depth, read this recent blog: To view the IBM Security App Exchange, visit, and to download the QRadar App for Cisco Firepower mentioned by George, visit Additional podcasts in this series on collaboration will follow in the weeks and months ahead, so stay tuned!
March 20, 2018
When it comes to cybersecurity, there's no such thing as a simple project. There's also no "one size fits all" approach. In this podcast, IBM Security consultants Katrina Avila and Vanja Kulic address these challenges head-on and offer actionable tips for keeping your cybersecurity project on track. To learn more, visit or listen to our 6-part podcast series, "A CISO’s Guide to Obtaining Budget" [].
March 13, 2018
IBM Think 2018 kicks off in Las Vegas on March 19 — less than a week from now. In this short podcast, Eric Cole [] and Shira Rubinoff [] discuss why they’re excited to attend Think, what sessions they’re most looking forward to and what hot trends and topics they expect to dominate the conversation. For more Think content, visit or register to attend at and save $300 with promo code TK18SECCOM.
March 6, 2018
As we approach International Women’s Day on March 8, Bridgette Pepper joins IBM Security Academic Outreach Leader Heather Ricciuto to discuss her unexpected entrance into the cybersecurity field and her experience first as an IBM intern and now as a full-time team member. Bridgette’s passion for both security and for bringing greater gender diversity to the industry shine through her story and offer inspiration to other girls and women interested in pursuing security careers. To hear more from the women of IBM Security, register for the webinar, "Top Women Leaders in IBM Share Cybersecurity Trends and Why the Future for Women in Security is Now" []. And if are you are attending the Fifth Annual Women in Cybersecurity conference in Chicago later this month, be sure to look for both Bridgette and Heather at the IBM Security booth.
February 27, 2018
In order to better understand the latest trends in consumer identity protection, IBM Security recently commissioned a global research study to learn more about consumers' views on passwords, biometrics and multifactor authentication. In this podcast, Trilochan Sehgal, IBM Security's APAC Segment Leader for Identity and Access Management, discusses the survey's results and what these findings mean for both consumers and enterprises in the Asia-Pacific region and beyond. Download the complete "Future of Identity" Study []. and for additional insights read the accompanying blog series:
February 20, 2018
Following the enthusiastic response to their "Get Smarter About Disaster Response — Five Resolutions For 2018" [], Mitch Mayne and Loren Dealy Mahler are back to take a more in-depth look at the first resolution on their list: conducting a risk assessment. Listen now to learn about the five distinct data types your enterprise may hold or interact with and why performing an effective risk assessment means widening your lens to view how a data breach might affect your organization's reputation and business processes as well as its security posture. For more insights from Loren, visit the Communications War Room [] and to hear more from Mitch, subscribe to the Security Intelligence podcast [] and never miss an episode.
February 15, 2018
If you're looking to bring greater awareness to data risk management practices within your organization and among your C-suite, don't miss this podcast, moderated by Paula Musich, of Enterprise Management Associates, and featuring Dan Goodes and Nev Zunic, both of IBM Security. To learn more about data risk management, read Paula’s 3 part blog series, What Data Risk Management Means for the Enterprise in 2018:
February 8, 2018
Heather Ricciuto, Academic Outreach Leader at IBM Security, joins the podcast today to discuss why women are vastly underrepresented in the cybersecurity industry. She also shares examples of the programs and initiatives IBM runs and supports to help close the gender gap. To apply for the Women in Cybersecurity Seminar for College Women, taking place Feb. 15 in Dallas, TX, please send your resume and a cover letter to Heather at To learn more about the 5th annual Women in Cybersecurity (WiCys) Conference, happening March 23-24 in Chicago and sponsored by IBM, please visit And to read the article “5 reasons why having women in leadership benefits your entire company,” visit
February 1, 2018
Beginning on Feb. 22 of this year, new data breach and response amendments to the Australia Privacy Act will impact thousands of organizations in Australia and around the world. In this podcast, Chris Hockings, Chief Technology Officer and Master Inventor for IBM Security Australia New Zealand, talks about the implications of the changes to the Privacy Act in Australia, how organizations can prepare, and what steps they can take to build a best practice incident response plan. To learn more about the Privacy Act in Australia and to book a complimentary review workshop, visit We also invite you to read Ponemon Institute’s 2017 Cost of Data Breach Study — Australia:
January 30, 2018
Episode 8 of the monthly "Deciphering Today's Cyber Headlines with Mitch Mayne, Paul Ferrillo and Chris Veltsos" series. Just in time for the US president's annual State of the Union address, Paul and Chris are back to deliver a cybersecurity state of the union. Listen now to discover why Paul is pessimistic, why Chis is optimistic, and what two pieces of advice they'd each give C-level executives planning for 2018. RESOURCES: Read Chris' blog on NACD’s 2018 Governance Outlook: Read Chris' blog on the WEF's 2018 Global Risks Report: Download the CyberAvengers' Playbook: Listen to other episodes in the "Deciphering Today's Cyber Headlines" podcast series:
January 23, 2018
Is your enterprise falling victim to one of the top data security mistakes? In this podcast Rob Westervelt, Research Manager within IDC’s Security Products group [], talks with IBM Security’s Leslie Wiggins about trends in data security, the biggest mistakes today’s organizations are making and, perhaps most importantly, how to avoid common data security pitfalls. To learn more, read the recent blog, "Five Epic Fails in Data Security: Do You Know How to Avoid Them?" []
January 16, 2018
Think, IBM’s new premier conference, will take place March 19-22 in Las Vegas, NV. In this podcast, Mitch Mayne and Pam Cobb discuss how Think differs from previous IBM events and preview what participants can expect to experience (innovation speakers, client stories, demos, technical deep dives, guided and open labs, user groups) and achieve (product certifications and more). Read Pam's blog [] for even more event details, and don't forget to register to attend [].
January 9, 2018
In our first podcast of 2018, IBM X-Force Exchange Public Information Officer and frequent host Mitch Mayne talks with Loren Dealy Mahler, president and founder of Dealy Mahler Strategies [], about the one thing that always seems to go wrong during a data breach: Communications. Listen now to their list of five New Year's resolutions that C-level executives should embrace in order to improve their incident response strategies in 2018. To read more from Loren, visit To learn more about the IBM X-Force Command Center and cyber range, visit
December 14, 2017
Wondering what lies ahead for cybersecurity in 2018? In this podcast Caleb Barlow, VP of Threat Intelligence at IBM Security, discusses the top 5 security predictions that emerged from a recent poll of the IBM X-Force experts. The list includes AI vs. AI battles and a new plague of ransomware, but you'll have to tune in to hear the rest. Listen now and leave a comment letting us know which predictions you agree with and what additional trends you expect to see in the new year. And if you're interested in emerging threats, bookmark the IBM X-Force Security Research homepage [] for all the latest reports and thought leadership.
December 12, 2017
Data encryption does not need to be difficult, but there's admittedly more to it than just turning on the encryption faucet. If you’re working toward GDPR readiness, considering cloud migration or just looking for best practices to get encryption right, take 13 minutes and listen to this podcast with special guest Chase Cunningham, Principal Analyst Serving Security and Risk Professionals at Forrester Research. To learn more, read the white paper, "Guard Your Organization’s Data with Intelligent IBM Encryption" [].
December 7, 2017
In episode 9, Paul Ferrillo and Chris Veltsos conclude the “Take Back Control of Your Cybersecurity Now” podcast series with predictions about the future of cybersecurity. In addition to returning to some of their favorite subjects, such as cognitive computing and the NIST Cybersecurity Framework, they also share their thoughts on cloud security and the Internet of Things (IoT). For more insights from Paul and Chris, listen to their ongoing follow-up podcast series, “Deciphering the Cyber Headlines” []. You can also buy their book [] as a perfect holiday gift for your favorite security practitioner.
December 6, 2017
In episode 8 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos talk metrics and reporting. Listen now to learn how to translate numbers into meaningful cyber risks that boards of directors will understand and feel confident to act on. Come back tomorrow for the final episode in this 9-part series, and find Paul and Chris’ book at You can also re-listen or find any episodes you missed at
December 5, 2017
In episode 7 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos emphasize the importance of incident response. The goal of cybersecurity was once to build enough walls to keep out attackers, but in more recent years the focus has shifted to detecting bad guys already inside the network. This change has elevated the status of incident response teams and crisis management planning. Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at To learn more about the IBM X-Force Command Center, visit
December 4, 2017
In episode 6 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos offer recommendations for organizations looking to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at To learn more about the NIST CSF and its five phases, visit
December 1, 2017
In episode 5 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos discuss why Watson for Cyber Security, with its ability to ingest and understand both structured and unstructured data, is a game changer in the fight against cybercrime. Come back next week for more episodes in this 9-part series, and find Paul and Chris’ book at To read the IBM report on cybersecurity in the cognitive era mentioned during the episode, visit and to learn more about Watson for Cyber Security, visit
November 30, 2017
In episode 4 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos give substance to buzzwords like artificial intelligence and machine learning and explain why cognitive solutions are a necessity in today's threat landscape. Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at To read the Forbes article mentioned during the podcast, visit And to read Chris' 3-part blog series, "Getting Primed for the Cognitive Security Revolution," visit
November 29, 2017
In episode 3 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos discuss how CISOs can be most effective in their internal communications with other C-suite members. Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at To read the IBM Institute for Business Value's study on securing the C-Suite, visit
November 28, 2017
In episode 2 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos highlight the role that communication plays in security and offer recommendations for how to bridge the communications gap that too often exists between CISOs and boards of directors. Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at
November 27, 2017
In episode 1 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos share examples of today’s perilous threat landscape and build a case for why cybersecurity must be a key business priority. Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ complete book at
Loading earlier episodes...
      0:00:00 / 0:00:00