Cover image of Security Intelligence Podcast
(28)
Technology

Security Intelligence Podcast

Updated 3 days ago

Technology
Read more

Welcome to the Security Intelligence Podcast, where we discuss cyber security industry analysis, tips and success stories. Join co-hosts Pam Cobb and David Moulton, security thought leaders and industry professionals as they discuss their experiences and expertise on the latest trends and developments in enterprise security. For even more security content, visit https://securityintelligence.com.095940

Read more

Welcome to the Security Intelligence Podcast, where we discuss cyber security industry analysis, tips and success stories. Join co-hosts Pam Cobb and David Moulton, security thought leaders and industry professionals as they discuss their experiences and expertise on the latest trends and developments in enterprise security. For even more security content, visit https://securityintelligence.com.095940

iTunes Ratings

28 Ratings
Average Ratings
22
3
1
2
0

Love the show

By mrdavidrmoulton - Dec 02 2019
Read more
Covers topics from the Security Industry, with interesting guests.

Great Cyber Security Podcast

By Jeremy02127 - Jan 18 2018
Read more
Great one stop shop for everything cyber security

iTunes Ratings

28 Ratings
Average Ratings
22
3
1
2
0

Love the show

By mrdavidrmoulton - Dec 02 2019
Read more
Covers topics from the Security Industry, with interesting guests.

Great Cyber Security Podcast

By Jeremy02127 - Jan 18 2018
Read more
Great one stop shop for everything cyber security
Cover image of Security Intelligence Podcast

Security Intelligence Podcast

Latest release on Jan 28, 2020

Read more

Welcome to the Security Intelligence Podcast, where we discuss cyber security industry analysis, tips and success stories. Join co-hosts Pam Cobb and David Moulton, security thought leaders and industry professionals as they discuss their experiences and expertise on the latest trends and developments in enterprise security. For even more security content, visit https://securityintelligence.com.095940

Rank #1: Talking Offensive Security With Space Rogue Of X-Force Red

Podcast cover
Read more
Cris Thomas, better known within the security community as Space Rogue, joined IBM X-Force Red as global strategy lead earlier this summer. In this podcast, he reflects on how his career has evolved over the past two decades and how events like Black Hack and DEF CON have also changed over the same period.

To learn more about X-Force Red or to schedule a demo, visit: https://ibm.co/2wxeb56. You can also stay up to date by following Space Rogue on Twitter: http://bit.ly/2wL9AM4

Recommended follow-up podcast: http://bit.ly/2vS2VDw

Aug 10 2017

5mins

Play

Rank #2: New Year, New Threats: 5 Security Predictions That Will Take Hold in 2018

Podcast cover
Read more
Wondering what lies ahead for cybersecurity in 2018? In this podcast Caleb Barlow, VP of Threat Intelligence at IBM Security, discusses the top 5 security predictions that emerged from a recent poll of the IBM X-Force experts.

The list includes AI vs. AI battles and a new plague of ransomware, but you'll have to tune in to hear the rest.

Listen now and leave a comment letting us know which predictions you agree with and what additional trends you expect to see in the new year. And if you're interested in emerging threats, bookmark the IBM X-Force Security Research homepage [https://ibm.co/2iZOiFw] for all the latest reports and thought leadership.

Dec 14 2017

16mins

Play

Rank #3: DTCH 009: What's The Best Defense Against Cyberattacks? You Are

Podcast cover
Read more
Episode 9 of the "Deciphering Today's Cyber Headlines” series. For past episodes in this series, visit https://ibm.co/2rZ6gzt.

Paul Ferrillo, Chris Veltsos and Mitch Mayne are back, and this time they're offering up a surprising solution to defend against cyberattacks: the organization's entire workforce. And yes, that includes YOU.

RESOURCES:
Listen to the “Five Data Types to Consider When Conducting a Risk Assessment” podcast: https://ibm.co/2C6T93v.
Listen to the “Social Engineering 101: How to Hack a Human” podcast: https://ibm.co/2J1Kwu1.
Listen to the complete "Deciphering Today's Cyber Headlines" podcast series: https://ibm.co/2rZ6gzt.

May 24 2018

17mins

Play

Rank #4: [Encore] TBC 06: Lessons from the NIST Cybersecurity Framework

Podcast cover
Read more
In episode 6 of the “Take Back Control of Your Cybersecurity Now” podcast series, Paul Ferrillo and Chris Veltsos offer recommendations for organizations looking to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

Come back tomorrow for the next episode in this 9-part series, and find Paul and Chris’ book at http://amzn.to/2xZv2hS. To learn more about the NIST CSF and its five phases, visit bit.ly/2kUpWvo.

Dec 04 2017

16mins

Play

Rank #5: How IBM Master Inventor Mike Spisak is Hacking Cybersecurity Education and the Diversity Gap

Podcast cover
Read more
"Do you know who Tony Stark is? Do you know who Iron Man is? Would you be interested in having a Tony Stark-like experience with your computer?"

These are the questions that led IBM Master Inventor Mike Spisak – and his 11 year old son Evan – to begin the development of Havyn, a voice-enabled digital assistant for cybersecurity analysts that uses Watson technology.

But Mike’s many professional achievements are not the subject of this podcast. Instead, he and Heather Ricciuto, academic outreach leader at IBM Security, have a spirited conversation about their joint passion for cybersecurity education and share ideas for “hacking” the skills and diversity gaps that exist within the cybersecurity field.

To meet more IBM Security team members who are working alongside Mike and Heather to make the world more cyber secure, follow our ongoing “Voices of Security” series on SecurityIntelligence.com: https://ibm.co/2MvwGlu.

Aug 16 2018

21mins

Play

Rank #6: Digital Identity Trust, Part 3: Powering Digital Growth With Digital Identity Trust

Podcast cover
Read more
Accelerating growth without sacrificing security — this may be the holy grail of digital transformation. Jason Keenaghan, director of offering management for IBM's identity and access management (IAM) and fraud portfolio, joins this episode of our digital identity trust series to discuss how organizations can effectively identify and authenticate end users without introducing extra complexity or friction.

Listen to the complete series at ibm.co/2M2Ixol and learn more about IBM Trusteer at ibm.co/2pGNmt2. We also invite you to play our online game at bit.ly/2QDwtuz.

Jan 10 2019

10mins

Play

Rank #7: Calling Both Students and Working Professionals! Consider A Career In Cybersecurity

Podcast cover
Read more
The shortage of trained cybersecurity professionals, also referred to as the cybersecurity skills gap, is a known problem that is only expected to intensify in the years ahead. In addition to posing a risk to the global economy, the skills gap is also a legitimate security threat.

In this podcast, David Jarvis, security and chief information officer (CIO) lead at the IBM Institute for Business Value, talks with Heather Ricciuto, academic outreach leader at IBM Security, and Chris Veltsos, professor in the Department of Computer Information Science at Minnesota State University, Mankato, about how to recruit both students and professionals working in other fields to consider a career in cybersecurity.

To learn more, read the IBV report cited during the podcast: https://ibm.co/2pZmUw4.

Oct 24 2017

20mins

Play

Rank #8: Better Than Mr. Robot: Penetration Testing with X-Force Red

Podcast cover
Read more
In this episode of our ongoing series featuring members of the IBM X-Force Red team, North American Regional Lead Steve Ocepek offers a glimpse into the world of elite penetration testing.

While he can't reveal all the tricks of the trade, Steve does discuss how the X-Force Red brand has grown and evolved over the past year, what makes an ideal candidate to join the team and why X-Force Red takes a collaborative, team-oriented approach to pen testing.

To learn more about X-Force Red or to schedule a demo, visit: https://ibm.co/2wxeb56. You can also stay up to date by following Steve on Twitter: http://bit.ly/2w4Fymv

Sep 19 2017

11mins

Play

Rank #9: Cybersecurity Challenges Facing Telecommunications and Media Entertainment

Podcast cover
Read more
Telecom and media entertainment enterprises serve millions of customers and handle massive volumes of sensitive data. Unsurprisingly, these industries also face unique cybersecurity challenges.

Klint Borozan, IBM worldwide security industry leader, joins this episode for a look at how telecom and media companies are handling growing security concerns while managing complex infrastructure, safeguarding valuable data and improving information security policies.

Find more industry-focused podcasts at ibm.co/2NAY02M. And to discover how IBM Security provides fast, integrated and efficient solutions for your industry, visit ibm.co/2uML2nl.

Dec 11 2018

24mins

Play

Rank #10: Larry Ponemon Goes Behind the Scenes of the 2018 Cost of a Data Breach Study

Podcast cover
Read more
The 2018 Cost of a Data Breach Study from Ponemon Institute, released earlier this month, breaks down precisely what lost and stolen records could cost companies this year.

So, there's no better time to chat with Dr. Larry Ponemon, founder of the Ponemon Institute, about historical highlights of the annual study, how things have changed in the last decade, and what's next for corporate data breaches and cybersecurity overall.

To learn more, read the blog [https://ibm.co/2v8MnV1] and download the complete 2018 Cost of a Data Breach Study [https://ibm.co/2NDPVGc].

Jul 24 2018

26mins

Play

Rank #11: The Evolving Security Operations Center

Podcast cover
Read more
"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep pace with your security operations center (SOC)? 
 
Bickerstaffe and Jamie Cowper, Product Marketing Manager at IBM Security, join the podcast for a discussion about building and enhancing a SOC, or "the eyes and ears of an organization." They cover business drivers for improving a SOC; perspectives on internal, external, and hybrid models; and the five core capabilities of a SOC.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jul 16 2019

36mins

Play

Rank #12: How To Get the Most Out of Your Identity and Access Management Solution

Podcast cover
Read more
Identity and access management (IAM) is now a fundamental part of any cybersecurity program, and yet two-thirds of organizations don't have an IAM solution that secures business assets, supports digital transformation and enables digital trust.

In this episode of the podcast, IAM experts Dustin Hoff and Bert Vanspauwen discuss the state of the industry and look at why design thinking is critical to delivering value-driven IAM.

Visit https://ibm.co/2S1FOhF to learn more about identity and access management.

Oct 18 2018

18mins

Play

Rank #13: The State of the CISO and the Board — A Panel of Security Leaders Weighs In

Podcast cover
Read more
Curious about the threats and challenges keeping CISOs up at night?

In this podcast, security leaders from a range of IBM business partners, including Cisco Systems, Carbon Black, Fortinet, Palo Alto Networks and VMware, share their thoughts on the evolving role of chief information security officers (CISOs) in meeting the key security challenges of both today and tomorrow.

To watch the video, "How Unlikely Pairings Work for Collaborative Defense," visit http://bit.ly/2MwR029.

Jun 28 2018

12mins

Play

Rank #14: X-Force Red in Action 003: Spotlight on Penetration Testing with Space Rogue

Podcast cover
Read more
When Space Rogue testified before Congress in 1998 as part of activist group L0pht Heavy Industries, he never expected to work for IBM. And yet, that's just where he finds himself today — and he couldn't be happier.

Space Rogue, a.k.a. Cris Thomas, joins the X-Force Red in Action podcast this week to talk about everything from penetration testing to Black Hat 2018 to his extensive sticker collection.

To learn more about the team and their adventures in offensive security, visit ibm.com/xforcered.

Jul 19 2018

16mins

Play

Rank #15: [Encore] The 5 Indisputable Facts of IoT Security

Podcast cover
Read more
For the first time, listen to the complete "5 Indisputable Facts of IoT Security" podcast series from earlier this year as a single hour-long podcast.

Fact 1. Devices will operate in hostile environments;
Fact 2. Software security will degrade over time;
Fact 3. Shared secrets do not remain secret;
Fact 4. Weak configurations will persist;
Fact 5. As data accumulates, exposure issues will increase.

Listen now for the complete insights from our featured panel of IBMers: James Murphy, offering manager for Watson IoT Platform; Andras Szakal, VP and CTO for U.S. Federal; and Tim Hahn, chief architect for Internet of Things Security.

To learn even more about the 5 indisputable facts of IoT security, read the full IBM report, "Smart Things Call for Smart Risk Management" at https://ibm.co/2hsVSef.

Sep 26 2017

1hr 2mins

Play

Rank #16: Peeling Back the Onion on Threat Hunting

Podcast cover
Read more
Have questions about what threat hunting is or how and when to use it? Then this is the podcast you've been waiting for.

Listen in for great threat hunting insights from Bob Stasio, program director of cyber threat hunting and analysis at IBM Security and special guest Dr. Eric Cole, founder of Secure Anchor Consulting.

To learn even more, read Eric's recent Security Intelligence blog series [https://ibm.co/2hQ535Y] and follow Bob [http://bit.ly/2haHdAX] and Eric [http://bit.ly/2znGgNX] on Twitter.

Nov 07 2017

17mins

Play

Rank #17: Cybersecurity Isn't Rocket Science: NCSAM Insights From X-Force Red

Podcast cover
Read more
October is National Cyber Security Awareness Month (NCSAM) as well as Halloween season. In honor of this this confluence of events, Space Rogue and Videoman, both of IBM X-Force Red, have come together for a conversation about some scary security blunders and, because we don't want our listeners to have nightmares, some tips for resurrecting your security strategy.

To learn more about X-Force Red or to schedule a demo, visit: ibm.co/2wxeb56. Or listen to another podcast on National Cyber Security Awareness Month: http://bit.ly/2xYuATx.

Oct 10 2017

9mins

Play

Rank #18: A CISO’s Guide to Obtaining Budget: The Nature of the Problem [1/6]

Podcast cover
Read more
This is episode 1 of a 6-part series [listen to them all! http://bit.ly/2x0KhZM] examining the difficult task of securing resources for IT and security needs.

In each episode, John Dickson [http://bit.ly/2ivrIHE], principal and co-founder at Denim Group, will discuss challenges and share recommendations for how chief information security officers (CISOs) should approach the task of obtaining budget.

This first episode introduces the "CISO’s Guide to Obtaining Budget" series and explains why spending on cybersecurity projects differs significantly from other projects in the enterprise.

To discover what’s impacting today’s CISO, visit the IBM website [https://ibm.co/2g8nR2r] and the CISO Corner [https://ibm.co/2xvCQqk] on SecurityIntelligence.com. And don't forget to tune in for the remainder of this series: http://bit.ly/2x0KhZM.

Aug 24 2017

11mins

Play

Rank #19: Cisco and IBM Security: Partnering to Provide Integrated Threat Defense

Podcast cover
Read more
With overlapping areas of interest, why should IBM Security and Cisco Security collaborate rather than compete? In this podcast, Dov Yoran, senior director of strategy and business development at Cisco Security, talks with IBM Security’s George Mina and Mitch Mayne about the need for strong partnerships in an infosec landscape that’s more complex than ever.

Resources:
Attend the June 15 Webinar, Cisco Security Integrations with IBM QRadar SIEM & IBM Resilient: http://bit.ly/2LJsQlf.
Download the Cisco Firepower App: http://bit.ly/2GdESAe.
Download the Cisco Identity Services Engine (ISE) pxGrid App: http://bit.ly/2La0e3r.
Learn more about Cisco Security and IBM Security integrations: http://bit.ly/2LMGLqP.

May 31 2018

17mins

Play

Rank #20: Lessons from a Gray Beard: Transitioning from the Military to Cybersecurity

Podcast cover
Read more
With thirty years of experience in the military, JC Vega now shares his experiences as a "gray beard" in the role of a cyber range coach. When asked about transitioning from the military to cybersecurity, JC offers advice that applies across fields: consider a path that lets you prioritize quality of life, career advancement, and job satisfaction however best suits your personal goals.

JC explains why military veterans possess innate security training, shares lessons learned from participants in the cyber range, and suggests resources for embarking on a career in cybersecurity (including getting interested in the field through science fiction — live long and prosper).

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

May 14 2019

35mins

Play

Verify To Simplify: Demystifying Zero Trust

Podcast cover
Read more
Nearly a decade ago, Forrester championed the concept of "Zero Trust." Fast forward to today, and the industry is seeing a confluence of technology and strategy that has pushed Zero Trust from the theoretical realm into the practical.

In brief terms, Zero Trust boils down to "never trust, always verify." Forrester analyst Chase Cunningham joins the podcast to dig into the depths behind that definition, including how the concept evolved, why the journey towards Zero Trust needs to begin with devices and users, why organizations benefit from a simplified security portfolio and how to coach the next generation on identity best practices. Plus, Pam and David discuss their resolutions for the new year and consider a line of security merch.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn. Read the full episode transcript: https://ibm.biz/BdqRFU

Jan 28 2020

34mins

Play

Gender Diversity in Security

Podcast cover
Read more
"It's work to put together and come up with a diverse panel," co-host Pam Cobb observes about her work in the cybersecurity industry. "And diversity here is not just male and female. It is backgrounds and ways of thinking, and all of the different ways that we think of diversity."

Bestselling author and entrepreneur Jane Frankland, whose company Cyber Security Capital focuses on gender inclusion in science, joins the podcast for a discussion about diversity in cybersecurity, particularly recruiting and retaining women. Cobb and Frankland discuss the skills that are needed in the security industry, how professionals can raise awareness about the skills gap, what people can do to get a foot in the door, and the benefits of a more diverse workforce. "I'm obsessional about this," Frankland says, "to be that change agent, and to enable both women coming into it and women already in it so that they can progress through the industry at whatever level that they want to be at."

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Dec 17 2019

30mins

Play

Cyber Resilience for State and Local Governments

Podcast cover
Read more
"State and local governments’ IT infrastructure is currently in a state of what we would call transformative change...making information technology now a primary medium for citizens to interact with their local government," explains Claire Zaboeva, an expert in identifying and assessing cyber-based threats for IBM X-Force IRIS. For all the benefits these changes bring, there's a flip side: there are now more vectors for threat actors to conduct malicious activities within government infrastructures. 

Why are threat actors targeting state and local governments and how can states protect public infrastructure? Melissa Frydrych, who researches cyber threat intelligence for IBM X-Force IRIS, joins Zaboeva in a conversation about the kinds of preventative measures states are taking to protect everything from citizens to utilities to elections. 

For more security stories and to learn more about the research covered in this episode, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Nov 12 2019

27mins

Play

Ransomware and Operating Under Maximum Pressure

Podcast cover
Read more
Recovering from a ransomware attack isn't like paying your electric bill; there's no guarantee that the lights suddenly come back on. How, then, should organizations like municipalities and hospitals plan to remediate in the case of a ransomware attack — or better yet, take preventative security measures?

Matthew DeFir and Robert Gates, both members of the IBM X-Force IRIS team, share their advice on how organizations can prevent ransomware attacks. They discuss why attackers choose moments when they can apply maximum pressure, the importance of backing up systems, insights into taxpayers' views on ransomware, and why organizations should not pay the ransom. Plus, Pam and David discuss how ransomware has impacted the cities they live in. 

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Oct 15 2019

32mins

Play

Cloud Security and the Road to Transformation

Podcast cover
Read more
Cloud is not the ultimate destination; it's the path to an end goal. "The idea of cloud is to get you a modern architecture," says Vikram Chhabra, who leads product management for IBM Security Services with a focus on cloud and infrastructure security. "The destination is transformation to help you innovate and drive modern experiences for your end customers."

Chhabra identifies multiple challenges as CISOs steer their businesses down this path to a modern architecture: talent, cloud controls, centralized strategy, compliance. Security — beginning with automation — can act as an enabler in light of these challenges. Chhabra chats with David about types of cloud models, who the CISO should partner with on cloud migration, and how to manage threats and prove continuous compliance in a cloud environment. Plus, Pam and David discuss their opinions on pineapple pizza (it's relevant, promise). 

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Sep 10 2019

35mins

Play

Are You Prepared to Respond to a Destructive Malware Attack?

Podcast cover
Read more
What’s the difference between a destructive attack and a traditional breach? “Destructive malware is malicious software that has the capability to render an effective system inoperable and also challenges reconstitution,” explains Charles DeBeck, a senior cyber threat intelligence researcher at IBM X-Force IRIS.

A kind of attack originally associated with nation-states, new research suggests an expanding trend in who is employing destructive attacks, and where. Wendi Whitmore, director of the IBM X-Force Threat Intelligence team, says, “The average cost of one of these attacks — a destructive incident versus a traditional breach — is actually 61 times higher.”

DeBeck and Whitmore join our hosts for a conversation about the evolution of destructive attacks, how organizations can defend against them, and how to best prepare for remediation.

For a further look at trends in destructive attacks, visit SecurityIntelligence.com: https://ibm.co/2OFUHs5

Aug 06 2019

37mins

Play

Adapting to Evolving Data Privacy Regulations

Podcast cover
Read more
As regulations such as GDPR and CCPA go into effect around the world, organizations are seeing the impact of data privacy laws on their businesses. As recent headlines show, fines are one possible impact, but they shouldn't be the only impetus to review privacy compliance and run through incident response plans. 

"It really comes down to a matter of trust," says Monica Dubeau, privacy program director for IBM Security. "You need your clients to trust you. You want your clients to trust you. And your clients expect you to take care of their data and to make sure it's protected."

Dubeau joins the podcast for a discussion about how GDPR has changed the way organizations are required to respond to data breaches, steps to building out a documented incident response plan, and the importance of continued cybersecurity education for consumers.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jul 30 2019

25mins

Play

What Factors Contribute to the Cost of a Data Breach?

Podcast cover
Read more
On average, according to the 2019 Cost of a Data Breach Report, it takes 279 days to contain a data breach, up from 266 days last year. "I think it's true we're getting better identifying data breaches," says Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. However, at the same time as organizations improve their security postures, cybercriminals are becoming stealthier. 

While factors such as a lack of preparedness or third-party risk can amplify the cost of a data breach, the good news is that, according to the findings in this year's report, incident response strategy, encryption technology, and other factors can mitigate the financial impact of a breach. In fact, the combination of having an incident response team and testing that plan can save $1.2 million for a business. Dr. Ponemon returns to the podcast to discuss the lifecycle of a data breach, variations by industry and region, and why organizations are increasingly sensitive to privacy and data protection.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn. Explore the 2019 Cost of a Data Breach Report at databreachcalculator.mybluemix.net.

Jul 23 2019

29mins

Play

The Evolving Security Operations Center

Podcast cover
Read more
"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep pace with your security operations center (SOC)? 
 
Bickerstaffe and Jamie Cowper, Product Marketing Manager at IBM Security, join the podcast for a discussion about building and enhancing a SOC, or "the eyes and ears of an organization." They cover business drivers for improving a SOC; perspectives on internal, external, and hybrid models; and the five core capabilities of a SOC.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jul 16 2019

36mins

Play

Reducing Third Party Risk

Podcast cover
Read more
"We, as CISOs, and as risk management practitioners, and as risk executives, have to be aware that a risk rating vendor isn't the entire answer to our risk posture," says Shamla Naidoo, a Managing Partner at IBM Security who was most recently the global CISO for IBM. "It is a part of the answer, not the entire answer." 

Naidoo joins David to discuss taking a 360 degree view of third party risk. They explore why risk rating reports are the beginning of risk management but not the end; why trust and transparency is critical in relationships among all parties; and the value in taking an objective approach to testing risk postures. 

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jun 25 2019

34mins

Play

Development Agility and Open Source Vulnerability Prioritization

Podcast cover
Read more
"Open source is increasingly being acknowledged as an indispensable means for promoting and driving innovation," says Rami Elron, Senior Director of Product Management at WhiteSource. But at the same time, there's been a proliferation in open source security vulnerabilities. 

Elron attributes the phenomenon to both increased adoption of open source and increased attention following publicized data breaches. He joins David to discuss the challenges in prioritizing open source vulnerabilities, the importance of agile DevSecOps practices, and approaches to dealing effectively with the growing number of open source security vulnerabilities.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jun 18 2019

29mins

Play

Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast cover
Read more
"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a problem."

Lateral movement is one way threat actors escalate annoyances into problems. "Lateral movement consists of a series of techniques that enable an adversary to access and control remote systems in a network," Joey Victorino, a consultant for IBM X-Force IRIS, explains. In some cases, all it takes is four seconds for an adversary to pivot across a network.

Charles and Joey join Pam to discuss the implications of lateral movement becoming more automated for threat actors; the potential business impact of lateral movement; how to limit the success of a threat actor in an environment; and how security precautions such as multifactor authentication (MFA) can mitigate the impact of lateral movement.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Jun 11 2019

30mins

Play

Travel Security: Why Data Safety Doesn't Get a Day Off

Podcast cover
Read more
Sunscreen? Check. Boarding pass? Got it. The resolve not to connect to the airport WiFi? Getting there.  

This summer, add cyber hygiene best practices to your travel checklist. Caleb Barlow, Vice President of X-Force Threat Intelligence for IBM Security, shares insights on travel and transportation industry security. Caleb explains why the transportation industry is a target for attackers and how individual travelers can protect their personal information. Pam and David discuss the tension between convenience and security while traveling and offer more tips for traveling securely.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

May 28 2019

20mins

Play

Lessons from a Gray Beard: Transitioning from the Military to Cybersecurity

Podcast cover
Read more
With thirty years of experience in the military, JC Vega now shares his experiences as a "gray beard" in the role of a cyber range coach. When asked about transitioning from the military to cybersecurity, JC offers advice that applies across fields: consider a path that lets you prioritize quality of life, career advancement, and job satisfaction however best suits your personal goals.

JC explains why military veterans possess innate security training, shares lessons learned from participants in the cyber range, and suggests resources for embarking on a career in cybersecurity (including getting interested in the field through science fiction — live long and prosper).

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

May 14 2019

35mins

Play

Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast cover
Read more
Conversations about operational technology (OT) security have been bubbling up more and more, and justifiably so. The term may not be as well known as it should be — or even entirely settled upon yet — but the consequences of risk in operational technology environments impact our daily lives.

As Rob Dyson, OT Security Services Leader for IBM Security, explains, "These are environments that produce things that keep our economies going every day, whether it's our electricity, water or manufacturing of oil and gas or other devices." Dyson, along with Anshul Garg, Product Marketing Manager for IBM Security, join Pam to discuss how digital transformation in industrial environments has revealed the need for OT security, the environmental and safety risks inherent in these environments, and why industrial organizations need to develop OT-specific incident response plans.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

May 07 2019

22mins

Play

"You Can Never Have Too Much Encryption"

Podcast cover
Read more
Data encryption can feel like the enterprise version of a kid's least favorite chore: cleaning their room. "One of the biggest challenges," says Stephanie Balaouras, "is just the inertia against getting started."

Considering the ways in which a holistic encryption strategy can reduce security and privacy concerns, breaking through the inertia is worth it. Balaouras, Research Director at Forrester Research, joins Pam and David for a conversation on how to get started on your data encryption strategy; why the cloud is a major use case for encryption; and why the savviest companies prioritize data privacy not only for compliance, but with customers' best interests in mind.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Apr 30 2019

31mins

Play

Automating Cyber Resilience Best Practices with Dr. Larry Ponemon

Podcast cover
Read more
What does it take to be cyber resilient? In the words of Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, a cyber resilient enterprise is "one that can prevent, detect, contain, and recover from a myriad of serious threats against data applications and IT infrastructure."

Dr. Ponemon joins co-hosts Pam Cobb and David Moulton to discuss findings of the 2019 Study on the Cyber Resilient Organization. He explains why Germany stands out as a case study for cyber resilience and how automation and support from senior-level executives go hand-in-hand with high performance. Plus, our hosts get into the ins and outs of sports ball (as it relates to cybersecurity, naturally).

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Apr 23 2019

26mins

Play

Muscle Memory and Cyber Fitness Training

Podcast cover
Read more
Just as physical training improves strength and health, cyber fitness training keeps security professionals in shape to handle a breach at a moment's notice—prepared to duck "that virtual cyber punch in the face." 

Caleb Barlow, Vice President of IBM Security's X-Force Threat Intelligence group, discusses the importance of going beyond tabletop exercises when training teams to respond to breaches: "The more we can immerse people into what that's going to look like, the better we can train them to be resilient during that event." Barlow explains the importance of building incident response muscle memory, what we can learn from observing professionals with a military or EMS background in a cyber range environment, and responding to the ever-evolving attack surface.
 
For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Apr 16 2019

32mins

Play

Three Identities Walk into a Bar…

Podcast cover
Read more
When you think of identity and access management (IAM), what comes to mind? For guest Bert Vanspauwen, it's the metaphor of a bar. Before ordering a drink, you need to prove to the bartender that you're of age. Rarely do you see someone walk up to the bar with their driver's license, social security, and passport in hand—why give your full identity when the only thing between you and a drink is your age? 

In his experience working with a European team of IAM experts at IBM Security, Bert sees questions around distributed identity arising in tandem with digital transformation: "[The problem is] how can you as an identity stay in control of your data and only share the relevant pieces with the different service providers that you interact with."

Bert joined co-hosts Pam Cobb and David Moulton to talk about addressing IAM challenges, the benefit of re-evaluating strategy around legacy identity programs and the cloud, and the impact on users and business goals. Pam and David wrap up the episode with their impressions of the temperature of the cybersecurity landscape after attending the industry conference RSA.

For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Apr 09 2019

30mins

Play

Digital Identity Trust, Part 3: Powering Digital Growth With Digital Identity Trust

Podcast cover
Read more
Accelerating growth without sacrificing security — this may be the holy grail of digital transformation. Jason Keenaghan, director of offering management for IBM's identity and access management (IAM) and fraud portfolio, joins this episode of our digital identity trust series to discuss how organizations can effectively identify and authenticate end users without introducing extra complexity or friction.

Listen to the complete series at ibm.co/2M2Ixol and learn more about IBM Trusteer at ibm.co/2pGNmt2. We also invite you to play our online game at bit.ly/2QDwtuz.

Jan 10 2019

10mins

Play

iTunes Ratings

28 Ratings
Average Ratings
22
3
1
2
0

Love the show

By mrdavidrmoulton - Dec 02 2019
Read more
Covers topics from the Security Industry, with interesting guests.

Great Cyber Security Podcast

By Jeremy02127 - Jan 18 2018
Read more
Great one stop shop for everything cyber security