Can you remember the moment when you heard your calling to cybersecurity? Matt Dobbs, chief integration architect at IBM’s X-Force Threat Intelligence and Integration Lab in Atlanta, GA, can.

He was working as an IT consultant in the early 2000s, following a brief stint as a Java developer in a “dot-bomb,” when one of his customers called for help. Turned out that their server — the main server for the company — had been used to build a torrent site; the perpetrator had filled up the hard drives and was maxing out bandwidth. Working to clean it up and get the customer operational again was enough for Matt — one taste of the security world was all he needed.

He focused his efforts on cybersecurity consulting until a role opened up at Internet Security Systems. He grabbed it with both hands, eventually ending up at IBM through an acquisition. When IBM pooled its various teams to create IBM Security, Matt was asked to lead the Integration Lab to make the various pieces of the puzzle fit together seamlessly as a unified system for customers.

Building the Building Blocks

“The goal is to take all the IBM products and figure out better ways for those to work together to enhance security,” Matt said. “We have a bunch of point products that are very good at data or they’re very good at identity and access management and things like that, and so our group works with the development teams and offering manager to come up with ways to have these components work together.”

In practice, that means a lot of proofs of concept and proofs of technology as the team comes up with new ideas for the building blocks. If they work, they’ll either create the documentation to help customers integrate them on their own, or they’ll work directly with the engineering and product teams to customize.

However, Matt’s built such a well-oiled machine that these days he spends the bulk of his time in the X-Force Cyber Range building out the technical infrastructure for the stories run in its gamified scenarios and helping to create the experience that puts clients through their paces.

From Dot-Com Bubble to Global Cybersecurity

“Everybody struggles in their own way,” Matt says of the customers he works with. “What I find is that those who are more likely to be financially impacted directly from cybersecurity issues tend to be quicker about or spend more money, time, resources, policies, procedures on it.”

He said that means financial services are “all over it,” allocating a lot of people and money to their cybersecurity, while in the healthcare industry they’re more concerned with patients than firewalls. Working to protect companies across industries all over the world, it’s clear Matt has come a long way since the early days of the new millennium working in a fledgling cybersecurity market.

“There will always be room to grow just because adversaries are always growing, always changing,” he said. “They’re coming up with new techniques and new strategies, so the security industry always has to evolve. There will never be a point where a company is like ‘OK, I’ve got my security in place. We’re good.'”

That, he says, is precisely the purpose of the Cyber Range: to keep clients’ skills sharp and up-to-date. “Wash, rinse, repeat, because things are going to change every day and companies have to keep up with those changes.”

Matt believes the danger of complacence is the greatest threat to security today. He stresses that just because you have a plan doesn’t mean it will always work. “You have to lean forward, jump in, be on your toes and constantly evolve your practices.”

And considering this is a guy who survived the dot-com bubble, he knows a thing or two about what can happen when companies get complacent.

Meet IBM distinguished engineer and master inventor Mike Spisak

More from Security Services

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

How I Got Started: Offensive Security

3 min read - In the high-stakes world of cybersecurity, offensive security experts play a pivotal role in identifying and mitigating potential threats. These professionals, sometimes referred to as “ethical hackers”, use their skills to probe networks and systems in search of vulnerabilities, ultimately helping organizations fortify their digital defenses. In this exclusive Q&A, we spoke with a seasoned offensive security professional. Benjamin Netter is a cybersecurity expert and the founder and CEO of Riot, a cybersecurity platform created for employee protection. His goal is…

3 min read

Is Your Critical SaaS Data Secure?

4 min read - Increasingly sophisticated adversaries create a significant challenge as organizations increasingly use Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) to deliver applications and services. This mesh of cloud-based applications and services creates new complexities for security teams. But attackers need only one success, while defenders need to succeed 100% of the time. Organizations are contending with an exponential rise in advanced threats that are not only increasing in volume but also sophistication. The IBM Cost of Data Breach Report 2022 found…

4 min read