Light Dark
July 31, 2018 By Christopher Hockings 3 min read
Artificial Intelligence
CISO
Incident Response

What’s it like to spend time with two renowned leaders in the cybersecurity field? Enlightening, to say the very least.

I recently sat down to speak with Sridhar Muppidi, chief technology officer (CTO) of cloud security and identity and access management (IAM) at IBM Security, and Shamla Naidoo, global chief information security officer (CISO) at IBM. During our conversation, Muppidi and Naidoo covered topics ranging from the research and development behind Watson and the roles of artificial intelligence (AI) and blockchain in cybersecurity to advice for responding to emerging threats.

IBM Security CTO Talks AI, Orchestration and More

In addition to his role at IBM Security, Muppidi is one of 101 active IBM Fellows. He’s an executive sponsor of the IBM Australia Development Lab on the Gold Coast and encourages an open client engagement approach. As I observed him hosting a number of clients, we discussed a wide variety of cybersecurity innovations.

IBM is currently focused on bringing AI into the world in a safe manner. AI can help security teams boost their threat detection and response capabilities, minimize identity fraud, thwart insider threats and reduce false positives in application testing — to name just a few examples.

However, since adversaries have access to the same AI tools as defenders, IBM Research developed an Adversarial Robustness Toolbox to help secure AI systems from threat actors.

IBM is also developing several orchestration playbooks to ensure that the right analysts are using the right tools to perform the right tasks in the event of any security incident. Clients can experience a simulated cyberattack and practice their incident response playbooks at the IBM X-Force Command Center. These simulations help organizations understand the importance of a strong security culture, a robust response playbook and competent leadership in the face of a crisis.

Muppidi stressed that security is a team sport. For this reason, IBM created an ecosystem of vendors who work together through open interfaces and share intelligence and analytics to foster collaboration and defend against increasingly sophisticated threats.

Finally, Muppidi talked about the emergence of decentralized identity, which gives control of identity information back to users while mitigating the burden of data ownership for organizations. This is based on blockchain’s distributed ledger technology and cryptography. IBM is focused on developing open standards and enabling clients to create or participate in identity networks to solve business problems.

IBM CISO Says Size Doesn’t Matter When It Comes to Security

Naidoo is responsible for securing the entire corporation from emerging threats as the global CISO at IBM. She has the power of IBM Security technologies at her fingertips and uses them extensively in her role. I joined her for two board round tables and several client meetings in Melbourne and Sydney, Australia.

These peer-level conversations exposed the following:

  • The importance of scale: Cybersecurity challenges, approaches, investments and execution are the same for all companies — both large and small. The only difference is scale. As scale increases, it’s essential to invest in the right security technologies to account for the expanded threat surface that comes with this growth.
  • Consider organizational structure: It’s also important to consider your organizational structure. While security leaders should supply all executives and line-of-business leaders with best-in-breed technologies to protect data, they should also empower them to manage their own security and compliance whenever possible through training and awareness initiatives.

These insights reflect the diversity of thinking the cybersecurity community needs to combat the rising volume of threats and protect clients from increasingly sophisticated attackers.

A Critical Advantage in the Fight for Security

Organizations that aim to deliver cybersecurity services to their own customers should be prepared to be “customer zero” with these services. This helps to ensure that the quality of offerings stands up to market scrutiny and that clients experience the best possible outcome.

By delivering the same quality of products they use to protect their own networks, industry leaders like Muppidi and Naidoo can give their clients a critical advantage in the endless battle to protect corporate and customer information from data thieves.

Read the stories in the ‘Secure Start’ blog series — and learn from others’ mistakes

 |  |  |  |  |  |  |  |  |  | 
Christopher Hockings
IBM Master Inventor

More from Artificial Intelligence
October 30, 2024

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

4 min read - The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster security defenses, cyber professionals now face a pivotal question: What new skills do I need to stay relevant?October is Cybersecurity Awareness Month, which makes it the perfect time to address this pressing issue. With AI transforming threat detection, prevention and response, what better moment to explore the essential skills professionals might require?Whether you're…

October 24, 2024

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

October 23, 2024

AI hallucinations can pose a risk to your cybersecurity

4 min read - In early 2023, Google’s Bard made headlines for a pretty big mistake, which we now call an AI hallucination. During a demo, the chatbot was asked, “What new discoveries from the James Webb Space Telescope can I tell my 9-year-old about?" Bard answered that JWST, which launched in December 2021, took the "very first pictures" of an exoplanet outside our solar system. However, the European Southern Observatory's Very Large Telescope took the first picture of an exoplanet in 2004.What is…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature