Episode 101 - Talking AI Threat Intelligence Insights from the IBM X-Force Report

03/01/24 • 47 min

In this episode I had a chance to have a candid conversation with Charles Henderson. Charles is a global managing partner at IBM and also happens to be the head of the X-Force team. IBM recently released the X-Force Threat Intelligence Index report for 2024.

While the report is delves into many different areas of Threat Intelligence, we concentrated on several key areas focused primarily on artificial intelligence:

Pronounced increase in Identity attacks
Understanding how more 'business-like' malicious actors are becoming
Upcoming universal AI attack surface
- How much do you think this will get wors? For example, I reached out to a couple of CISOs from some prominent local companies and one of their worries was and I quote, "Longer term I think we will have to worry about attackers trying to attack and leverage AI technologies that are being utilized by organizations."
50% is the expected market share threshold likely to trigger attacks against AI platforms.
Evolution of malware delivery mechanisms. AI's part in Business Email Compromise. Another area of concern when I polled my CISO contacts was AI's ability to, and I quote again, "Easier to perfect grammar and templates for phishing and other social engineering attempts.". How do you think companies like IBM can start helping people combat these types of attacks?)
Thoughts on OpenAI's Sora and its potential impact on security

Episode Charity:

The Corewell Health's involvement in the Blue Envelope Suicide Prevention Program. The School Blue Envelope Suicide Prevention Program trains middle and high school faculty and staff so that every school employee—from teachers to coaches and bus drivers—would know how to respond to a student who may express thoughts of suicide. The “Blue Envelope” protocol for crisis management was developed internally to quickly activate patient safety responses by communicating the code words "Blue Envelope."

Every person within a physician’s office became proficient in how to respond at a moment’s notice to a patient who may have thoughts of suicide. Through previous grant and foundation dollars, this program has been able to successfully train over 8,500 middle, high, and elementary school personnel across 156 schools within 53 different school districts. This training has resulted in over 2,000 interventions for students in crisis.

Episode Sponsor:

This episode is sponsored by IBM, who recently celebrated their 100th birthday! IBM is a computer solution company based out of Armonk, New York.

While the report is delves into many different areas of Threat Intelligence, we concentrated on several key areas focused primarily on artificial intelligence:

Pronounced increase in Identity attacks
Understanding how more 'business-like' malicious actors are becoming
Upcoming universal AI attack surface
- How much do you think this will get wors? For example, I reached out to a couple of CISOs from some prominent local companies and one of their worries was and I quote, "Longer term I think we will have to worry about attackers trying to attack and leverage AI technologies that are being utilized by organizations."
50% is the expected market share threshold likely to trigger attacks against AI platforms.
Evolution of malware delivery mechanisms. AI's part in Business Email Compromise. Another area of concern when I polled my CISO contacts was AI's ability to, and I quote again, "Easier to perfect grammar and templates for phishing and other social engineering attempts.". How do you think companies like IBM can start helping people combat these types of attacks?)
Thoughts on OpenAI's Sora and its potential impact on security

Episode Charity:

Episode Sponsor:

This episode is sponsored by IBM, who recently celebrated their 100th birthday! IBM is a computer solution company based out of Armonk, New York.

Previous Episode

Episode 100 - Understanding Your Personal Risk Tolerance

In this episode I had a chance to sit down in person with the always insightful and never dull cybersecurity leader, Jim Kuiphof. Jim is the Deputy Chief Information Security Officer at Corewell Health. The topic for this casual conversation is Understanding Your Personal Risk Tolerance. More specifically, it speaks to understanding the different between your own risk tolerance and the business's risk tolerance.

Jim has talked on this recently at events like Cloud Con and the Digital Services Summit. His ideas for understanding how to balance personal and business has been a HUGE thing in my professional career.

Talking Points:

What is Risk?
What is Tolerance?
Understanding the difference between Personal Risk and Business Risk
Why is it so important to understanding alignment?
Diagnosing the Dissonance
What do you do about it?
What does taking ownership look like?
Maintaining risk tolerance alignment

This talk is not only useful for people in the cybersecurity industry, but across all of information technology. It does matter what level you are at, this information can help you!

Next Episode

Tales from the Trenches: The Crowdstrike Incident and Other Crazy Stories from Summer 2024

In this special end of summer episode, I sat down with Tyler Adams to talk about being in the trenches during the recent Crowdstrike incident and other interesting stories from the crazy summer. Tyler is an Information Security Analyst for Corewell Health. He works on the Security Business Engagement Team.
Talking Points:

What was it like being in the trenches during the Crowdstrike incident
- How having a Business Continuity Plan comes in play
- What was the most surprising about the incident?
What challenges are stemming from what the business is working on?
- Getting the business to understand the value of Multi-Factor Authentication
- Data 'Cleanliness' is becoming more important