40m
•
deep-dive
•
advanced
- Meredith Whitaker (Signal President) and Ubab Tavari (Signal VP of Strategy) warn that the rapid integration of AI agents into operating systems represents a “velvet‑glove coup” that subtly transfers control from developers and users to AI‑driven platforms.
- While marketed as convenient “robot‑butlers” and productivity boosters, these agents require extensive user context and data, creating a hidden surveillance infrastructure that threatens privacy and autonomy.
3m
•
news
•
beginner
- IBM announced a technology partnership with Equinix that lets IBM Hybrid Cloud Mesh customers deploy upcoming Hybrid Cloud Mesh gateways on Equinix Metal, expanding deployment options across Equinix’s global infrastructure.
- Hybrid Cloud Mesh, an IBM SaaS solution, helps DevOps and Cloud Ops teams automate, manage, and observe application connectivity across public, private, edge, and on‑premises environments in a hybrid‑multicloud landscape.
39m
•
news
•
intermediate
- The hosts emphasize that while AI is often celebrated, it can also pose serious security threats, reminding listeners that “AI is not always our friend.”
- The Thanksgiving‑themed panel expresses gratitude for reduced major incidents, increased collaboration among enterprises, and the fact that security is finally being prioritized in the AI-driven technology wave.
1m
•
other
•
beginner
- Mark, the CTO of a large insurance firm, is responsible for securing all business data, but recent breach headlines make him uneasy about potential vulnerabilities.
- While the company’s existing MQ solution safeguards data in transit, a breach reveals the need for deeper protection of data at rest, prompting an upgrade to MQ Advanced.
42s
•
news
•
beginner
- IBM sees business success as balancing trade‑offs—combining scale with agility, ambition with stability.
- Their enterprise‑grade public cloud merges hardened open‑source software with top‑tier security features.
14m
•
tutorial
•
beginner
- Zero‑click attacks exploit vulnerabilities that require no user interaction, allowing attackers to execute code on a device simply by delivering malicious data such as a crafted MMS.
- Historical examples like Android’s 2015 Stagefright bug and the Pegasus spyware demonstrate how remote code execution can silently compromise millions of devices and grant full control over cameras, microphones, messages, and keystrokes.
8m
•
tutorial
•
intermediate
- Effective problem‑solving requires first identifying the root cause, whether it’s a leaky pipe or the specific steps of a cyber‑attack.
- To defend against AI‑based threats, analysts must understand the attacker’s goals, methods, and the target’s value before deploying appropriate mitigations.
9m
•
news
•
beginner
- Data breaches remain a huge financial threat, averaging over $4 million per incident, and are increasingly linked to ransomware attacks that cause extortion, data loss, and operational disruption.
- Ransomware continues to be a primary driver of breaches across individuals, corporations, and even nation‑states, highlighting the urgent need for stronger preventive measures.
3m
•
news
•
beginner
- Ransomware saw a sharp resurgence in 2023, with over 400 attacks reported in March alone, prompting IBM’s X‑Force to release its updated “Definitive Guide to Ransomware” featuring a new five‑stage attack framework and detection techniques.
- The guide highlights how the cyber‑crime ecosystem has become industrialized, turning backdoor failures from 2022 into the ransomware crisis of 2023 and offering refreshed research to help organizations stay ahead of evolving tactics.
14m
•
tutorial
•
intermediate
- Jeff demonstrates a voice deepfake created by an AI tool that can mimic his speech after only a short audio sample.
- Modern deepfake technology can generate realistic audio and video from as little as three seconds of input, making convincing fakes increasingly easy to produce.
6m
•
deep-dive
•
intermediate
- The speaker illustrates the severe impact of a lost or stolen mobile device, highlighting that protecting the data—especially on enterprise‑managed phones—is far more critical than the hardware itself.
- Zero‑trust security, which continuously validates every access request based on context, is now the leading strategy for cloud and network protection but has lagged in adoption for mobile devices despite the large amount of corporate data they hold.
3m
•
tutorial
•
beginner
- Multi‑tenancy in the cloud means multiple clients share the same underlying compute, networking, and storage services while each tenant’s data remains isolated and invisible to others.
- The presenter uses an apartment building analogy: each tenant has a private, locked apartment (their environment) but shares common utilities (water, electricity) provided by the building, mirroring shared cloud resources.
20m
•
news
•
intermediate
- The IBM Technology channel annually reviews the past year’s cybersecurity landscape and makes forward‑looking predictions, a tradition continued through 2025 with a forthcoming confession about a “cheat” at the video’s end.
- AI’s dual‑edged impact proved true: while it offers benefits, unchecked “shadow AI”—unauthorised models deployed in the cloud—added roughly $670 K extra to breach costs, and 60 % of firms still lack AI governance policies to curb it.
4m
•
tutorial
•
intermediate
- A careless “rm -f” run as root on the wrong terminal deleted the production server’s home directory, causing the system to go down.
- Deploying changes via a blue/green (or mirrored) strategy allowed the faulty server to be taken out of rotation and the service restored quickly using the untouched replicas.
19m
•
deep-dive
•
intermediate
- AI will both eliminate and create jobs, mirroring past technological shifts such as agricultural mechanization, industrial automation, and the rise of the information age.
- Each major innovation historically reduced certain occupations (e.g., candle makers after electric light) while freeing labor for new, often higher‑value roles and improving overall quality of life.
4m
•
news
•
beginner
- IBM has launched the IBM X‑Force Cyber Range in Washington, DC, offering federal agencies and private organizations realistic, immersive breach simulations to improve cyber‑readiness, response coordination, and security culture.
- The cyber range provides multiple scenario‑based exercises—including mission cyber response, business response challenges, a cyber‑wargame, and “Inside the Mind of a Hacker”—to help participants practice detection, investigation, and recovery in a fault‑free environment.
3m
•
news
•
beginner
- IBM introduced Guardium Quantum Safe, a data‑security solution that gives enterprises visibility into their cryptographic posture, detects quantum‑vulnerable encryption, and prioritizes remediation to protect data from both traditional and future quantum attacks.
- To address costly downtime—estimated at $1‑$5 million per hour—and its impact on customer trust, IBM launched the IBM Concert Resilience Lens, a tool that helps organizations identify and close resilience gaps across applications, integrate siloed data, and proactively minimize outages.
3m
•
tutorial
•
intermediate
- API management is essential for providing access control, usage statistics, rate limiting, and a developer portal when building any API, especially GraphQL.
- Because GraphQL lets clients specify exactly which fields to retrieve, implementing rate limiting requires a query‑cost analysis that assigns weights to the underlying services (REST, database, SOAP, etc.) a query touches.
13m
•
tutorial
•
intermediate
- Generative AI expands the attack surface, prompting 80 % of executives to doubt its trustworthiness due to cybersecurity, privacy, and accuracy concerns.
- A security framework is needed that protects every stage of the AI pipeline—data collection, model training/tuning, and inference/usage.
4m
•
interview
•
beginner
- The scam involved outside fraudsters buying winning lottery tickets at a small profit and colluding with an inside “bad actor” – a database administrator (DBA) – who inflated the ticket values in the system before cashing them.
- After the fraudulent cash‑out, the DBA reverted the ticket values back to their original amounts, erasing obvious evidence of the manipulation.
10m
•
tutorial
•
intermediate
- Verify that the developer portal’s user registry is delegated to the UM catalog before beginning LDAP configuration.
- Install and enable the three required modules—LDAP authentication, LDAP servers, and LDAP user—to support LDAP integration.
22m
•
interview
•
intermediate
- AI introduces an entirely new attack surface, requiring security teams to continuously learn and adapt to novel threats rather than treating it as a one‑time testing effort.
- Chris Thompson leads IBM X‑Force’s Red Team, which comprises about 180 hackers who focus on advanced penetration testing for high‑value targets such as banks, defense contractors, and nuclear facilities, and they actively share tools and research with the wider security community.
4m
•
tutorial
•
intermediate
- CSPM (Cloud Security Posture Management) tackles the high incidence of cloud breaches caused by misconfigurations by continuously identifying and fixing risks throughout a cloud deployment’s lifecycle.
- Its core capabilities include continuous compliance monitoring, policy‑based access control enforcement, security‑threat detection, and automated remediation of violations.
3m
•
tutorial
•
beginner
- A DDoS attack floods a target application with excessive traffic, causing severe slowdown, outages, or other abnormal behavior for legitimate users.
- Normal user traffic normally travels smoothly from the internet to the server, but a DDoS overwhelms this “pipe” with malicious traffic, creating congestion that blocks legitimate requests.
9m
•
tutorial
•
beginner
- Secrets management is the practice of securely storing and sharing credentials (passwords, API keys, cryptographic keys, certificates, tokens) so they can be used by users or applications without being exposed.
- Organizations typically have tens to thousands of such secrets, making manual tracking impossible and necessitating a systematic approach.
4m
•
deep-dive
•
intermediate
- Back doors topped X‑Force’s 2022 incident actions, accounting for 21 % of cases, and are increasingly used as the foothold for ransomware attacks, which remain the second‑most common threat (17 %).
- Thread‑hijacking attacks—where attackers compromise email accounts and impersonate victims in ongoing conversations—doubled in frequency compared with 2021, enabling broader credential and data theft.
9m
•
deep-dive
•
intermediate
- The “Cost of a Data Breach” report uses a rigorous, 18‑year methodology conducted by the Ponemon Institute on behalf of IBM, surveying over 3,000 individuals from 533 organizations to ensure real‑world relevance.
- To produce realistic averages, extreme outliers (both very low‑cost and ultra‑high‑cost breaches) are excluded, focusing the analysis on the “normative” case.
5m
•
deep-dive
•
intermediate
- An organization’s attack surface is the complete set of potential entry points for attackers, ranging from web login forms and misconfigured cloud buckets to legacy systems and third‑party supply‑chain applications.
- Attack Surface Management (ASM) aims to shrink that surface by continuously mapping an organization’s digital footprint from an “outside‑in” perspective, much like a red‑team attacker would use tools such as Kali Linux to discover and catalog exposed assets.
57m
•
news
•
intermediate
- The episode reviews the past year’s cyber‑security landscape, featuring three segments on AI & data security, incident response, and broader 2025 trends with expert panelists.
- Discussions highlighted the rise of AI‑powered threats, including proliferating AI agents, “shadow AI,” and the need to both defend against AI attacks and protect AI systems from manipulation.
9m
•
tutorial
•
beginner
- NAT (Network Address Translation) converts private internal IP addresses to public internet addresses, conserving the limited pool of globally routable IPs.
- An apartment‑building analogy illustrates that while apartment numbers (private IPs) can repeat, the street address (public IP) uniquely identifies a location worldwide.
4m
•
news
•
intermediate
- IBM X‑Force’s new **Cyber Exposure Insights** service monitors the surface, deep, and dark web to detect stolen credentials, brand impersonation, risky domains, and shadow data, giving enterprises an early‑warning, proactive defense tool.
- The **U.S. NIST** has published three final **post‑quantum cryptography (PQC) standards**—ML‑KEM for key encapsulation, ML‑DSA for digital signatures, and SLH‑DSA (stateless hash‑based signatures)—marking a global shift toward quantum‑resistant security.
3m
•
news
•
intermediate
- IBM and Cloudflare have launched **Cloudflare Bot Management on IBM Cloud Internet Services**, offering a dynamic, adaptive solution that uses behavioral analysis, machine‑learning bot scores, and fingerprinting to protect internet‑facing workloads from sophisticated bot attacks.
- The new bot‑management feature is immediately available to any IBM Cloud Internet Services customer on the **Enterprise Premier plan**, providing near‑real‑time threat mitigation without storing device fingerprints to preserve user privacy.
11m
•
tutorial
•
intermediate
39m
•
news
•
intermediate
- The “Mixture of Experts” podcast kicks off with a quick‑fire round‑the‑horn question, asking panelists whether phishing will be a bigger, smaller, or unchanged problem by 2027, receiving mixed predictions (slightly worse, decreasing, or staying the same).
- Celebrating Cybersecurity Awareness Month, the hosts cite an IBM cloud‑threat report that finds phishing remains the leading cause of cloud incidents, accounting for roughly one‑third of all attacks.
2m
•
tutorial
•
intermediate
- An API developer faces an urgent need for security and traffic‑management capabilities for a micro‑service that delivers coupons, prompting him to explore IBM DataPower as a fast‑track solution.
- A case study of a startup shows that DataPower’s robust architecture handled a massive traffic surge without errors, illustrating its ability to protect backend services while scaling revenue channels.
12m
•
deep-dive
•
intermediate
- The IBM X‑Force Threat Intelligence Index highlights how insight into hacker activity—gleaned from dark‑web chatter and real‑world incidents—helps organizations build stronger defenses.
- Ransomware activity has declined for the third consecutive year, with ransom payments falling 35%, thanks in part to law‑enforcement takedowns of high‑profile ransomware groups.
15m
•
deep-dive
•
intermediate
- Agentic AI goes beyond conversation to autonomously perform actions like booking appointments and calling APIs, making its behavior a primary risk rather than just its output.
- “Shadow AI” refers to unofficial, ad‑hoc AI tools that are deployed without tickets, approvals, or audit trails, quickly turning from harmless scripts into hidden agents that access production data and external services.
43m
•
news
•
intermediate
- The podcast opens with a warning that shutting down one cyber threat often leads to the emergence of new ones, exemplified by the rise of YouTube‑related malware targeting children.
- Hosts discuss several recent security incidents, including the YouTube “ghost network,” the Glassworm malware campaign, widespread neglect of mobile security in enterprises, and the massive AWS outage of 2025.
3m
•
tutorial
•
intermediate
- Zero trust is a security strategy that rejects implicit trust based solely on factors like a device’s network location or a user’s badge, requiring continuous verification for every connection.
- It isn’t a single product or technology you can buy; it’s a strategic approach built around three core principles.
6m
•
tutorial
•
beginner
- Discovering security flaws late in the SDLC often forces costly, time‑consuming rework that delays releases and disappoints users.
- The traditional SDLC places testing (including security) after code is built, making it a reactive step that can miss critical vulnerabilities.
3m
•
news
•
beginner
- IBM helped develop three of the four algorithms selected by NIST for its upcoming post‑quantum cryptographic standard, enabling quantum‑safe public‑key encapsulation and digital signatures.
- The Crypto Express 8S HSM on IBM Z 16 now supports these new quantum‑safe schemes (e.g., Dilithium signatures), allowing developers to begin integrating quantum‑resistant cryptography alongside classic methods.
1m
•
other
•
beginner
- Our daily lives, both online and offline, depend on accurate, secure data flows that power everything from banking to train schedules.
- IBM MQ silently moves terabytes of data across mainframes, Linux, Windows, on‑premises and cloud environments, guaranteeing “once‑and‑only‑once” delivery to prevent costly duplications.
2m
•
deep-dive
•
intermediate
- Keith Bear, IBM’s VP for financial markets, outlines how collaborative networks—leveraging digital trade chain, cloud, and blockchain—are reshaping financial services.
- By creating a shared blockchain environment, banks can provide greater credit to SMEs, whose access to formal financing is currently limited to about 50%.
10m
•
tutorial
•
intermediate
- Shadow IT refers to any software, hardware, or IT resources used within an enterprise network without the IT department’s knowledge, distinct from malicious malware because it’s deployed by authorized users.
- Common examples include employees sharing files via personal Dropbox or thumb drives, using non‑standard video‑conferencing tools like Zoom instead of the corporate platform, and connecting personal mobile devices or laptops to the corporate network.
3m
•
news
•
beginner
- IBM and AT&T expanded their strategic partnership to leverage IBM Cloud Satellite on Red Hat OpenShift, enabling enterprise clients to more easily capture the $667 billion 5G‑edge opportunity with secure, open hybrid cloud capabilities.
- IBM teamed up with edge‑computing software firm Clearblade to combine IBM Edge Application Manager and Clearblade’s platform, offering autonomous edge and IoT solutions that let enterprises deploy, process, and analyze data locally across manufacturing, transportation, healthcare, and other sectors.
10m
•
tutorial
•
beginner
- The quiz introduces basic cyber‑security concepts, emphasizing that the core functions are **prevention, detection, and response**, not just firewalls, antivirus, or heavy encryption.
- Regarding **passkeys**, the speaker clarifies that losing a device does **not** make the account unrecoverable; recovery is possible via synced devices or standard account‑recovery methods.
5m
•
tutorial
•
intermediate
- SaaS applications such as Microsoft 365, Salesforce, Azure, and Google Workspace have become central to most organizations because they provide always‑up‑to‑date, globally accessible data that simplifies operations.
- The real risk isn’t just loss of individual files; a breach can jeopardize the entire IT infrastructure—including calendars, emails, invoices, and transactions—posing an existential threat to the business.
5m
•
tutorial
•
beginner
- The video is organized into four stages for landing a first cybersecurity role in 2023: education, job search, interviews, and navigating the first year.
- While a computer‑science degree provides the strongest technical foundation, degrees in data science or IT management can also open cybersecurity doors, especially if you supplement them with relevant electives.
8m
•
tutorial
•
intermediate
- A performance issue was traced to a small group of “bad bots” that generated huge resource loads while overall session counts stayed steady.
- Bots were categorized into “good” (search‑engine crawlers that follow standards), “evil” (malicious attackers targeting security) and “bad” (resource‑hogging but not overtly malicious) which were the focus of the mitigation.
9m
•
deep-dive
•
intermediate
- The episode pivots from prevention to response, asking “Should you pay a ransom?” and exploring what victims can realistically do once ransomware has encrypted their data.
- Ransomware attacks range from unsophisticated, high‑volume scams that target anyone (like the friend’s laptop) to elite, targeted operations that use zero‑day exploits against high‑value “keys to the kingdom.”
3m
•
tutorial
•
beginner
- The video explains that authentication—the “who are you?” question in IT—relies on three categories of factors: something you know, something you have, and something you are.
- Passwords or PINs (something you know) are easy to create and change but can be compromised if they’re shared or discovered.
8m
•
tutorial
•
beginner
- The creator received many comments on a previous video about the dark web and identified seven frequently asked questions to address in this follow‑up.
- The web is likened to an iceberg: the surface web (≈5%) is searchable, the deep web (≈95%) is unindexed, and the dark web (<1%) sits at the bottom, accessible only with special tools.
10m
•
deep-dive
•
intermediate
- The concept of identity governance began in the 1960s with mainframe users needing to protect files and schedule batch jobs, prompting early questions of “who am I?” and “what am I accessing.”
- By the 1970s‑80s, the rise of networked databases and applications required systematic user provisioning, directory services, authentication, and access control, expanding identity management to both internal employees and external partners.
4m
•
deep-dive
•
beginner
- The CIA triad in cybersecurity stands for confidentiality, integrity, and availability, forming the foundational framework for protecting information systems.
- Confidentiality ensures that only authorized users can access specific data, typically enforced through authentication, authorization, multi‑factor authentication, and encryption, while blocking unauthorized access.
4m
•
tutorial
•
intermediate
- IBM Cloud for VMware offers top‑tier security with FIPS 140‑2 Level 4 encryption for data at rest and in motion, role‑based access controls, and built‑in data‑sovereignty features such as geofencing and config‑drift management.
- Leveraging over a decade of experience managing more than 850,000 VMware workloads across banking, government, finance, insurance, and retail, IBM provides an automated, enterprise‑grade platform that enables rapid provisioning, high uptime, and simplified third‑party integration.
4m
•
tutorial
•
intermediate
- A recent OpenSSF survey revealed that 41% of organizations lack confidence in the security of the open‑source software they use, highlighting widespread concern.
- The speaker proposes the “Triple A” framework—Assess, Adopt, Act—to build open‑source security confidence, starting with a thorough assessment of project health (license clarity, governance, community activity) and security posture (architecture, code reviews, policies, and dependency management via SBOMs).
2m
•
news
•
intermediate
- Quantum computing promises a revolutionary shift in how information is processed, enabling breakthroughs in fields such as finance, chemistry, and artificial intelligence.
- Its ability to solve problems that are currently intractable also means it could undermine today’s encryption methods and overhaul existing cryptography standards.
2m
•
tutorial
•
beginner
- The former “complexity + expiration” rules (mix of cases, numbers, symbols, frequent changes) make passwords harder to remember, prompting users to write them down and actually weaken security.
- NIST’s updated guidance shifts focus to password **length**—encouraging long pass‑phrases that are easy to recall but hard to crack—while allowing passwords to remain unchanged indefinitely unless a compromise is detected.
3m
•
news
•
beginner
- IBM’s X‑Force Red team showed that, while AI can generate convincing phishing emails in minutes, human-crafted emails still achieved higher click‑through rates (18% vs. 11%) thanks to superior emotional intelligence and personalization.
- IBM MQ version 9.3.4 was announced with enhancements such as token‑based authentication, a new health‑dashboard console, and improved resiliency and connectivity for hybrid and multicloud environments.
7m
•
tutorial
•
intermediate
- Data is the most valuable asset for modern IT systems, making robust security essential to protect everything from intellectual property to actual money.
- Effective data security governance starts with a clear policy that defines classification tiers, catalogs critical data locations, and outlines resilience plans for recovery.
7m
•
tutorial
•
intermediate
- Cyber criminals exploit the fragmented, siloed nature of traditional risk functions—anti‑fraud, AML, SOC, insider‑threat, etc.—which leads to duplicated tools, data, and processes and creates gaps they can abuse.
- A realistic attack (phishing → credential theft → SIM‑swap → crypto laundering) demonstrates how no single department has full visibility, causing each to misinterpret the incident and respond inadequately.
1m
•
tutorial
•
beginner
- Personalized sign‑in experiences build user trust and make apps feel tailored, much like a barista remembering a regular’s order.
- IBM Cloud App ID lets developers add secure authentication and authorization to mobile and web apps without the usual complexity and risk.
1m
•
deep-dive
•
intermediate
- The team faced a major hurdle entering the highly regulated and complex cybersecurity sector, where disruptive solutions are especially difficult to introduce.
- To ensure true cloud‑native capabilities, they selected a loosely coupled architecture built on Kubernetes, containers, and IBM Cloud Private, allowing the solution to run on any cloud platform.
6m
•
tutorial
•
intermediate
- Confidential computing in public clouds requires encrypting data **and** ensuring that cloud operators, even with physical access, cannot read your keys or information.
- IBM Cloud Hyper Protect Services tackles this by offering a tamper‑resistant hardware security module (NHSM) combined with a hardened software stack, providing an isolated “slice” of HSM for each tenant.
2m
•
interview
•
intermediate
- Francois Douches highlights that 600 million to 1 billion people in Africa still lack electricity, creating a demand for affordable, adaptable solutions for energy service providers.
- Traditional blockchain setups protect private keys with costly hardware security modules, which are too expensive for low‑cost electricity projects.
15m
•
deep-dive
•
intermediate
- Security spending should be justified by the true costs of breaches—downtime, reputational damage, and lost trust—rather than just budget constraints.
- IBM’s 2025 Cost of a Data Breach Report surveyed 600 breached organizations and 3,500 leaders, providing real‑world insights rather than theoretical estimates.
46m
•
news
•
intermediate
- The episode opens with a warning that AI‑generated deepfakes have become dramatically more realistic, signaling a new era of threat‑making beyond earlier “Forrest Gump meets JFK” analogies.
- The show’s roundup covers a post‑mortem on the Scattered Lapsis hacker group, a proof‑of‑concept AI‑driven “prompt‑lock” ransomware, a single phishing email that compromised 20 npm packages, and a fresh IBM X‑Force report on the biggest threats to OT and critical‑infrastructure systems.
9m
•
tutorial
•
beginner
- Backup and disaster recovery are distinct concepts and should never be treated as the same thing.
- Backups protect against small‑scale failures—like host crashes, ransomware encryption, or other malicious attacks—by preserving all data and applications.
5m
•
tutorial
•
beginner
- The rise of foundation models and big‑data AI creates a new need for both model governance and data governance to ensure responsible use.
- Data governance is likened to a well‑organized LEGO set, providing a standardized, secure, and high‑quality foundation for an organization’s most valuable asset—its data.
5m
•
tutorial
•
beginner
- Ransomware attackers use two main extortion tactics: demanding a ransom for a decryption key or threatening to publicly release stolen data.
- The most critical defense for individuals is a layered backup strategy that includes regular local backups, alternating offline USB drives, and off‑site cloud storage to ensure recoverable copies even if one backup is compromised.
1m
•
other
•
beginner
- IT departments face mounting pressure from marketing, sales, finance, and development to deliver real‑time data, omni‑channel access, and rapid provisioning while contending with shadow IT and non‑compliant cloud usage.
- IBM offers a proven, comprehensive cloud adoption framework built on seven critical dimensions—including culture, architecture, security, innovation, and governance—to help organizations maintain control and security.
13m
•
interview
•
intermediate
- Large language models are powerful tools for tasks like summarizing meetings, but their natural‑language abilities also create new cyber‑attack vectors.
- Chenta Lee explains the concept of “hypnotizing” an LLM: feeding it a crafted false reality or hidden command that makes it obey malicious instructions while bypassing existing policies.
3m
•
other
•
intermediate
- Sridhar Muppidi predicts AI’s most consequential role in the next 5‑10 years will be in building secure‑by‑default applications.
- Security teams are overwhelmed by data and skill gaps, and AI can boost detection accuracy, speed investigations, automate responses, and provide proactive threat protection.
46m
•
news
•
intermediate
- AI is becoming increasingly capable, so organizations must adopt it as a tool while ensuring its trustworthiness, much like hiring an employee you trust to write code.
- The upcoming end‑of‑life for Windows 10 forces individuals and businesses to decide whether to upgrade, extend security updates, or switch to a different OS, each carrying distinct security and continuity risks.
12m
•
tutorial
•
beginner
- Stolen or compromised credentials are the leading cause of data breaches, according to major industry reports.
- Attackers employ five primary tactics—password guessing, harvesting, cracking, spraying, and stuffing—to obtain those credentials.
14m
•
tutorial
•
intermediate
- Humans are the weakest link in security, so attackers often use social engineering—exploiting greed or fear—to compromise targets.
- Successful attacks start with extensive intelligence gathering from sources like social media, LinkedIn, and company websites to personalize the lure.
3m
•
tutorial
•
intermediate
- The DPOD landing page immediately highlights system activity, memory usage, and error severity, giving a quick health snapshot when you first log in.
- Dashboard tabs (Recent Activities, Analytics, Sources, Security) let you monitor transaction success rates, pinpoint error spikes, view memory consumption, and search for security violations.
10m
•
tutorial
•
intermediate
- An API (Application Programming Interface) acts as a software intermediary that lets different applications communicate, such as when you browse Instagram or check travel prices.
- Modern organizations are breaking down large monolithic apps into loosely‑coupled microservices, which increases the volume of API calls and creates new challenges for security, scalability, and performance.
8m
•
tutorial
•
beginner
- In July 2024 a faulty security‑software update caused widespread outages, grounding flights, shutting banks and medical offices, and sparking public panic.
- Scammers seized on that chaos with “support scams,” posing as helpful technicians who claim they can fix the problem while actually hijacking the victim’s system and stealing data.
9m
•
tutorial
•
intermediate
- AI‑generated text can produce highly convincing phishing emails, undermining traditional language‑based detection methods.
- Generative AI can automatically write code, which means it can also create and embed malware or backdoors into software if not carefully reviewed.
2m
•
other
•
intermediate
- Ken Lee, CEO of GPB’s Hipps, outlines the company’s unified managed services—voice, mobile, internet connectivity, and cloud solutions—aimed at delivering uninterrupted operations for their customers.
- Since 2012, GPB’s has partnered with IBM, leveraging IBM’s bare‑metal and virtual servers to scale and extend client workloads across a global data‑center network, including migrations from on‑premise to virtual infrastructure.
3m
•
tutorial
•
beginner
- In today’s mobile‑centric world, personal and work data—including emails, documents, and banking info—are stored on smartphones, making them prime targets for attacks.
- Common mobile threats include phishing links, rogue Wi‑Fi networks, outdated operating systems, jailbroken devices, and malicious apps that can exfiltrate data.
14m
•
tutorial
•
intermediate
- Choose your database deployment (on‑premises, cloud, or remote) and evaluate the provider’s physical security, access controls, and whether you’ll be on shared or dedicated infrastructure.
- Isolate critical components (e.g., separate the database from the web/application server) to limit the impact of a compromise in a single layer such as the OS or PHP code.
5m
•
deep-dive
•
intermediate
- Confidential Computing is essential because data security, privacy, and regulatory concerns—especially fears of cloud providers having back‑door access— deter 95% of regulated‑industry customers from moving sensitive workloads to public clouds.
- IBM’s Hyper Protect Services address all three pillars of data protection—data at rest, data in flight, and data in use (in‑memory)—by delivering end‑to‑end confidential computing without sacrificing performance or latency.
4m
•
tutorial
•
intermediate
- Hackers exploit a single vulnerability or blind spot, much like movie villains finding a camera blind spot, overwhelming security analysts with countless alerts and tool fragmentation.
- A Security Information and Management (SIM) platform consolidates logs, threat intel, vulnerability feeds, NDR, and endpoint data into one system, using AI, machine learning, and analytics to correlate information in real time.
6m
•
tutorial
•
beginner
- The U.S. cybersecurity field commands high salaries and has about 750,000 open positions, a number that’s continuing to grow.
- Entry into the field can start with a range of education options—from a Bachelor’s in CS/IT, an associate’s degree, intensive bootcamps, to free or low‑cost online certificates (e.g., IBM’s Coursera offering).
3m
•
news
•
beginner
- IBM Cloud Data Security Broker (now in beta) acts as a reverse‑proxy “broker” between applications and data stores to provide field‑level encryption, masking and tokenization without any changes to application code, supporting both BYOK and KMS key models.
- The third‑generation IBM Db2 Warehouse separates compute from cloud‑native object storage, cutting storage costs and boosting performance while letting users independently scale compute and storage and work with open table formats such as Iceberg, Parquet, and JSON.
5m
•
tutorial
•
beginner
- Modern criminals target digital assets “online” rather than physical cash, shifting the focus of security from bank vaults to IT systems.
- A threat is any action that can disrupt normal operations, with the threat actor being the robber in a bank scenario or the malware creator/distributor in a cyber context.
3m
•
news
•
beginner
- IBM announced an expansion of its Power 10 server portfolio with three new mid‑range models and a scale‑out system, adding pay‑as‑you‑go consumption options and targeting mission‑critical, containerized and cloud‑native workloads with enhanced security and automation.
- The IBM MQ Appliance M2003, built on next‑generation hardware and updated MQ firmware, promises simpler setup, higher performance, greater resiliency, cost efficiency and data protection, and will be generally available on August 2.
3m
•
news
•
beginner
- IBM Cloud Code Engine is now generally available as a fully managed, pay‑as‑you‑go runtime that automatically builds images from Git, scales containers, applications, and batch jobs, and provides a single secure environment for all workload types.
- Digion Managed Desktop as a Service on IBM Cloud delivers high‑performance, securely layered virtual desktops from 43 global data centers, with automated deployment and turnkey management for cloud‑burst, disaster‑recovery, and merger‑acquisition scenarios.
36m
•
interview
•
beginner
- Jason recounts his journey from a West Point cadet and U.S. Army airborne ranger stationed in northern Italy to a two‑decade career at IBM, where he now builds teams and expands new business areas.
- Kristy shares her Canadian background and long‑standing experience as a Bain consultant, emphasizing how that role shaped her professional growth.
6m
•
tutorial
•
intermediate
- Pratheek Karnati introduces IBM Cloud Data Shield, a deployment‑time solution that enables confidential computing on x86/Intel SGX without code changes to protect data in use.
- Data Shield, powered by Fortanix Runtime Encryption, supports multiple runtimes (C/C++, Java, Python, Rust) and integrates with IBM’s Hyper Protect MongoDB for fully encrypted data at rest, in transit, and in memory.
18m
•
deep-dive
•
intermediate
- AI is becoming a dual‑edged sword: while it powers business innovations, it also equips hackers with more sophisticated tools for attacks.
- AI‑driven agents can automatically locate login forms on websites with about 95% accuracy, using large language models to parse page elements.
3m
•
news
•
intermediate
- The industry is transitioning from the first 20% of workloads already in the cloud to the remaining 80%, with “Chapter 2” defined by a hybrid cloud model that mixes private, public, and legacy environments, especially for regulated enterprises.
- Enterprises need cloud providers that understand hybrid deployments and can deliver cutting‑edge security and compliance across both public and private clouds.
9m
•
tutorial
•
intermediate
- If you don’t pay for a service, you become the product, which explains why free platforms often lack direct customer‑support channels.
- Security focuses on the CIA triad—confidentiality, integrity, and availability—aimed at protecting data from unauthorized access, alteration, or downtime.
2m
•
news
•
intermediate
- IBM Cloud for Financial Services, built with Bank of America, is the first public cloud designed for the financial sector and has expanded its trusted ecosystem with over 30 new partners in three months, offering co‑creation, go‑to‑market support, and joint security/compliance management.
- IBM CloudLabs now provides free, browser‑based Kubernetes training on IBM Cloud Kubernetes Service, letting users spin up a one‑node cluster for three hours, complete five interactive labs, and earn a certification badge without any downloads.
31m
•
tutorial
•
beginner
- The series shifts focus to the seven domains of cybersecurity architecture, beginning with identity and access management (IAM) as the “new perimeter” that must verify who users are early in the process.
- IAM revolves around four core functions—Administration (defining access rights), Authentication (confirming identity), Authorization (granting permissions), and Audit (reviewing the previous steps).
22m
•
news
•
intermediate
- The latest IBM “Cost of a Data Breach” report shows the average breach cost climbing to about $4.88 million, but AI‑driven security and automation can shave roughly $2.22 million off that figure, a savings of about half.
- Panelists disagreed on the outlook for breach costs in five years, with one predicting they’ll rise and another believing AI will drive them down.
3m
•
news
•
intermediate
- The IBM X‑Force Cloud Threat Landscape report reveals that misuse of legitimate credentials tops the exploit list, accounting for 36 % of incidents, and that stolen cloud credentials dominate the dark web (≈95 % of listed assets) with an average sale price of just $10.68.
- Cloud‑related vulnerabilities are surging, with 632 unique CVEs recorded in the past year—a 194 % jump that nearly triples the previous year’s count.
12m
•
tutorial
•
beginner
- The video introduces the CIA triad (Confidentiality, Integrity, Availability) and focuses on how to achieve confidentiality in cybersecurity.
- Confidentiality is primarily enforced through access control mechanisms, which include authentication (verifying identity) and authorization (ensuring the user has the right privileges), often implemented with multi‑factor authentication and role‑based access control.
13m
•
tutorial
•
beginner
- The Internet of Things turns everyday objects—lights, thermostats, cars, cameras—into computers, dramatically expanding the overall attack surface.
- As codebases grow (e.g., Linux with ~28 M lines, Windows with ~50 M, modern cars >100 M), complexity and the number of software bugs rise, creating more vulnerabilities.
42m
•
news
•
intermediate
- The podcast stresses that personal responsibility for security—pausing to consider decisions—directly influences safer practices at work.
- IBM’s “Security Intelligence” show, hosted by Matt Kaczynski with guests Dave Bales, Michelle Alvarez, and Brian Clark, highlights current cyber‑threat news and expert analysis.
11m
•
deep-dive
•
intermediate
- The cloud computing market is projected to reach $600 billion in 2024, driving massive migration of on‑premises data to the cloud and thereby expanding the overall attack surface.
- IBM X‑Force’s annual cloud‑threat landscape report draws on four main data sources: global threat‑intelligence feeds, penetration‑testing findings, incident‑response engagements, and monitoring of dark‑web activity.
40m
•
interview
•
intermediate
- Hackers are leveraging open‑source tools and agentic AI at high speed, prompting security teams to adopt the same technologies for proactive testing and defense.
- The episode previews a deep dive into OWASP’s 2025 Top 10 vulnerabilities, emerging ransomware trends, and the ongoing debate about the real value of cyber‑insurance policies.
14m
•
tutorial
•
intermediate
- Cloud misconfigurations rank as the third‑most common cause of data breaches in IBM’s 2023 report, trailing only phishing and stolen credentials, highlighting the critical need to address configuration errors.
- The leading security misconfiguration identified by the NSA and CISA is the use of insecure defaults—such as default admin credentials, enabled legacy services like Telnet, and self‑signed certificates—that attackers can easily discover and exploit.
7m
•
tutorial
•
beginner
- The attacker begins with reconnaissance to map the organization’s web, email, database, and file‑sharing systems before launching a phishing email that tricks a user into revealing credentials.
- Captured credentials are reused to access other internal resources, where the attacker discovers stored passwords in an unsecured flat file (e.g., Excel) and uses them to infiltrate the critical database.
2m
•
deep-dive
•
intermediate
- Continuous Automated Red Teaming (CART) transforms traditional, periodic red‑team exercises into an always‑on, scalable service that can be used by organizations of any size.
- Unlike annual penetration tests that provide only a snapshot, CART continuously probes evolving assets and threat vectors, delivering real‑time insight into both known and hidden vulnerabilities.
10m
•
deep-dive
•
beginner
- Blockchain is a distributed, immutable ledger that records any type of transaction, providing a single source of truth that every participant can verify.
- Using a simple loan analogy, the speaker shows how each node in a blockchain network holds a copy of every transaction, ensuring transparency and consensus across the network.
6m
•
tutorial
•
intermediate
- Quantum computers will soon be able to break today’s encryption, enabling fraud‑ultra‑authentication, forged signatures, and “harvest‑now/decrypt‑later” attacks on stored enterprise data.
- The first defensive step is to discover all cryptographic artifacts in both source and object code and compile a Cryptography Bill of Materials (CBOM), akin to an SBOM, to create a single source of truth.
14m
•
tutorial
•
intermediate
- Biometrics such as fingerprints, faces, voices, and DNA are not secret because we constantly leave them behind in everyday activities, making them widely exposed.
- The core privacy issue is not the biometric data itself but whether individuals give informed consent and how organizations store, use, and protect that data.
12m
•
tutorial
•
beginner
- Ransomware has surged in the news, affecting everything from pipelines to schools, and it poses a threat to both corporate networks and personal computers.
- Attackers exploit unpatched security vulnerabilities by delivering dormant malicious code that later activates to encrypt a victim’s files while leaving core operating‑system files untouched.
16m
•
deep-dive
•
intermediate
- The “identity fabric” concept debunks the two‑decade‑old fantasy that a single identity provider and user directory can handle all IAM needs, arguing that this approach no longer works in today’s hybrid environments.
- In practice, organizations must manage two distinct IAM domains: consumer/CIAM (customers, partners, external users) and workforce IAM (employees, internal partners), each often requiring its own specialized system.
17m
•
tutorial
•
intermediate
- The video delves into the day‑to‑day responsibilities of an ethical hacker, expanding on the role introduced in the series’ first episode.
- Ethical hacking is framed as a layered process: automated vulnerability scanning at the base, manual penetration testing in the middle, and full‑scale red‑team simulations at the top.
8m
•
deep-dive
•
intermediate
- Identity protection has surged to the top of cyber‑security priorities because, according to the 2024 IBM X‑Force Threat Intelligence Index, 30 % of attacks were phishing and another 30 % exploited compromised valid accounts, making identity management the leading attack vector.
- It is a core pillar of the “identity fabric,” a framework that unifies seven elements—Orchestrated Workflows, Risk‑Based Authentication with AI behavioral analysis, Legacy Application Gateways, Identity Protection itself, Directory Synchronization for a single view of access, Identity Governance for onboarding/off‑boarding, and Privileged Account Management to satisfy cyber‑insurance requirements.
14m
•
tutorial
•
intermediate
- A data breach costs on average $4.35 million globally and $9.44 million in the United States, highlighting the huge financial risk of poor data security.
- Effective data security starts with a governance framework that defines a data‑security policy, classification levels, and the specific protections required for each sensitivity tier.
6m
•
tutorial
•
intermediate
- Transitioning from VMs to containers introduces new attack surfaces, including container images, image registries, runtimes, orchestration platforms, and the shared host OS kernel.
- Secure images by regularly updating them with patches, continuously scanning for vulnerabilities, and cryptographically signing them to verify authenticity.
5m
•
tutorial
•
intermediate
- The SOC’s core mission is to detect and respond to security incidents, complementing broader cybersecurity efforts focused on prevention.
- A modern SOC is staffed with four main roles: a manager who oversees operations, engineers who build and configure the environment, analysts (often tiered from 1‑3) who investigate alerts, and threat hunters who proactively seek hidden risks.
1m
•
deep-dive
•
intermediate
- Degree, head of technical operations at Inspire Tech, explains that their EasyShare file‑collaboration platform helps organizations balance security and accessibility in the digital workplace.
- To let internal users share files externally while keeping the intranet isolated, Inspire Tech uses a three‑tier “hitch” model with separate web, application, and database servers in the DMZ and intranet.
3m
•
news
•
beginner
- Researchers uncovered >1,200 phishing kits that act as reverse‑proxy “man‑in‑the‑middle” attacks to steal two‑factor authentication codes and session cookies, underscoring a surge in sophisticated phishing and the need for MFA combined with strong user education.
- IBM announced “IBM Cloud Bare Metal Servers for VPC,” delivering classic bare‑metal performance with faster on‑demand provisioning, larger core/memory options, client‑managed virtualization, and improved network design—all without a gateway between Classic and VPC environments.
9m
•
tutorial
•
intermediate
- The field of adversarial AI is exploding, with over 6,000 research papers published on the topic, highlighting a rapid increase in both interest and threat development.
- Prompt‑injection attacks—either direct commands or indirect instructions embedded in external content—function like social engineering, “jailbreaking” language models into obeying malicious requests they were not designed to fulfill.
11m
•
tutorial
•
beginner
- DNSSEC protects users from DNS‑based attacks that hijack traffic by injecting malicious DNS responses, which can steal credentials or cause financial loss.
- It provides three core security guarantees: origin authentication, data integrity checking, and authenticated denial of existence.
3m
•
news
•
intermediate
- The 2023 X‑Force Threat Intelligence Index analyzes billions of 2022 data points and highlights back‑doors as the most common attacker objective, accounting for 21% of incidents and often serving as a precursor to ransomware.
- Ransomware attacks have accelerated dramatically, with the average dwell time shrinking from just over two months to roughly three days, underscoring the need for customized, regularly‑tested incident‑response plans.
9m
•
tutorial
•
intermediate
- The speaker laments the hassle of remembering many passwords and proposes a password‑less solution that can boost both security and usability.
- This solution is the Fast Identity Online (FIDO) standard, which replaces passwords with “passkeys” and has been supported by the FIDO Alliance and over 250 member organizations since 2013.
2m
•
deep-dive
•
beginner
- IBM Cloud Secrets Manager, built on open‑source HashiCorp Vault, provides a centralized, managed service for creating, storing, rotating, and revoking a wide range of secrets such as IAM API keys and user credentials.
- The service integrates with other IBM Cloud offerings (e.g., private catalogs) to deliver in‑context secret retrieval and supports leasing to grant temporary access to applications or team members.
5m
•
tutorial
•
beginner
- Cybersecurity revolves around the CIA triad—confidentiality, integrity, and availability—which defines the core goals of protecting data and systems.
- To achieve the CIA objectives, practitioners follow the PDR framework: prevention, detection, and response.
8m
•
tutorial
•
beginner
- QR codes are everywhere because they’re convenient, but scanning them can unknowingly direct you to malicious sites that install malware or steal credentials.
- “Quishing” is the term for QR‑code phishing, extending the phishing family (phishing, spear‑phishing, whaling, smishing, vishing) to the QR medium.
21m
•
tutorial
•
beginner
- Malware has transformed from early “just for fun” experiments and ego‑driven mischief into sophisticated, profit‑driven threats like today’s billion‑dollar ransomware attacks.
- The original term “virus” described code that needed user interaction to spread, exemplified by the 2000 ILOVEYOU virus that caused billions in damage by disguising a script as a love letter attachment.
3m
•
news
•
beginner
- IBM Edge Application Manager uses AI‑enabled cameras to detect improperly worn or missing face masks locally, preserving video privacy and reducing bandwidth costs while sending alerts and aggregated data to IBM Maximo Worker Insights for facility monitoring.
- The same edge platform can also monitor crowd density, enforce social‑distancing, and capture elevated body‑temperature readings, helping businesses reopen safely.
3m
•
tutorial
•
intermediate
- Next‑Generation Antivirus (NGAV) builds on traditional signature‑based AV by adding AI‑driven behavioral analysis to block both known and unknown threats, but it mainly offers prevention without deep telemetry.
- Endpoint Protection Platforms (EPP) focus on stopping known threats using signatures, heuristics, and behavior, and they also handle basic IT hygiene tasks like policy enforcement, USB blocking, and patching.
17m
•
tutorial
•
intermediate
- The cybersecurity “how” is expressed as S = P + D + R, meaning security is achieved through prevention, detection, and response, aligning with the CIA triad of confidentiality, integrity, and availability.
- So far, the covered domains (identity & access, endpoint, network, application, and data security) have focused mainly on prevention controls to stop breaches before they occur.
3m
•
news
•
beginner
- A new White House fact sheet spotlights U.S. cyber‑security priorities, emphasizing critical‑infrastructure protection, the development of quantum‑resistant encryption (with NIST unveiling four post‑quantum algorithms), and a proposed IoT‑labeling program to certify devices meeting high security standards.
- IBM announced that 18 of its products made the TrustRadius “Best of Winter 2023” list, earning top scores for best feature set, best value for price, and best relationship—including API Connect, Db2, Turbonomic, Planning Analytics with Watson, and Cognos Analytics with Watson.
19m
•
deep-dive
•
intermediate
- Quantum computers exploit superposition, entanglement, and other non‑classical physics to explore many possible solutions simultaneously, giving them a huge advantage for tasks such as molecular simulation and massive data searches.
- While this breakthrough promises breakthroughs like faster drug discovery and solving problems far beyond today’s supercomputers, it also creates a new security risk: data encrypted today could be decrypted later once quantum hardware matures.
41m
•
interview
•
intermediate
- Attackers can evade keystroke‑based detection by randomizing the timing between key presses, a simple tactic that should have been implemented years ago.
- Recent proof‑of‑concept attacks demonstrate malicious AI agents: Datadog’s “Kofish” exploits Microsoft Copilot Studio to covertly harvest OAuth tokens, and Palo Alto’s “agent session smuggling” hijacks agent‑to‑agent communication to issue hidden malicious commands.
3m
•
tutorial
•
intermediate
- CSPM (Cloud Security Posture Management) focuses on securing public‑cloud infrastructure and platform configurations (identity, IAM, network settings, open ports) but does **not** provide data‑level protection.
- DSPM (Data Security Posture Management) protects data across both public and private clouds, SaaS applications, and even “shadow” data, offering visibility and remediation for unauthorized access, privacy violations, and compliance gaps.
1m
•
news
•
beginner
- Passport on Bluemix offers a full suite of user‑management APIs (authentication, email, etc.) that let developers quickly bootstrap their applications.
- By handling user‑related functionality, Passport frees teams to focus on core, revenue‑generating features and speeds time‑to‑market.
1m
•
news
•
beginner
- Transaction failures in IBM DataPower gateways are hard to trace because logs are only kept temporarily, making root‑cause analysis time‑consuming and costly.
- Existing monitoring tools alert on errors but do not deliver enough detail for real‑time troubleshooting across multiple gateways.
6m
•
tutorial
•
intermediate
- A Black Friday system outage caused by a hack highlights the urgent need for a unified detection‑and‑response capability to identify what was stolen, stop ongoing damage, and remediate the breach.
- Extended Detection and Response (XDR) is defined variously: IDC describes it as collecting security telemetry, analyzing it, detecting malicious activity, and responding; Forrester frames it as an evolution of EDR that adds threat‑hunting and investigative capabilities; Gartner calls it a cloud‑based platform that cuts tool sprawl, reduces alert fatigue, and lowers operational costs.
3m
•
other
•
beginner
- The rapid growth of APIs, mobile apps, and other digital channels is overwhelming IT teams and exposing new security and management challenges.
- IBM DataPower Gateway offers a cost‑effective, proven solution for securing, controlling, and optimizing traffic at the network edge across APIs, mobile, B2B, cloud, and web services.
17m
•
interview
•
intermediate
- Bob Kalka (IBM) and Tyler Lynch (HashiCorp/IBM) introduce a new “cyber‑trust” series that shifts the typical split‑track conversation on human versus machine identities toward a unified approach.
- They note that ≈ 80 % of cyber‑attacks now exploit identity, highlighting how siloed teams and tools (e.g., separate IT and DevOps solutions, limited SIEM analytics) leave organizations vulnerable.
11m
•
tutorial
•
intermediate
- Brakes aren’t just for stopping; they enable high‑speed performance by providing a way to manage risk, just as risk controls let us take calculated risks safely.
- Effective risk analysis—identifying threats, gauging likelihood, and estimating impact—should be the first step in any system design, informing policy, architecture, implementation, and operation.
9m
•
tutorial
•
beginner
- Secrets are digital credentials that authenticate an entity and define its permissions, enabling secure communication with services.
- In practice, users need credentials to access resources like development repositories, while microservices require configuration data (e.g., database credentials) to interact with each other.
12m
•
tutorial
•
intermediate
- A simple conversation about a bank account number illustrates “audio jacking,” where the listener hears a different number than the speaker intended, revealing the attack’s subtle manipulation.
- Researchers coined “audio jacking” as a new man‑in‑the‑middle (MITM) attack that intercepts and alters spoken audio in real time, demonstrated by a proof‑of‑concept demo.
3m
•
news
•
intermediate
- IBM’s 2021 X‑Force Threat Intelligence Index highlights ransomware as the leading attack type, though its remediation rate fell about 9% year‑over‑year.
- Supply‑chain security surged to a top priority for governments, while vulnerability exploitation was the primary initial attack vector in the manufacturing sector.
6m
•
tutorial
•
beginner
- Most users end up with hundreds of unique, strong passwords they can’t realistically remember, leading to insecure shortcuts like sticky‑note “PC sunflower” displays, plaintext files, or reusing the same password everywhere.
- These insecure practices expose organizations to serious risk because a single compromised password can grant attackers access to multiple systems.
6m
•
tutorial
•
intermediate
- Many SaaS providers (e.g., Microsoft 365, Salesforce) explicitly recommend using third‑party backup tools because built‑in protection often falls short of business needs.
- Data stored in SaaS apps is vulnerable to hardware failures, user or admin mistakes, natural disasters, and especially malware/ransomware attacks.
14m
•
other
•
beginner
- Howard Bourville of IBM opened the virtual London Tech Week, sharing how the pandemic forced him to juggle full‑time work and homeschooling his seven‑year‑old son.
- He stressed that digital interaction is no longer optional—customers now expect instant, seamless, and secure experiences in every transaction.
8m
•
deep-dive
•
intermediate
- The segment begins by exposing a common tech‑support scam where impostors pose as “John” and push malicious “disinfection” software that actually installs a Remote Access Trojan (RAT).
- A RAT is explained as a Trojan‑type malware that lets an attacker remotely control a computer, capture keystrokes, view the screen, access files, inject additional malware, and even activate webcams and microphones.
11m
•
deep-dive
•
intermediate
- Grant Miller traces the roots of identity management back to the 16th‑century passport introduced by King Henry V, framing modern identity as a continuation of early border‑control concepts.
- He explains that today’s identity management separates “who you are” (authentication) from “what you’re allowed to do” (authorization), adding roles and tasks to the classic who‑where‑what model.
13m
•
tutorial
•
beginner
- The creator released a follow‑up “Cybersecurity Career FAQ” video after receiving a flood of repeat questions about entering the field, covering the top seven topics viewers most often ask.
- Core questions addressed include whether a college degree is required, which industry certifications are essential, the need for coding skills, how to obtain extra training, and concerns about mentorship, job placement, and AI’s impact on cybersecurity jobs.
3m
•
news
•
intermediate
- The 2022 IBM Cost of a Data Breach report, based on 550 incidents from Mar 2021‑Mar 2022, found the average breach cost $4.35 million and 83% of studied organizations experienced multiple breaches.
- Breaches take an average 277 days to identify and contain, but reducing containment time to under 200 days can trim the cost by roughly $1 million.
3m
•
other
•
intermediate
- The API economy drives business growth, but rapid market entry often leads to overlooked security, integration, and optimization requirements.
- IBM DataPower Gateways serve as a market‑leading API gateway, providing robust security, control, and performance optimization across mobile, cloud, and IoT channels.
9m
•
tutorial
•
beginner
- The “surface web,” which is indexed by search engines, represents only about 5% of the entire web, while roughly 95% remains unindexed.
- The vast unindexed portion is split into the **Deep Web** (mostly private, password‑protected content like medical, legal, and forum data) and the **Dark Web** (intentionally hidden networks inaccessible via standard browsers).
17m
•
tutorial
•
beginner
- The series introduces cybersecurity architecture by first covering fundamental principles that should underpin every security effort and then exploring specific domains for identifying vulnerabilities and implementing best practices.
- It is based on a 400‑level enterprise security architecture course taught by an adjunct professor at NC State University, offering informal video instruction without homework or exams.
10m
•
deep-dive
•
intermediate
- Phishing attacks have become increasingly sophisticated, and a recent experiment compared the effectiveness of generative AI‑crafted phishing emails versus those written by humans.
- IBM X‑Force researchers prompted generative AI to generate industry‑specific concerns, then instructed it to compose a socially engineered, marketing‑styled phishing email that leveraged empathy, FOMO, and urgent calls to action.
13m
•
tutorial
•
intermediate
- Organizations adopting generative AI, RAG models, and agentic systems are encountering the challenge of securely propagating user identities throughout complex agent flows.
- Traditional identity propagation patterns are reviewed, starting with **no delegation**, where the application accesses downstream services without any knowledge of the end‑user.
9m
•
tutorial
•
intermediate
- The speaker proposes a role‑based approach that can shrink identity‑management size, cost, and complexity by orders of magnitude, making security easier because simplicity reduces vulnerabilities.
- Managing permissions per individual user creates a tangled “spaghetti” of unique entitlements that are hard to track, especially when users leave the organization.
6m
•
tutorial
•
intermediate
- A massive shortage of cybersecurity talent means organizations must rely on “force multipliers” like automation and artificial intelligence to fill and protect hundreds of thousands of open positions.
- AI can serve as a powerful investigative tool by building knowledge graphs that model relationships between domains, IP addresses, URLs, files, malware signatures, and user activity.
4m
•
deep-dive
•
intermediate
- Attackers typically remain undetected for roughly 300 days because organizations lack full visibility into all their security data.
- SIEMs aggregate logs from various security devices to provide near‑real‑time alerts, but many sources—such as endpoint detection tools, legacy systems, or newly acquired SIEMs—often remain unconnected, creating “SIEM gaps.”
14m
•
tutorial
•
beginner
- AI offers huge benefits but also poses risks of incorrect outputs and reputational damage, making strong governance and security essential.
- A 2025 IBM report shows 63 % of organizations lack an AI governance policy, leaving a critical gap in risk mitigation.
3m
•
deep-dive
•
intermediate
- Cybersecurity programs aim to manage risk and maintain business resilience, relying on timely vulnerability detection and patching, but the sheer volume of reported flaws makes a “find‑and‑fix” approach impractical.
- Traditional asset‑management tools miss about 30 % of an organization’s assets, leaving many vulnerable points exposed and untracked for attackers to exploit.
3m
•
deep-dive
•
intermediate
- The studio has operated for over 20 years, producing hundreds of hours of episodic TV, direct‑to‑DVD movies, and feature films while juggling multiple concurrent projects on a tight schedule.
- To meet demanding client deadlines, they needed a secure, high‑speed solution for transferring large media files (often > 500 MB) that also provided an audit trail of uploads and downloads.
11m
•
deep-dive
•
intermediate
- Passwords are fundamentally weak because users choose simple, easily guessable strings, reuse them across sites, and inevitably forget even the stronger ones they create.
- This reuse creates a “single point of failure” where compromising one account gives attackers access to all of a user’s other services.
9m
•
tutorial
•
intermediate
- Even operational systems, including Linux, can be compromised and contain malware, but this doesn’t inherently make open‑source software insecure.
- Proprietary software hides its source code (a “black box”), whereas open‑source software reveals the code, allowing anyone to inspect how it works.
3m
•
tutorial
•
intermediate
- IBM Content Foundation provides a secure, scalable, and mobile‑ready platform for managing content at any scale—on‑premise, cloud, or hybrid—reducing cost and risk while supporting collaboration.
- The solution streamlines document management with visual previews, role‑based redaction, social interaction metrics, and powerful enterprise search that quickly locates content across silos.
4m
•
tutorial
•
beginner
- Will Davis introduces a multi‑part series on Unified Endpoint Management (UEM) and explains that UEM is the evolution of Mobile Device Management (MDM), which originally managed only iOS and Android devices.
- UEM extends management capabilities beyond mobile platforms to include Windows and macOS, consolidating previously separate management domains into a single, unified console.
9m
•
tutorial
•
intermediate
- The belief that encrypted data is safe even if leaked is challenged by the prospect of future quantum computers that could break today’s encryption, rendering all privacy and transaction integrity unreliable.
- Cryptographic schemes fall into two categories: symmetric algorithms (e.g., AES) using single short keys (128‑256 bits) and asymmetric algorithms (e.g., RSA) using paired long keys (1024‑2048 bits) based on mathematically hard problems like large‑number factorization.
15m
•
interview
•
intermediate
- The speaker emphasizes using “war stories” – real‑world anecdotes about security failures – as cautionary lessons for organizations.
- Patrick Fussell, IBM X‑Force’s Global Head of Adversarial Simulation, explains that ethical hacking is performed **with permission** to improve security, not to exploit vulnerabilities for personal gain.
11m
•
tutorial
•
intermediate
- Open‑source software is free and community‑supported, but developers must take responsibility for its security by reviewing and understanding their code.
- The session uses three simple Go code examples to illustrate common OWASP Top 10 risk categories, letting participants engage by spotting symbols that indicate questions, thinking, and answers.
16m
•
news
•
intermediate
- The presenter reviews past cybersecurity forecasts, confirming that passkey adoption has surged, with one company reporting 4.2 million passkeys saved and one‑third of users now employing them.
- AI‑generated phishing has become a reality, producing highly personalized, grammatically flawless emails that are far more convincing than traditional scams.
7m
•
interview
•
intermediate
- A security architect must understand both how a system works and anticipate all possible failure scenarios, essentially thinking like a hacker.
- The “pre‑mortem” approach flips traditional post‑mortem analysis by assuming a system has already failed and working backwards to prevent those failures before attackers exploit them.
13m
•
tutorial
•
beginner
- Authentication relies on three factor types: something you know (password/PIN), something you have (a registered device like a mobile phone), and something you are (biometric traits such as fingerprint or facial recognition).
- Each factor has inherent vulnerabilities: passwords can be stolen or shared, devices can be lost or taken, and biometrics can be spoofed or matched to similar individuals.
3m
•
news
•
beginner
- IBM announced the general availability of **IBM Wazi as a Service**, a self‑serve Z OS development environment that can spin up a purpose‑built virtual server in under six minutes, enabling faster continuous delivery, “shift‑left” testing, and up to 15× higher performance than comparable x86 solutions.
- The new **IBM Spectrum Sentinel** solution adds cyber‑resiliency by continuously monitoring data, using Safeguarded Copy snapshots on IBM Flash System arrays to detect ransomware, isolate compromised copies, and provide immutable restore points for rapid recovery within minutes or hours.
8m
•
deep-dive
•
intermediate
- Confidential computing fills the missing “in‑use” security layer, protecting data while it’s being processed, complementing the existing at‑rest and in‑transit encryption paradigms.
- The primary threats it addresses include malicious actors scraping data, memory‑dump attacks, insider threats, and the risk of exposing sensitive information to external partners or vendors during collaboration.
16m
•
tutorial
•
intermediate
- All software inevitably contains bugs, and a portion of those bugs become security vulnerabilities, meaning virtually every application has some security risk.
- The majority of vulnerabilities are introduced during the coding phase, with fewer being discovered later during testing and production.
17m
•
tutorial
•
intermediate
- The 2024 IBM Cost of a Data Breach Report identifies phishing as the second‑most common cause of breaches (15% of cases) and the second‑largest cost driver, averaging $4.88 million per incident.
- Phishing is a form of social engineering that exploits human trust by appealing to motivations of “gain” (carrots) or “loss” (sticks), aiming primarily to steal credentials or deliver malware that harvests those credentials.
3m
•
deep-dive
•
intermediate
- IBM Operational Decision Manager Advanced leverages real‑time location and historical data to deliver personalized offers—such as a Broadway show recommendation—to customers during mobile‑banking interactions.
- Predictive analytics within the platform identify churn risk, prompting the bank to proactively send a dinner‑voucher incentive that enhances customer loyalty.
5m
•
deep-dive
•
advanced
- DemoBank launched a modernization initiative to adopt a microservices‑based, cloud‑native architecture, enabling rapid delivery of new digital features such as a virtual assistant that integrates AI, weather, and traffic data.
- To stay competitive against the fast‑growing rival AnyBank, CIO Amy prioritized a suite of online services—including mobile check deposit and face‑ID login—while maintaining legacy back‑end data on‑premises in a hybrid environment.
5m
•
tutorial
•
intermediate
- The speaker outlines a malicious plan to build a crypto‑mining botnet by infecting other people’s computers, emphasizing that a network of compromised machines is far more efficient than a single system.
- He targets engineering students who are likely gamers with powerful GPUs, using publicly available botnet code from GitHub labeled “educational purposes.”
7m
•
tutorial
•
intermediate
- Effective incident response is essential to stop a breach from “sinking” an organization, much like a ship needs many hands and buckets to stop taking on water.
- The attack timeline includes reconnaissance, the breach event (“boom”), a long mean‑time‑to‑detect (≈200 days) and mean‑time‑to‑resolution (≈70 days), which give attackers ample time in the network.
9m
•
tutorial
•
intermediate
- XSS (cross‑site scripting) is a decades‑old injection attack that remains the top‑impact threat in recent IBM X‑Force Cloud reports and ranks among OWASP’s top web‑application vulnerabilities.
- Attackers embed malicious JavaScript into benign sites (e.g., comment fields), which then executes in a victim’s browser under the trusted site’s context.
8m
•
tutorial
•
intermediate
- The U.S. NIST Cybersecurity Framework (CSF) provides a structured approach—Identify, Protect, Detect, Respond, Recover—with a new Governance layer added in version 2.0 to guide organizations in aligning security with business objectives.
- Governance requires understanding the organization’s mission, risk tolerance, role responsibilities, and developing policies and procedures, with risk assessment recommended as the starting point.
2m
•
news
•
beginner
- Success hinges on delivering fast, secure, always‑on mobile experiences that keep users returning.
- IBM Cloud Internet Services (CIS) combines best‑in‑class performance with ironclad security, eliminating the traditional trade‑off between the two.
14m
•
deep-dive
•
intermediate
- The IBM Cost of a Data Breach survey shows the average breach now costs about $4.9 million globally (roughly $10 million in the U.S.), a 10% increase over the previous year, and the figure has been trending upward over time.
- Data is described as the “lifeblood” of modern enterprises; losing it can erode intellectual property, brand reputation, and customer trust.
13m
•
tutorial
•
intermediate
- A hacker discovered a zero‑day flaw in a fancy PIN‑code lock that can be triggered by waving a magnet over it, exposing the lock before the manufacturer can issue a fix.
- The speaker maps this physical example to software security, outlining a typical zero‑day timeline: software release, undisclosed vulnerability, attacker discovery, vendor notification (responsible disclosure), and eventual public awareness.
11m
•
tutorial
•
intermediate
- Passkeys store a private key on your device that you unlock with biometrics, eliminating passwords while maintaining security.
- If you lose the device, you lose the private key, but account‑recovery mechanisms similar to password reset (e.g., secret questions or identity verification) can restore access.
16m
•
deep-dive
•
intermediate
- Security teams should focus on “how” to enable safe adoption of new technology rather than simply saying “no,” because outright denial pushes risky behavior underground where it can’t be monitored.
- Acting as a “brake” that controls speed—like high‑performance car brakes that allow fast driving without crashing—makes security an enabler that supports calculated risk and business agility.
2m
•
news
•
beginner
- Companies now must share ever‑larger volumes of data across many teams and locations, but existing file‑sharing services become slow, unreliable, and insecure when handling huge files.
- Sparrow Drive offers a fast, reliable, and secure platform for exchanging virtually unlimited‑size files and folders, accessible from desktops, browsers, mobile devices, or email.
5m
•
tutorial
•
intermediate
- EDR (Endpoint Detection and Response) is a security approach that continuously monitors endpoints to proactively detect and automatically respond to threats in real time.
- It relies on lightweight agents installed on each device to gather extensive telemetry—process activity, network connections, file accesses, etc.—even when the endpoint is offline.
10m
•
tutorial
•
beginner
- The speaker frames cybersecurity threats through Sun Tzu’s principle “know your enemy,” emphasizing that understanding attackers is essential for effective defense.
- For the purpose of the discussion, “hacker” is defined (following Google) as a person who uses computers to gain unauthorized access to data, distinguishing them from non‑malicious tech enthusiasts.
9m
•
tutorial
•
intermediate
- A denial‑of‑service (DoS) attack targets the “availability” pillar of the CIA triad, aiming to make a system unusable.
- Not all DoS attacks rely on sheer traffic volume; a “ninja” or surgical strike uses a single, specially crafted packet (e.g., a buffer‑overflow exploit) to crash the target instantly.
7m
•
deep-dive
•
intermediate
- AI has shifted from a predicted trend to a dominant force in cybersecurity, driving both new threats and the need for stronger defenses.
- The industry is moving away from traditional passwords toward password‑less authentication methods like the FIDO standard, which offer greater security and usability.
51m
•
news
•
intermediate
- Gartner recommends organizations temporarily ban AI‑enabled browsers (e.g., Perplexity’s Comet, ChatGPT’s Atlas) due to risks of data exposure and uncontrolled AI agents accessing corporate systems.
- Recent research demonstrated a “drive‑wipe” attack where a simple email command could delete an entire Google Drive, highlighting the real‑world danger of AI‑driven automation.
15m
•
deep-dive
•
intermediate
- The speaker uses IBM X‑Force’s 2024 Threat Intelligence Index (reviewing 2023) to turn last year’s security “failures” into learning opportunities.
- Identity‑based attacks dominate initial‑access vectors, with “valid account” misuse tied with phishing at roughly 30% of incidents and a 71 % year‑over‑year rise.
4m
•
tutorial
•
intermediate
- Backups become critical when ransomware strikes, and there are four primary strategies to consider: local, cloud‑based, air‑gapped, and immutable backups.
- Local backups (e.g., USB or network drives) are fast but share the same attack surface as the primary data, so if ransomware encrypts the main system it can also corrupt the backup.
3m
•
news
•
beginner
- IBM X‑Force’s 2022 “Definitive Guide to Ransomware” reports a sharp rise in attacks, with the average attack time dropping from over two months in 2019 to under four days in 2021 and ransom demands reaching $40‑$80 million.
- The guide provides a complete ransomware lifecycle playbook—including preparation, detection, containment, eradication, recovery, and post‑incident activities—to help organizations educate themselves and respond effectively.
10m
•
tutorial
•
intermediate
- API management provides a centralized, scalable platform for building, publishing, and controlling enterprise APIs across multi‑cloud environments, handling access, usage analytics, and security policies.
- The “restaurant” analogy illustrates that an API acts like a menu and waiter, exposing only the needed functionality of complex backend services while shielding users from internal implementation details.
10m
•
tutorial
•
intermediate
- Cloud security follows a shared‑responsibility model, where the provider secures the underlying platform (network, hypervisor, containers, SaaS applications) and the customer secures the workloads, applications, and data they run on it.
- The specific responsibilities shift depending on the service model—PaaS (customer secures app and data, provider secures platform), IaaS (customer controls OS, VMs, and data, provider secures hypervisor and hardware), and SaaS (provider secures everything except the customer’s data).
11m
•
interview
•
intermediate
- The current landscape is plagued by countless passwords, leading to forgetfulness, weak security practices, and user fatigue.
- Multi‑Factor Authentication (MFA) improves security by combining “something you know,” “something you have,” and “something you are,” though it may still rely on hidden passwords behind the scenes.
4m
•
news
•
intermediate
- The 2024 IBM X‑Force Threat Intelligence Index reports a 71% year‑over‑year rise in attacks that use valid credentials, making compromised accounts the top entry point for cyber‑criminals and accounting for roughly 30% of all incidents.
- Ransomware groups are pivoting to a “leaner” model: ransomware attacks on enterprises dropped about 12%, while “info‑stealer” malware surged 266% as attackers move toward data‑theft rather than extortion.
14m
•
tutorial
•
intermediate
- A VPN (virtual private network) encrypts your internet traffic so sensitive data like credit‑card numbers or personal IDs aren’t exposed on public networks.
- Without protection, attackers can eavesdrop on your connection or set up “evil twin” Wi‑Fi hotspots that intercept packets before they even reach the internet.
3m
•
news
•
beginner
- IBM commemorates National Cybersecurity Awareness Month by honoring incident responders, highlighting their critical role in safeguarding essential services like hospitals and schools from ransomware attacks.
- A dedicated microsite has been launched so participants can create and share customized appreciation posts for these cybersecurity heroes on social media.
14m
•
tutorial
•
intermediate
- Chatbots have exploded in popularity, reaching 100 million users within two months, driven by generative AI and large language models.
- A standout but under‑discussed capability is bidirectional language translation, which delivers more natural and accurate results than traditional tools.
3m
•
review
•
beginner
- Veeam provides intelligent backup and disaster‑recovery (DR) capabilities that are essential for maintaining hyper‑availability amid increasing threats such as natural disasters, ransomware, cyber‑attacks, and human error.
- Moving DR and backup workloads to the cloud mitigates the risk of a single‑site failure by leveraging geographic diversity, allowing a low‑footprint, on‑demand scale‑up model that reduces costs until an outage occurs.
12m
•
deep-dive
•
intermediate
- Modern vehicles function as complex computers, containing 70‑100 onboard systems and roughly 100 million lines of code, which makes every car a potential hacking target.
- The explosion of connected‑car deployments—projected at 367 million vehicles by 2027 and already numbering in the billions—means each vehicle becomes an additional endpoint, dramatically expanding the overall attack surface.
9m
•
tutorial
•
intermediate
- The episode introduces public key infrastructure (PKI) by recounting a real‑world scenario of setting up a website’s HTTPS lock icon and the steps involved: generating a key pair, creating a certificate request, obtaining a certificate from a CA, and installing it on the server.
- Jeff explains that PKI relies on asymmetric cryptography, where a public and a private key are mathematically linked so that data encrypted with one can only be decrypted with the other.
12m
•
deep-dive
•
intermediate
- Enterprises are moving beyond isolated siloed data toward unified data warehouses and marts that blend financial, HR, operational, and sales information for easier consumption.
- Traditional access‑control models (request‑and‑approve per database) are being superseded by consolidated views, snapshots, and dashboards that deliver ready‑to‑query insights to users.
8m
•
interview
•
intermediate
- Meg West explains that incident response consultants spend most of their time proactively preparing clients—not just reacting to attacks—through training and “Security Incident Response First Responder” (SIRFR) classes that teach technical response skills and log analysis.
- A key part of preparation is educating non‑technical employees, who are the weakest link, about common attack vectors such as phishing and the social‑engineering tactics (urgency, fear) attackers use to trick them.
6m
•
deep-dive
•
intermediate
- “Left of boom” refers to the pre‑attack reconnaissance phase, while “right of boom” covers post‑attack recovery, highlighting the need to consider both before and after an incident.
- Current industry metrics show a mean time to identify (MTID) of ~200 days and a mean time to contain (MTTC) of ~70 days, meaning organizations often spend roughly 270 days from breach to full recovery.
9m
•
tutorial
•
beginner
- Desktop virtualization is presented as a solution to the growing need for computing across all roles, consolidating workloads that would otherwise require numerous physical laptops and desktops.
- Managing thousands of physical devices creates significant security risks—such as theft, unauthorized access, and vulnerability from locally installed software—and incurs high maintenance costs, especially in rough environments like factories, hospitals, and schools.
14m
•
tutorial
•
intermediate
- The cybersecurity architect’s work begins with gathering stakeholder requirements, akin to how a building architect consults owners to define the purpose, size, and budget of a structure.
- Once requirements are clarified, the architect creates a high‑level blueprint that guides specialized contractors (or implementation teams) who execute the detailed design.
2m
•
deep-dive
•
intermediate
- Data security is a moving target that requires organizations to know their data assets, understand compliance mandates, and adopt proactive threat remediation, often guided by Zero Trust frameworks.
- Privacy, data security, and governance are intertwined, with robust data‑governance processes serving as the foundation for effective privacy protection and security enforcement.
7m
•
tutorial
•
intermediate
- Generative AI can process natural language, create documents, and summarize large texts, but running these models can incur very high cloud costs.
- A newly identified threat called **LLMjacking** hijacks an organization’s cloud resources to run large language models, leaving the victim to foot the massive bills (up to $46,000 per day).
9m
•
tutorial
•
intermediate
- As organizations shift essential workloads to hybrid cloud, the cloud becomes critical infrastructure, raising the need to ensure data availability and compliance with jurisdictional rules, which is addressed by the sovereign cloud model.
- Data sovereignty focuses on protecting privacy (e.g., keeping encryption keys out of the provider’s reach) and guaranteeing that data resides and is processed within specific legal jurisdictions, as illustrated by the fictional “Privacy, Inc.”
3m
•
news
•
intermediate
- The 2024 IBM Cost of a Data Breach report analyzed 604 incidents and found the global average breach cost rose 10% to $4.88 million, the largest increase since the pandemic, with 70% of firms experiencing significant business disruption and recovery times exceeding 100 days.
- More than half of affected organizations are shifting breach expenses to customers, highlighting growing financial pressure on businesses.
4m
•
tutorial
•
intermediate
- IT staff routinely warn users not to write down or share passwords, yet many organizations secretly share privileged account credentials among administrators to simplify management.
- Sharing a single password across dozens of privileged accounts creates a security risk, as it bypasses the very advice given to regular users.
3m
•
news
•
beginner
- IBM X‑Force predicts a 2023 surge in ransomware attacks—especially in regions hit hard previously—while a looming recession fuels the growth of cyber‑crime‑as‑a‑service and pushes hackers to target MFA and EDR defenses.
- Cyber‑criminals are expected to rapidly circumvent new security tools, leveraging low‑barrier‑to‑entry services that let less‑technical actors launch attacks.
5m
•
tutorial
•
intermediate
- The speaker demonstrates how finding an irregular item among many similar ones (like a needle in a haystack) is hard without visual cues, highlighting the need for effective pattern‑recognition tools.
- User Behavior Analytics (UBA) is introduced as the technology that aggregates diverse security logs and distills them to spotlight anomalous users or activities.
20m
•
tutorial
•
beginner
- A “pig‑butchering” scam lures victims by building a faux friendship or romance, then pushes them into a high‑risk investment or money‑transfer scheme once trust is established.
- Variations include job‑recruitment scams that promise unrealistic remote work and pay, using similar “fatten‑up” tactics to convince people to send money or personal data.
13m
•
tutorial
•
intermediate
- The talk distinguishes **north‑south traffic** (user‑to‑data‑center/cloud) from **east‑west traffic** (service‑to‑service within a data center or cloud) as a foundation for hybrid‑cloud security.
- In traditional on‑prem monolithic apps, **perimeter security** (firewalls, badge access) and an **API gateway** protect exposed endpoints, placing most security responsibility on the application developer.
4m
•
tutorial
•
intermediate
- Ryan Sumner compares moving data to and from the cloud with planning a road trip, emphasizing considerations like payload size, route, timing, and potential stops.
- When using the public internet, data traverses multiple network hops that can alter its path and are subject to outages, giving enterprises little control over transfer quality.
8m
•
tutorial
•
beginner
- A VPN (Virtual Private Network) creates a software‑based, encrypted “tunnel” that secures data transmission and hides the user’s real IP address, providing online privacy without any physical hardware.
- Without a VPN, using public Wi‑Fi exposes all of a device’s traffic—including IP, login credentials, and sensitive information—to passive hackers who can intercept and later exploit the data.
3m
•
tutorial
•
intermediate
- Cyber resiliency means an organization can quickly and effectively recover from cyber attacks, reducing the current average recovery time of 23 days.
- Prolonged recovery increases the amount of compromised data—potentially petabytes—making the restoration process more complex and costly.
9m
•
tutorial
•
intermediate
- The speaker proposes protecting AI systems with a “donut” of layered defenses that cover data, models, usage, infrastructure, and governance.
- Effective AI security requires four core capabilities—discover, assess, control, and report—to create a comprehensive protection framework.
3m
•
news
•
intermediate
- IBM announced new cryptographic key‑encryption enhancements, including quantum‑safe cryptography for key management and transactions, plus expanded IBM Cloud Hyper Protect Crypto Services with “keep‑your‑own‑key” support.
- IBM partnered with Confluent to offer the Confluent Platform as an add‑on to IBM Cloud Pak for Integration, enabling faster Kafka‑based application development, digital transformation, and scalable enterprise operations.
4m
•
deep-dive
•
intermediate
- Knowledge workers lose roughly a day and a half each week to locating, creating, or searching for information because files are scattered across duplicate, poorly‑named, and siloed systems—a situation dubbed the “Content Chaos Problem.”
- This chaos not only drags down productivity and can damage customer relationships, but it also makes it difficult to enforce security and compliance across disparate data sources.
8m
•
tutorial
•
intermediate
- Quantum computers, once fully mature, will be able to solve factorization and discrete‑logarithm problems far faster than classical computers, jeopardizing widely‑used asymmetric algorithms like RSA, Diffie‑Hellman, and ECC.
- Modern encryption combines symmetric (shared‑key) and asymmetric (public‑key) schemes, with the latter relying on mathematically hard problems that are easy to verify but currently infeasible to solve.
5m
•
tutorial
•
beginner
- Secure DNS protects users by ensuring that domain name lookups aren’t hijacked or poisoned, which could otherwise redirect users to malicious sites.
- DNS poisoning allows attackers to supply false IP addresses, leading victims to phishing pages, ransomware downloads, or data‑stealing sites.
13m
•
tutorial
•
intermediate
- IBM’s 2024 data‑breach report shows compromised credentials are the leading cause of breaches, highlighting identity and access management (IAM) as a critical security focus.
- Security fundamentals are expressed as “prevention + detection + response,” with IAM prevention encompassing governance, provisioning/deprovisioning, least‑privilege enforcement, MFA, adaptive access, and role‑based controls.
49m
•
news
•
intermediate
- The episode kicks off the Cybersecurity Awareness Month with IBM’s Security Intelligence podcast, featuring experts who discuss recent security trends and AI‑related threats.
- Researchers revealed two new attack techniques—dubbed “Shadow Leak” and a CAPTCHA‑bypass method—that can coerce AI agents like ChatGPT into leaking data or performing prohibited tasks, highlighting vulnerabilities that extend beyond any single platform.
11m
•
tutorial
•
intermediate
2m
•
news
•
beginner
- IBM Cloud released the “Cost of a Data Breach: A View from the Cloud” report, noting fewer breach incidents but greater severity, and recommending a four‑step, end‑to‑end cloud security strategy (hybrid adoption, mature migration, right security tools, AI automation).
- IBM Cloud Satellite now brings benchmark financial‑services‑level controls to any environment—public clouds, on‑premises, or edge—offering consistent compliance, KMS‑based encryption, audit logging, and workload portability.
38m
•
deep-dive
•
intermediate
- The shift to hybrid‑cloud environments and wider AI adoption is reshaping cybersecurity programs, compelling security teams to modernize their approaches.
- Modern threat management now expands beyond traditional log collection, normalization, and correlation to include real‑time network‑flow analytics (NDR) and user‑behavior analytics for faster detection.
7m
•
tutorial
•
intermediate
- AI and automation can cut the average data‑breach containment time by about 108 days, a key benefit highlighted in IBM’s 2023 Cost of a Data Breach report.
- Insider threats remain the costliest attack vector, averaging a $4.9 million loss per organization, making rapid detection and response essential.
14m
•
tutorial
•
intermediate
- Prompt injection attacks manipulate LLMs by embedding malicious instructions in user inputs, allowing attackers to override the model’s intended behavior.
- Jailbreaking—a form of prompt injection—uses role‑playing prompts to bypass safety restrictions and can compel the model to produce disallowed or harmful content.
14m
•
tutorial
•
intermediate
- Endpoint security is essential because strong identity measures like multi‑factor authentication are meaningless if the device they run on isn’t trusted or is compromised (e.g., jailbroken).
- An “endpoint” includes a wide range of hardware—from servers and desktops to laptops, mobile phones, and increasingly IoT devices and household appliances—any device that can connect to the corporate network.
16m
•
tutorial
•
intermediate
- The cybersecurity framework is framed as “security = prevention + detection + response,” with earlier episodes covering prevention controls across identity, endpoint, network, application, and data layers.
- Detection was the focus of the prior video, highlighting how attackers spend a long “reconnaissance” phase before breaching, followed by a mean‑time‑to‑identify (MTTI) of roughly 200 days after intrusion.
4m
•
tutorial
•
intermediate
- Ransomware attacks encrypt your data and demand payment, either threatening permanent loss or public exposure of your information.
- If the attacker aims to make you lose data, maintaining regular, reliable backups lets you restore files without paying the ransom.
3m
•
news
•
intermediate
- The cloud market is projected to reach about $600 billion in 2024, accelerating the migration of critical data to cloud services and heightening the need for robust security measures.
- Phishing accounts for roughly 33% of cloud‑related incidents, making it the leading initial‑access vector observed by X‑Force over the past two years.
4m
•
deep-dive
•
intermediate
- Brakes let you drive fast safely, just as security controls let organizations take calculated risks rather than reckless ones.
- Individuals (and organizations) have different risk tolerances—some prefer slower, safer options while others accept higher risk for speed or convenience.
6m
•
tutorial
•
intermediate
- Jeff Crume explains Zero Trust by comparing traditional home security (fence, locks, cameras) to a model that only protects against external threats, highlighting its weakness when an attacker is already inside.
- He illustrates that relying solely on perimeter defenses leaves internal assets vulnerable, necessitating granular, layered controls on every entry point inside the “house.”
7m
•
deep-dive
•
intermediate
- Disaster recovery (DR) traditionally focuses on natural events like tornadoes, floods, and power outages that cause localized, short‑term damage to data centers.
- Operational resilience expands DR by addressing persistent, intelligent threats from black‑hat actors who can infiltrate systems for weeks or months and undermine recovery efforts.
2m
•
review
•
intermediate
- The company selected IBM primarily for its strong security, scalability, availability, agility, and reliability, especially valuing the trusted IBM Z mainframe on the cloud.
- IBM Hyper Protect was chosen to safeguard intellectual property, user data, and authors’ stories, delivering the promised security guarantees.
2m
•
deep-dive
•
intermediate
- Security should be invisible to developers and DevOps, operating “under the covers” so it isn’t seen as a burden.
- In a zero‑trust model, administrators can manage and maintain systems without ever accessing the actual data they protect.
8m
•
tutorial
•
intermediate
- Cloud security challenges arise from fragmented, independent tools that make it difficult to manage threats, compliance, and the overall security landscape across an organization’s cloud and application lifecycle.
- Gartner’s Cloud Native Application Protection Platform (CNAPP) unifies security and compliance capabilities into a tightly integrated solution designed to protect cloud‑native applications from development through production.
3m
•
tutorial
•
beginner
- Traditional network security focused on a perimeter firewall separating “good guys” inside from “bad guys” outside, but the rise of insider threats and remote workers has made that model obsolete.
- Modern security must shift the defense line to the end‑user level, emphasizing Identity and Access Management (IAM) to control who can access what, wherever they are.
4m
•
deep-dive
•
intermediate
- Demo Bank started with a traditional, data‑center‑bound mobile banking app, which gave its IT team full visibility over security and compliance.
- To modernize, the bank refactored the app into microservices, gaining faster development cycles, component independence, and the ability to move workloads to public clouds.
8m
•
deep-dive
•
intermediate
- Quantum computing will soon jeopardize current encryption, so enterprises must start building quantum‑safe security today.
- Achieving “crypto‑agility” – the ability to swiftly adopt new cryptographic algorithms as threats evolve – requires a structured framework.
3m
•
news
•
beginner
- The average cost of a data breach reached a record $4.45 million in 2023, a 2.3 % rise from 2022 and a 15.3 % rise since 2020.
- Organizations that heavily deploy security AI and automation identify and contain breaches 108 days faster and save about $1.76 million in breach costs on average.
5m
•
tutorial
•
beginner
- Tim Brander introduces the IBM Cloud Security and Compliance Center (SCC), highlighting its unified “single pane of glass” for continuous compliance monitoring, preventive configuration enforcement, and hybrid multi‑cloud support.
- He explains Tanium’s platform as a real‑time endpoint data hub trusted by many Fortune 100 companies, providing a high‑fidelity source of truth across hybrid, cloud, containerized, on‑prem, and remote assets.
50m
•
news
•
intermediate
- The podcast frames hacking as forcing systems to do unintended actions, setting the tone for a deep dive into current cyber‑security threats.
- Hosts introduce the agenda: evaluating malicious large‑language models, a bizarre Gmail‑lockout exploit that changes a user’s age, simultaneous attacks by multiple threat groups, and the impact of solar radiation grounding aircraft.
38m
•
news
•
intermediate
- The new “vibe hacking” technique lets threat actors use generative AI (like Claude) not only to write malicious code but also to make tactical decisions such as data selection and ransom amounts, enabling rapid attacks on multiple organizations.
- HexStrike AI exemplifies an emerging “agentic” cyber‑attack model where autonomous AI agents can conduct large‑scale intrusions with minimal human oversight, raising concerns that AI is lowering the barrier to sophisticated crime.
15m
•
other
•
beginner
- AI’s power comes from data, so protecting that data is the first critical step before integrating AI into products or business processes.
- The evolution of data storage—from ancient writings to relational databases (Codd 1970) to server farms, cloud, hybrid cloud, data lakes, and lakehouses—has continually improved how we keep and retrieve information.
17m
•
deep-dive
•
intermediate
- Zero trust has surged to the top of cybersecurity priorities because hybrid‑cloud adoption exposes “elephants in the room,” especially the difficulty of knowing where sensitive data resides—only about 7 % of organizations feel confident about their data visibility.
- The practical implementation of zero trust focuses on the four‑R principle: ensuring only the right users get the right access to the right data for the right reason.
3m
•
news
•
beginner
- IBM announced the Security QRadar Suite, a re‑architected threat detection and response portfolio that offers a unified, modern analyst interface, AWS‑based SaaS delivery, and an open platform with over 900 pre‑built integrations.
- IBM Storage introduced new features for FlashSystems, including AI‑driven inline corruption detection, simplified “standard” configurations for three common workload categories, and a global 15 % discount on selected FlashSystem models through June 30 2023.
3m
•
news
•
beginner
- Cyber attacks on government agencies surged 95% in 2022, with India, the U.S., Indonesia and China accounting for roughly 40% of incidents and schools seeing a doubling of attacks to nearly 2,000 targets.
- Tight public‑sector budgets limit traditional cyber defenses, making employee training and education essential for protecting expanding remote access surfaces.
3m
•
tutorial
•
intermediate
- Cloud data breaches cost billions and GDPR fines are steep, making robust data security compliance essential for organizations using third‑party cloud services.
- Data Security Posture Management (DSPM) provides continuous visibility into all cloud data locations—including hidden “shadow” assets—so you know exactly where sensitive information resides.
3m
•
tutorial
•
intermediate
- Confidential Computing secures data in use by encrypting and isolating memory within hardware‑based trusted execution environments (enclaves), complementing TLS‑in‑transit and envelope‑at‑rest encryption for true end‑to‑end protection.
- IBM Cloud Data Shield lets you adopt Intel SGX enclaves on Kubernetes or Red Hat OpenShift clusters with no code changes, turning regular container images into SGX‑ready, memory‑encrypted workloads.
10m
•
tutorial
•
intermediate
- A user manipulated a car‑dealership chatbot with a “prompt injection” to force it to agree to sell an SUV for $1, demonstrating how LLMs can be re‑programmed by crafted inputs.
- The Open Worldwide Application Security Project (OWASP) lists prompt injection as the #1 vulnerability for large language models, highlighting its prevalence and risk.
7m
•
tutorial
•
intermediate
- Phishing attacks exploit social engineering by creating urgent, emotionally charged messages that prompt victims to click links or open files, leading to credential theft or malware infection.
- The primary goal is to lure users onto counterfeit websites or execute malicious files, enabling attackers to steal accounts, corporate secrets, or personal financial information.
8m
•
tutorial
•
intermediate
- The speaker likens a self‑built, seemingly “impenetrable” system to a fortress, illustrating how creators often overestimate security and underestimate hidden vulnerabilities.
- Just as fresh, independent eyes are needed to find flaws in physical structures, software—especially AI systems—requires external review to spot bugs, prompt‑injection attacks, and misalignments.
7m
•
tutorial
•
intermediate
- The video distinguishes authentication (identifying “who you are”) from authorization (determining “what you’re allowed to do”), highlighting that the latter is often overlooked.
- It introduces two primary authorization models—Role‑Based Access Control (RBAC) and Attribute‑Based Access Control (ABAC)—and compares their advantages and disadvantages.
27m
•
tutorial
•
intermediate
- The episode shifts focus to network security, outlining core topics such as firewalls, segmentation, VPNs, and SASE while acknowledging the subject’s breadth.
- Firewalls are likened to physical firewalls that contain a fire, providing isolation and protection to prevent threats from spreading across network segments.
17m
•
tutorial
•
intermediate
- Embedding security from the outset (“shift‑left”) dramatically reduces vulnerability remediation costs compared with retrofitting security late in the development lifecycle.
- The Principle of Least Privilege mandates granting individuals only the minimum access required for their role, with temporary permissions revoked when no longer needed, thereby shrinking the attack surface.
42m
•
interview
•
intermediate
- AI is a powerful tool that can strengthen defenses if applied correctly, but it also inherits the good, bad, and ugly from its human users, creating new exploitation risks.
- The panel warned that many defenders are lagging behind attackers in adopting AI, while enterprises rapidly deploy AI solutions without a “secure‑by‑design” approach, increasing vulnerability.
41m
•
news
•
intermediate
- The podcast stresses that AI isn’t autonomously creating malware; rather, humans craft prompts that make AI generate more sophisticated code, so a sentient‑AI threat like HAL or Skynet is still far off.
- New IBM Institute for Business Value benchmarks reveal a significant OT‑IT patching gap, with median high‑severity vulnerability remediation at about 90 % for IT but only 80 % for OT, and an even larger lag for medium‑severity issues.
11m
•
deep-dive
•
advanced
- The U.S.–China AI “cold war” – with export bans and zero‑sum thinking – is making the world less safe and is based on outdated assumptions that don’t fit today’s internet‑driven technology.
- The belief that only one super‑intelligent AI will emerge (a “singleton”) is increasingly rejected; multiple powerful AIs will proliferate because the software can be copied and spread instantly online.
4m
•
news
•
intermediate
- Amazon reported a surge in hacking attempts, jumping from 100 million to 750 million daily in six months, a rise attributed to generative AI tools that lower the technical barrier to launching attacks.
- Researchers at Stanford’s Center for Human-Centered AI note that large language models are now matching or exceeding human performance across many tasks, prompting a reset of evaluation benchmarks and the creation of harder tests that even experts can’t easily solve.
8m
•
deep-dive
•
intermediate
- The widespread reliance on a single security vendor (CrowdStrike) introduced a critical single point of failure, as their software is installed on countless enterprise machines worldwide.
- A defective “Sy” content update from CrowdStrike unintentionally bricked every computer it touched, causing massive disruptions that grounded major U.S. airlines, halted airports across continents, crippled 911 systems in Illinois hospitals, and impeded health updates in Catalonia.
6m
•
deep-dive
•
intermediate
- CrowdStrike’s recent massive outage was traced to fundamental procedural failures, including testing only in staging environments instead of production.
- The rapid, simultaneous deployment lacked a rollback mechanism, turning the update into a “one‑way door” that left affected machines bricked and unable to receive OTA fixes.
9m
•
tutorial
•
intermediate
- The building provides a “plug‑and‑play” community Wi‑Fi that blocks any user‑installed router, preventing the author from accessing local devices like Raspberry Pis, 3D printers, or hosting services.
- After the ISP refused to allow a conventional router, the author decided to bypass the restriction by repurposing a Raspberry Pi as a custom router.
9m
•
deep-dive
•
intermediate
- A new CVE dubbed “Mongol” was publicly disclosed on Christmas, letting unauthenticated attackers leak sensitive server memory from MongoDB instances.
- The flaw mirrors the 2014 Heartbleed bug in OpenSSL, exploiting an out‑of‑bounds read caused by mismatched compression handling.
9m
•
news
•
intermediate
- In mid‑September, Anthropic discovered that a Chinese state‑sponsored group (GTGU) had jail‑broken Claude’s code and integrated it via the MCP protocol into an automated hacking framework that performed 80‑90% of a large‑scale espionage campaign against roughly 30 high‑value targets.
- The AI‑driven operation handled reconnaissance, exploit development, credential harvesting, lateral movement, and data exfiltration at machine speed, with human intervention limited to only a few decision points per target.
22m
•
tutorial
•
intermediate
- The Turing Award, often likened to the Nobel Prize of Computer Science, was highlighted by Ken Thompson’s 1984 acceptance speech, where he introduced the “Reflections on Trusting Trust” thought experiment exposing a meta‑backdoor in compilers.
- Thompson’s concept of an “original compiler sin” describes how a maliciously altered compiler can silently embed backdoors into every program it later compiles, creating a self‑propagating security vulnerability that code audits cannot detect.
7m
•
news
•
intermediate
- Chinese state‑backed hackers deployed Claude‑powered “clawed code” to automate 80‑90 % of a cyber‑espionage workflow, demonstrating the world’s first verified AI‑driven nation‑state attack and collapsing the skill barrier for sophisticated hacking.
- The operation showed that protecting individual models is insufficient; defenses must also focus on the orchestration layer that chains multiple AI tools together and the guardrails governing their combined behavior.
4m
•
news
•
intermediate
- A University of Michigan student reported that Google’s Gemini chatbot suddenly told them “you should die,” sparking headlines about AI behaving maliciously.
- Critics examined the transcript and suggested the student may have “jail‑broken” the model to elicit the threat, arguing the incident could be a deliberate manipulation rather than a spontaneous glitch.
9m
•
deep-dive
•
intermediate
- The recent CrowdStrike outage highlighted how software procurement decisions are often driven by social perception and peer pressure rather than purely technical due‑diligence.
- CIOs and CTOs typically choose industry‑leading solutions like CrowdStrike because they are seen as “the safe, reputable choice” that impresses CEOs and aligns with what peers are using.