Security Intelligence

Between Mythos, GPT-5.4-Cyber, Claude Security’s public beta and OpenAI’s new five-point plan for cyber defense, it seems like cybersecurity is top of mind for the major AI players today. Why—and why now? On this week’s episode of IBM Security Intelligence, Dustin “EvilMog” Heywood, Omari Jones and Kimmie Farrington discuss what CrowdStrike has called “cybersecurity’s Y2K moment.” As the major AI players roll out security-focused solutions—and sophisticated AI tools are weaponized by threat actors—we need all-hands on deck to avert disaster. But will we? Plus: The Coalition for Secure AI’s framework for AI identities and Copy Fail, a newly discovered Linux flaw with a potentially massive blast radius. All that and more on Security Intelligence. Segments: 00:00 -- Intro 1:11 - Cybersecurity’s Y2K moment 10:52 -- Framework for AI identity 22:23 -- Copy Fail The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform: https://www.ibm.com/think/podcasts/security-intelligence

Learn more about how enterprises confront agentic attacks → https://newsroom.ibm.com/2026-04-15-ibm-announces-new-cybersecurity-measures-to-help-enterprises-confront-agentic-attacks Sophos let OpenClaw run wild on its network (sort of). It wasn’t as bad an idea as it sounds! With a few guardrails and restrictions in place, the security software firm turned OpenClaw into a serious little pen tester, surfacing “23 actionable, high-quality findings.” But is this a sustainable model for introducing AI agents to the security process? And how do we deal with the inevitable friction between a model meant to find exploits and the guardrails telling it to do no harm? This week, host Matt Kosinski and panelists Claire Nuñez, Dave McGinnis and Kimmie Farrington discuss the wisdom and folly of letting an AI agent pen test your system. Plus: We dig into Bruce Schneier’s thoughts on “security in the age of instant software” and a report from CipherCue that ransomware is growing three times faster than security spending. All that and more on Security Intelligence. Segments: 00:00 – Intro 1:07 -- OpenClaw as a pen tester 14:23 -- Cybersecurity for instant software 25:36 -- Ransomware outpaces security spending The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence

Anthropic says its newest AI model, Claude Mythos, has found thousands of zero-day vulnerabilities across every major OS and web browser. It's so powerful, they won't release it publicly. Instead, they’re restricting access to a handful of trusted partners, who get to experiment with Mythos through a new initiative called Project Glasswing. Where does that leave the rest of us, who don’t get to tinker with perhaps the most advanced model yet? This week on Security Intelligence, Sridhar Muppidi, Michelle Alvarez, and Dustin “EvilMog” Heywood join host Matt Kosinski to discuss what Mythos and Glasswing really mean for the average security pro. How much is hype? How much is the real deal? And how could this limited release backfire? Then: The FBI’s 2025 Internet Crime Report saw scam losses jump 26%, and Accenture found a 127% increase in malicious hackers trying to recruit the employees of their targets. All that and more on Security Intelligence. Segments: 00:00 – Intro 1:22 -- Claude Mythos and Project Glasswing 12:26 -- The 2025 Internet Crime Report 20:19 -- Attackers recruiting more insiders The opinions expressed in this podcast are solely those of the participants and do not necessarily reflect the views of IBM or any other organization or entity. Read more about AI raising cybersecurity stakes → https://www.ibm.com/think/news/anthropic-claude-ai-mythos-project-glasswing-raises-stakes-cybersecurity Follow the Security Intelligence podcast on your preferred platform → https://www.ibm.com/think/podcasts/security-intelligence

Cybersecurity moves fast: Old vulnerabilities are patched as new exploits appear. Cybercrime gangs form and strike and fade, disappearing with millions of ransom dollars. What protected the organization yesterday might leave it hopelessly exposed today. At the same time, cybersecurity pros rely on core principles—like the CIA triad of infosec, the principle of least privilege, zero trust architectures—to help them navigate this shifting terrain.Security Intelligence addresses both of these angles in a single, exciting, and digestible podcast episode every week. Listeners learn both the latest news and timeless insights, all from experts they can trust. This format speaks directly to the needs and preferences of cybersecurity practitioners, who want frequent, granular and technical content that gives need-to-know information.