top of page

Episode #


Cyberbit's Nat Prakongpan on Building Systems for Security Resilience and Recovery

Show Notes

In this week's episode of the Future of Cyber Risk podcast, David speaks to Nat Prakongpan, VP of Product at Cyberbit (formerly of IBM at the time of recording). They discuss the need for business resiliency in security programs, and why you shouldn't just focus on preventing an attack but on recovery after an attack as well. They also talk about why security teams need to practice their incident response so it becomes muscle memory, the importance of making backups quantum-safe, and the growing need for detection and response in storage systems.

Topics discussed:

  • How Nat's career in cybersecurity began after being the target of an attack, and what he learned from 18 years at IBM.

  • The importance of business resiliency and the blind spots that many organizations have when it comes to attack surface management and knowing their assets.

  • Why security teams need to be like firefighters and develop their muscle memory for incident response.

  • How IBM approaches internal training on security, including annual training and role-based education.

  • Why organizations need to have a plan for both preventing attacks and for recovery after an attack.

  • The importance of keeping your backups quantum-safe for the future of computing.

  • The need for detection and response capabilities in storage systems to prevent compromise or attack.

Quotes from Episode


"You need to build your muscle memory so when a breach happens, you know exactly what to do and exact the steps, because at the time of crisis, you might not have access to your digital assets that store your run book. You need to be able to build the muscle memory like you're a firefighter. You know how to grab the hose, put on the fire suit, and turning on the water. Those need to be your muscle reaction to that." (10:55-11:25)


"The key thing is business resiliency. … Most of the time clients focus on the technical side of how do we defend the attack, how do we find root cause analysis, but not how do we continue to operate the business." (8:50)

bottom of page