Cyber Frontlines: Greg Tkaczyk

In this edition of Cyber Frontlines, meet Greg Tkaczyk, Executive Consultant & Global CyberDefend CTO - Palo Alto Networks at IBM Cybersecurity Services. Greg is a member of IBM Consulting’s Cybersecurity Global Center of Competency, specializing in the design, implementation and system integration of micro-segmentation and cloud security technologies. With over 20 years of global consulting experience, he holds credentials including IBM Master Inventor, IBM Certified Consultant Thought Leader, CISSP, CISA and Payment Card Industry Qualified Security Assessor (QSA). Greg proudly wears his Canadian iron ring as a computer engineer and has earned a Master’s degree in Information Security from Royal Holloway, University of London.

Stay up-to-date on Greg’s work on LinkedIn.

I have been with IBM for over 17 years, and in my current role, I wear three hats. First, I am a technical thought leader and innovator for offering development, working closely with product management, legal and marketing teams to define consulting delivery methods, system integration strategies, and AI-driven assets for emerging technologies. Secondly, I support pursuits as a subject matter expert and lead engagements or provide oversight, particularly for first-of-a-kind delivery. Finally, I deliver and coordinate global sales and practitioner enablement activities for our offerings, maintaining assets, demo environments and intellectual capital. My current focus is on our partnership with Palo Alto Networks and working with technologies such as Cortex Cloud.

As a computer engineering undergrad, I was considering a career in hardware design, but got an opportunity to join Compaq for a professional experience year with the information security team. This sparked my interest in cybersecurity, as this was a career I didn’t really know existed. Out of school, my first job was penetration testing (ethical hacking) at Deloitte, and after a successful SQL injection at a bank in the Cayman Islands, I was hooked!

I have been fortunate to deliver on projects around the world, working in at least 18 countries throughout the Americas, EMEA and APAC. I feel that this has given me a unique experience to work with many different clients and within many different cultures. The connections made with clients, colleagues and even locals have truly helped define me professionally and personally.

Now, I enjoy the opportunity to work with new technologies, developing first-of-a-kind approaches and mentoring the next generation of rock-star consultants!

As a client-facing consultant for my entire career, I have seen my fair share of “grunt work”.

Generative AI, when properly used, provides a platform to accelerate our consulting services (assessments, design, implementation) and make our managed services more efficient. I am leaning into leveraging AI assets to make life easier for the consultants on the ground, while delivering value for our clients. Gen AI internal business-value assets and external client-value assets will act as a huge differentiator for us in the market.

If I had to pick one, I would point to the SANS NewBites newsletter, which provides an excellent summary of the most important cybersecurity news twice a week.

As a bonus, I would suggest @LevelUpCoding, which rolled into my X feed one day. I like how they break down IT (and security!) concepts for things that you may need to know. What are the components of Kubernetes? How does SSH work? Agentic AI Concepts?  They got you covered.

I have fond memories of Defcon (at the Alexis Park) and Blackhat over the years, but for top-notch training, I would point to SANS conferences.

Those who know me will have heard me say this before. I believe that cybersecurity boils down to three things: visibility, consistency and control.

1. Visibility: You must have visibility into your assets, applications, users and data. Lack of visibility across hybrid and multi-cloud environments creates blind spots that could be leveraged by an attacker. Visibility identifies dependencies, both technical and operational, that can influence your design of security controls. Ultimately, it is impossible to architect security controls if you don’t have a clear understanding of what it is you are trying to protect. 
2. Consistency: Fragmented and inconsistent security controls create complexity, risk and cost. It is key to identify solutions that allow you to implement consistent security across heterogeneous environments: Within data centers and across hybrid and multi-cloud; on bare-metal, virtualized platforms and containerized environments; across various operating systems and hypervisors; and on any underlying network infrastructure.
3. Control: The controls we implement need to reduce risk while aligning with business timelines and objectives. In security, perfection can be your enemy if it slows you down from “taking risk off the table”.  Allow for granular enough policy enforcement so that different parts of the business can mature at different rates. Some parts of the business may want to initially alert, while others may want to actively block or automatically remediate security issues. All improvements are good and a step forward!

First and foremost, the combination of technical skills and the ability to speak confidently in front of a client is rare. If you can master this, you will be successful in whatever part of cybersecurity you focus on. 

Secondly, details matter. Anything that you put in front of a client needs to be crisp, clear and professional. My mentees know that my pet peeves include inconsistent formatting and slide footers!

Finally, learn to think like an attacker. Undoubtedly, my personal experience of starting with penetration testing and learning how to break applications, networks and systems laid the foundation for the rest of my career. This doesn’t mean that you have to be a pen-tester, but you must understand the threats being defended against!

Security for AI is just getting started. There are many niche players, and the market is starting to consolidate—just like the early days of CSPM (cloud security posture management), CWP (cloud workload protection) and application security into CNAPPs (Cloud Native Application Protection Platforms). This will be an interesting space to work in!

The other trend on my radar is Policy as Code, especially for the enforcement of security, compliance and architecture requirements. Although this isn’t a brand-new concept, as coding becomes more accessible to everyone through AI agents and assistants, I think we will see innovation in the way that we embed different security stakeholder requirements into infrastructure provisioning.