In this edition of Cyber Frontlines, meet Jim McGarry, Offering & Practice Leader, Cyber Threat Management Global at IBM. Jim is a seasoned cybersecurity executive with over 27 years of experience leading global enterprise security programs and managed security services. As a Partner at IBM Cyber Security Services, he has collaborated with hundreds of clients worldwide, advising Chief Information Security Officers (CISOs) and Security Operations Center (SOC) leaders on strategies to reduce risk, protect enterprise assets and enhance security operations. His expertise covers enterprise security strategy, advanced threat management and leveraging emerging technologies, including AI and large language models (LLMs), to modernize cybersecurity practices.
For the past 18 years, I have been part of IBM Cybersecurity Services. Now, as the Offering & Practice Leader for our Cyber Threat Management group, I work with global teams to design services and solutions that help clients protect their enterprise and critical assets. Effective protection starts with complete visibility—clients need to understand what is in their environment and be able to see it. Our goal is to maximize visibility by using top-tier tools and AI-powered services, helping clients to identify, protect, detect, respond to and recover from cybersecurity threats.
I got into cybersecurity naturally through my work as a network engineer at Netrex Secure Solutions, a local ISP and security VAR based in Southfield, MI. Early on, clients connected to the Internet using dedicated lines like T1s or DS3s, and these always required a firewall, which we would install for them as part of their ISP service to separate the enterprise from the open Internet. Soon after installing the firewall, an intrusion detection engine would be deployed to monitor internet traffic. Those same clients would request support and management for their firewall, as well as monitoring of alerts from their IDS sensor. Back then, security was often treated as an afterthought—but it quickly became a central part of my work. Those clients were the original Managed Security Services clients, and the services we provided were the precursor to IBM’s current Cyber Defend and Cyber Threat Management services. A few years later, Netrex was acquired by Internet Security Systems (ISS), which IBM later acquired, and here I am still today!
I enjoy developing proposed solutions to address client problems and challenges, from concept to implementation. I take pleasure in leading teams of experts in a way that allows each member to leverage their expertise as part of a cohesive team working toward a shared goal. Inevitably, there are always challenges in any project. However, I have never encountered a situation that couldn’t be addressed by discussing the variables with stakeholders, listening to input from subject matter experts and working alongside clients to find solutions that focus on their desired outcome.
Integrating generative AI (assistants, agents, agentic) into cyber threat management provides faster incident response, richer contextual awareness and the ability to identify risks before they are exploited. Generative AI agents analyze large volumes of security data in real time, enabling quick identification and containment of threats. AI agents offer deeper context by correlating data across systems, highlighting patterns and relationships that traditional tools and SOC analysts might miss. Gen AI can predict evolving attack scenarios by learning from massive datasets, helping security teams detect abnormal behaviors and attack vectors before adversaries can exploit them.
The Cybersecurity & Infrastructure Security Agency (CISA) is a tremendous resource for current events and guidance for maintaining secure systems. I also enjoy reading Brian Krebs’ investigative journalism approach to cybersecurity.
The annual RSA Conference is my favorite industry conference. With over 25 years in cybersecurity, I value it as a prime opportunity to reconnect with colleagues and explore the latest innovations that advance how we protect clients.
Protect your data. Protecting data means understanding its value, classifying it appropriately and applying strong access controls to limit who can view or modify it.
For those starting a career in cybersecurity, focus first on understanding the foundational cybersecurity concepts and how they’re applied in technology solutions. Next, select one or two areas—such as authentication, endpoint security or cloud security—and develop deep expertise through hands-on labs, testing and analysis. Document and share your findings to help others gain understanding and strengthen your personal brand. Lastly, actively connect with peers and share knowledge to grow your professional network. Be known for your expertise and demonstrate an openness to share that expertise.
Perhaps less of a security trend, and more of a security tool. IBM’s new agentic AI framework, ATOM (Autonomous Threat Operations Machine), will revolutionize how our Cybersecurity Services platform provides threat management for clients. ATOM uses advanced AI to enhance and expand our Threat Detection and Response services. This is a significant business investment expected to grow our operations, increase global productivity and improve client outcomes. With new agents, integrations and delivery methods, we expect continued progress toward faster, more effective threat management through 2026.
