< Back to Episodes
play-button-podcast
Share:
Transcript
Watch on Youtube

Securing telecommunication networks is more important than ever, and today’s Digital Transformers episode, sponsored by AT&T Business takes a deep dive into the future of digital security.

Join host Kevin L. Jackson as he dives into the world of cybersecurity with special guest, Rich Baich, AT&T’s Chief Information Security Officer. Listen in and discover the future of digital security and risk management, learn about the role of culture in shaping cybersecurity practices, the impact of cutting-edge technologies like AI and quantum computing, and so much more!

More Podcast Episodes

civilian life
play-button-podcast
podcast-blue-microphone
Podcast
May 31, 2024

Navigating Life After Service: Zach Knight on Transitioning, Healing, and Helping Veterans

In this episode of Veteran Voices, host Mary Kate Soliva interviews Zach Knight, a former US Army officer and current entrepreneur. Knight shares his journey from serving in the police force to joining the military at 28, and his experiences in Afghanistan. He discusses the challenges he faced transitioning back to civilian life, including dealing with PTSD and the struggle to find a new purpose. Knight also talks about his current work with ATL Vets, an organization that helps veterans transition into the workforce and entrepreneurship. Listen in and learn more about Zack’s story, and how he emphasizes the importance of community and self-love in overcoming personal struggles.
manufacturing
play-button-podcast
podcast-blue-microphone
Podcast
December 10, 2025

Building a Bold New Roadmap Forward for the U.S. Manufacturing Industry

Tariffs, trade uncertainty, and shifting energy demands are colliding with rapid advances in AI, medtech, and advanced manufacturing. At the same time, companies are racing to fill hundreds of thousands of open roles, rethink how they attract talent, and modernize permitting and policy frameworks that haven’t kept pace with innovation. The result is a U.S. manufacturing sector on the verge of a new chapter, but only if leaders can unlock the right mix of policy, people, and technology. In this episode of Supply Chain Now, Scott Luton sits down with Jay Timmons, President and CEO of the National Association of Manufacturers (NAM), and Kathy Wengel, Executive Vice President, Chief Technical Operations and Risk Officer at Johnson & Johnson, live from the Innovation Summit North America 2025, powered by Schneider Electric. Together, they unpack NAM’s comprehensive manufacturing strategy and the conditions needed for American industry to thrive. Scott, Jay, and Kathy explore how permitting reform, energy leadership (including nuclear), and trade certainty impact investment decisions on the factory floor, from small manufacturers to multinational enterprises. They discuss the urgent need to expand the workforce pipeline, especially for veterans and non-traditional talent, and why modern manufacturing careers offer both purpose and prosperity.…

Unmasking Cyber Risks: Simplifying the Complexities for Business Owners

Share:
Watch on Youtube

Intro/Outro (00:01):

Welcome to Digital Transformers, the show that connects you with what you need to build, manage, and operate your digital supply chain. Join your host in a timely discussion on new and future business models with industry leading executives. The show will reveal global customer expectations, real world deployment challenges, and the value of advanced business technologies like artificial intelligence, blockchain, and robotic process engineering. And now we bring you Digital Transformers.

Kevin L. Jackson (00:33):

Hello, everyone. This is Kevin L. Jackson, and welcome to Digital Transformers on Supply Chain Now. Today, we’re getting ready for the AT&T Secure Connections event. This virtual event will be held on November 8th, 2023, and will feature the AT&T security team with a diverse group of security visionaries. And we have the honor and pleasure of having one of those visionaries right here on the show. AT&T chief information security officer Rich Bosch.

Kevin L. Jackson (01:13):

Hey, welcome to the show, Rich.

Rich Baich (01:16):

Hey, Kevin. Nice to meet you.

Kevin L. Jackson (01:18):

No, thank you. You know what? We have a lot in common. Just looking at your bio, I couldn’t help but notice some of the similarities. I’m Naval Academy class of ’79, War College class of ’91, shouldn’t say that too loud, and served in NRO for three years. Please share more about your illustrious career.

Rich Baich (01:43):

Sure. Thanks, Kevin. Yes. So, I also had the opportunity to attend that fine institution down seven River and graduated in the class in 1991. Then had the time in the military to serve in many different capacities as a surface warfare officer, as a cryptology officer, as an information warfare officer, and also, part of the space cadre. And, yes, that time in the military really built a foundation around defense and defense of our country, defensive networks. So, would love the experience. But Kevin, I’d go back and do it again. Would you?

Kevin L. Jackson (02:22):

Yes, absolutely. I mean, I would never have thought when I was flying on and off the carrier that I’d wind up doing cybersecurity. I mean — but it’s really the leading edge, right? We’re talking about being at the point of the spear in today’s world. Cyber is really it. Now, AT&T business is a long-time sponsor of Digital Transformers, so we’re always excited to showcase their leading executives. So, how did you join AT&T? I understand you’re pretty young there.

Rich Baich (03:00):

Yes. When it comes to the long ton culture at AT&T, there have been people that have been here 20, 30 and 40 years. And I recently joined and I came to AT&T from my previous role where I was the chief information security officer and the director of cybersecurity for the Central Intelligence Organization. And I had the opportunity to switch over to AT&T. And one of my biggest reasons for that, Kevin, is this is the tip of the spear, right? AT&T is first contact when you start thinking about the cyber world. We are the first contact of the bits and bytes that transmit over the network. So, it’s a very, very important job and role and something that AT&T obviously invests in and takes very seriously.

Kevin L. Jackson (03:57):

Well, I’m sure you got a lot of experience with protecting the world against the malevolent actors out there while you were at the CIA. And — but now, and you’re serving as the CISO for a company with one of the largest global networks. So, what keeps you up at night? Is it just as bad as when you were at the CIA?

Rich Baich (04:23):

Well, you know, at the of the day, when you think about it, if our networks, our telecommunications networks aren’t secure and aren’t reliable, you know, our ability to function as a civilization could become obviously severely degraded because of the dependencies that every piece of our critical infrastructure, our business world, and our daily lives depend upon that ability to have that reliable and secure medium that people depend on for all facets of their life.

Kevin L. Jackson (05:03):

Well, you mentioned your personal life and your work life, they’re all merged today and they merge on the network, it seems.

Rich Baich (05:13):

Yes, absolutely. I mean, you know, think about this, Kevin, we’ve got cell phones. We have watches now that communicate. We’ve got Bluetooth in our clothing, right?

Kevin L. Jackson (05:24):

Yes, yes.

Rich Baich (05:25):

We got our cars. Everything is communicating across the telecommunications infrastructure today and is dependent upon that infrastructure being there, but even more importantly also being secure.

Kevin L. Jackson (05:39):

Well, maybe we’re overly connected but I wouldn’t have it any other way. And you’ve seen it from the viewpoint of multiple industries, I understand. And you actually wrote the book for CISO. So, what’s new and different as you settle in at AT&T?

Rich Baich (06:00):

You know, the issues remain, you know, consistent really across industries. It comes down, primarily, the difference is the culture, right? And the tone from the top from the organization and the importance that they place. Good information security and cybersecurity really is risk management. It’s providing data and truth associated with risk, and then taking that information and prioritizing it to try to mitigate those risks to an acceptable, you know, kind of risk appetite.

Rich Baich (06:30):

So, I mean, I think the biggest change is really the fact that at AT&T’s culture, as it relates to having a secure and reliable network, is different than in some cultures as far as what their risk appetite is when it comes to cybersecurity practices.

Kevin L. Jackson (06:46):

Well, this being, October, it’s cybersecurity month. And, it’s — there’s a real focus on training and understanding the human element when it comes to cybersecurity. How does that, sort of, link to culture or driven by culture?

Rich Baich (07:08):

Yes, so, you know — so first off, one of the weakest elements always is the human element. It will always remain the human element. And how that links to culture is, you know, basically do, you know, taking the time to provide good security awareness and knowledge. Not just about when you come to work, but also providing that information so that when you go home and you have good practices at home, it’s not something different. You don’t put a uniform on and come to work and all of a sudden be a different person.

Rich Baich (07:39):

Cybersecurity is so intertwined with our daily lives. It’s about helping individuals understand the risks associated with phishing and spam and smishing, and all the different techniques that are utilized and making them feel empowered, but also giving them the capability and the knowledge to be able to keep themselves safe online irregardless of what environment they’re in.

Kevin L. Jackson (08:03):

Well, it sounds like dealing with humans is a very important part of your job. So, what is the core duty of the CISO? Is it different in public versus private sector? I think it’s the same kind of humans.

Rich Baich (08:20):

Yes. It’s a — it’s the same type of work. And again, you know, this is my fifth time being a CISO and, you know, it’s about figuring out each — each organization has a unique culture on how they operate. And it’s how do you intertwine the disciplines associated with good cyber practices and hygiene to align with the organization and its mission and empower it, right? And enable it to be able to deliver whether it’s services or whether it’s mission, right? It’s all the same as far as what practices and what way we can go about identifying risks and mitigating those to help the organization achieve its mission or its business practice.

Kevin L. Jackson (09:08):

Well, I mean, you are a leader in the organization. So, what is the role of a leader? I mean, yes, CSO is an executive, but the executive C-suite writ large, what is their job in the — in this era?

Rich Baich (09:26):

I think the most important thing is to provide the information. I like to talk about it in the McKinsey threes, right? So, first off, we need to know about what information that we need to go out to either collect or observe. We need to be able to get it in a very timely fashion. And then most importantly, we need to put it in a format, in a very timely fashion, in front of the right risk leaders so that they can make the best decision based on that truthful information and how it impacts the organization so they can prioritize budgets and actions to ensure the organization can continue to meet its core values.

Kevin L. Jackson (10:07):

Yes. Well, I heard that you were big on truth telling when it comes to this area. In this world of fake news, is there a fake cyber news that you have to protect the organization against?

Rich Baich (10:25):

So, I — you know, two types of when you talk about fake news. So, first off is, not every risk is the same for every organization. So, understanding your network and the assets on your network so that when a vulnerability comes out, you can quickly say, do I have that technology, that software in my environment? A lot of times you don’t, so it’s not a concern, even though you need to be — worry about your third parties and your fourth parties that are associated with it.

Rich Baich (10:54):

And then as far as, you know, fake news, there’s always — you always got to be cautious today, especially in the world of artificial intelligence that there could be some type of, you know, information implanted in a message whether that be in hardware, software or, even voice prints from a biometric standpoint to bypass, you know, particular types of controls. So, albeit not exactly fake news, but I’ll call it, you know, fake data.

Kevin L. Jackson (11:23):

OK. So, we hear about a lot of opportunities in business, but I guess what you’re saying, there are a lot of new threats out there as well. The new technologies, like, you know, quantum computing, we hear a lot about and artificial intelligence. Is security different now? Are there — has it changed the foundation of cybersecurity? The fundamentals are — have they been modified in some way?

Rich Baich (11:57):

Yes. So, when it comes to like A.I. and quantum computing, it’s not the science that is the — it’s not what’s the risk, it’s the application, right? How does someone take the application of these two new disciplines and apply them and operationalize them, you know. So, for an example, a — an adversary today can utilize A.I. to, let’s say, write a script that might usually take them eight hours. It might only take them 10 minutes now to do. But on the same side of that, as a defender, right, that I could potentially do the same thing, use artificial intelligence, let’s just say, to eradicate or remediate some vulnerabilities in a much faster manner than I could through manual processes. So, the risk is about the application of those sciences and not the actual science itself.

Kevin L. Jackson (12:52):

So, I guess, you know, from our military background, you have to get inside the decision loop. You got to be faster with that loop when it comes to the cyber attackers, right?

Rich Baich (13:07):

Yes, exactly. It’s, you know, it’s all about — and oftentimes things like we talk about time to remediate, right? So, there’s a new release of a vulnerability, right? A zero day. You know, can you quickly identify if you have that vulnerability in your environment? And then can you mitigate the risk associated with that? And being able to measure your average time to remediate is a very important, you know, aspect to, you know, suggesting how mature your organization is when it comes to, kind of, the art of cybersecurity.

Kevin L. Jackson (13:43):

Well, when we started talking, we talked a bit about how both our personal life and our business life are connected to the network. I mean — but it’s a global network. How do you protect yourself and your work from all of those threats from literally everywhere? What is, you know, what is a network-based defense? How do you protect yourself?

Rich Baich (14:15):

Yes. So, you know, it’s really about risk management, Kevin.

Kevin L. Jackson (14:19):

OK

Rich Baich (14:20):

At the end of the day, it’s really not about defense. Normally, when we think about defense, we think about it as binary, right? Good or bad. But the reality of it is, is the attack surface is so great that you have to be able to have the visibility and the transparency to understand your risks, understand what risks are forthcoming that may be released as a result of vulnerabilities, but also the different types of indications of compromise and TTPs that an adversary would utilize.

Rich Baich (14:54):

And understanding those and putting into controls, but also taking it to another level. You know, Kevin, to keep your defense analogy alive, you know, there’s now the opportunity to utilize like a tax simulation where you can actually take the different techniques that an adversary would utilize and simulate them in your environment to see how effective your controls are so that you can help prioritize where your investments are on areas that you find weaknesses in. No different than a typical war game, Kevin, which you’re doing it internally from a bits and bytes standpoint.

Kevin L. Jackson (15:29):

So, it sounds like if I’m a business or an executive in a business or a company, I need to have a partner that’s helping me with respect to the network. Is that one and — is that an important role for a company like AT&T?

Rich Baich (15:48):

Yes, absolutely. I mean, not, you know, not just AT&T, but the reality of it is, is a good cybersecurity organization and an executive is helping a business understand their cyber risk. As you know, most businesses are connected to the internet one way or another.

Kevin L. Jackson (16:08):

Yes.

Rich Baich (16:08):

And good business leaders understand risk management. But cyber professionals oftentimes get lost in a technology and a nomenclature. And they need to keep it very simple and easy for the business owner to understand, here is your risk. Here’s your risk with your third-party portfolio. Here is your risk with your infrastructure. And in the case of AT&T, hopefully it’s says, and this is your secure network experience that we can provide to you.

Kevin L. Jackson (16:36):

Wow. Wow. I mean, it’s really protecting your business ecosystem across the network because that’s key to being safe. Well, I mean, I really appreciate all the insight and your time today. You really have provided a great viewpoint, but unfortunately our time has come to an end. But how can the audience reach out to you if they have any questions? And before you leave, tell us a little bit about your book.

Rich Baich (17:10):

So, yes. So, my book, I wrote that — gosh, when I was much — much, much younger. I think it was back in like around 2004 timeframe. And it was called “Winning as a CISO.” And, you know, basically it’s a leadership book geared towards helping CISOs run their business. Again, I was finishing up my MBA and I thought a book that could help translate between business executives and technology executives would be good.

Rich Baich (17:44):

So, you know, Kevin, to show my age, it starts off with its 2:00 AM and your pager’s going off and you’re driving into work thinking, why do I want to be a CISO as you have this virus infestation to deal with? But it talks about things like selling security, developing talent, choosing a framework. It’s just very, very fundamental and foundational to, I think, being a good leader, irregardless, being a good C-level executive, just more focused on the disciplines in the cyber world.

Kevin L. Jackson (18:18):

Well, the thought processes are the same, so thank you very much. But in closing, I would like to really invite everyone to check out the wide variety of industry thought leadership that we have here at Digital Transformers and at Supply Chain Now. I tell you, you may want to also pick up that book or reach out to Rich so he can help you in setting your sights and being the leader you need to be as a CISO.

Kevin L. Jackson (18:52):

So, thank you. You can find Digital Transformers and Supply Chain Now wherever you get your podcast, so be sure to subscribe. On behalf of the entire team here at Supply Chain Now, this is Kevin L. Jackson wishing all of the listeners a bright and transformational future. We’ll see you next time on Digital Transformers.

Intro/Outro (19:19):

Thank you for supporting Digital Transformers and for being a part of our global Supply Chain Now community. Please check out all of our programming at supplychainnow.com. Make sure you subscribe to Digital Transformers anywhere you listen to or view the show. And follow us on Facebook, LinkedIn, Twitter, and Instagram. See you next time on Digital Transformers.