Cyber Frontlines: Norman Dorsch

In this edition of Cyber Frontlines, meet Norman Dorsch—the Global Product Manager for IBM X-Force leading the development of cybersecurity offerings that protect organizations worldwide. With over a decade of experience spanning product management and IT architecture, Norman thrives on bridging technical depth with business impact. Outside of work, he serves as the organizer of TEDxSarasota, fostering ideas that spark change in the community. As a certified private pilot and proud dad, Norman embraces both exploration and responsibility.

Stay up-to-date on Norman’s work on LinkedIn.

I’ve been with the Cybersecurity Services team of IBM since late 2020, helping bring new security offerings to life. My job as Product Manager is to connect the dots between business needs, technical capabilities and client outcomes.

In my most recent role with X-Force, I get to work alongside world-class hackers, incident responders and threat intelligence analysts, which provides an incredible environment to learn and grow.

I started my career at IBM Infrastructure Services, focusing on networking, where security was always a core concern. Back in 2017, I lived in Germany, and the NotPetya attack happened super close to my doorstep. That was the first time I grasped the significance of cybersecurity to our daily lives. In 2020, I finally got the opportunity to make the switch and focus full-time on cybersecurity.

Today, what I enjoy most is that I learn something new every single day. Being surrounded by brilliant colleagues and complex challenges means there’s always an opportunity to grow.

Generative AI is already transforming cybersecurity today. At IBM, we recently launched solutions that enable autonomous threat hunting based on Predictive Threat Intelligence (PTI). PTI, among other existing agents, gets integrated with our Autonomous Threat Operations Machine (ATOM) that serves as multi-agentic orchestrator and centralizes these workflows. This is not future talk, but we’re seeing these solutions provide measurable impacts for our clients today.

That being said, I see AI as part of a broader “three-sided challenge”: AI for cybersecurity (the question at hand), cybersecurity for AI (through AI strategy, red teaming and governance), and the reality that attackers are also leveraging AI, from AI-based malware to deepfakes.

Mikko Hyppönen is a fantastic voice in the industry! He combines deep technical expertise with an ability to explain complex security issues in a relatable way. I saw his keynote at Black Hat last year and recommend checking out his talks on YouTube.

If you prefer reading, I highly recommend the book, “This Is How They Tell Me the World Ends” by Nicole Perlroth.

Black Hat is my favorite because it strikes the perfect balance between business-focused sessions and the raw hacker culture that keeps the industry moving forward.

Never underestimate the human factor. You can have the best, state-of-the-art software available, but it doesn’t matter if you don’t have operational protocols in place that everyone follows, and if your employees don’t have a general security mindset.

Also, if someone says “I don’t care if my data is exploited, I have nothing to hide,” don’t hire them!

1. Overcome your impostor syndrome: Nobody knows everything in cybersecurity, and that’s okay. I’ve worked in the field for 5+ years, and still feel like I just barely grasped the tip of the iceberg. Curiosity and persistence often matter more than having all the answers.
2. Be a culprit (or in other words, “hack!”): Poke at systems, ask “what if,” and challenge your own assumptions. That mindset is how you uncover weaknesses and build resilience.
3. Be lazy (but use it in a good way): Look for smart shortcuts and automation, that’s how you scale and stay efficient.

Easy answer: AI for deepfakes and social engineering. I’ve seen first-hand how easy it is to create a perfect voice clone, and how video deepfakes have evolved drastically over the past couple of months.

That fundamentally changes the game for phishing and impersonation attacks. It’s becoming a true cat-and-mouse game between attacker and defender, where both sides are leveraging AI.