EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators

Guest:

• Phil Venables, Vice President, Chief Information Security Officer (CISO) @ Google Cloud

Topics

• Why is our industry suddenly obsessed with resilience? Is this ransomware’s doing?
• How did the PCAST report come to be?  Can you share the backstory and how it was created?
• The PCAST report emphasizes the importance of leading indicators for security and resilience. How can organizations effectively shift their focus from lagging indicators to these leading indicators?
• The report also emphasizes the importance of "Cyber-Physical Modularity" - this sounds mysterious to us, and probably our listeners! What is it and how does this concept contribute to enhancing the resilience of critical infrastructure?
• The report advocates for regular and rigorous stress testing. How can organizations effectively implement such stress testing to identify vulnerabilities and improve their resilience? 
• In your opinion, what are the most critical takeaways from our PCAST-related paper for organizations looking to improve their security and resilience posture today?
• What are some of the challenges organizations might face when implementing the PCAST recommendations, and how can they overcome these challenges? 
• Do organizations get resilience benefits “for free” by using Google Cloud?

Resources:

• 10 ways to make cyber-physical systems more resilient
• “Cyber-Physical Resilience and the Cloud: Putting the White House PCAST report into practice” report
• Megatrends drive cloud adoption—and improve security for all
• EP163 Cloud Security Megatrends: Myths, Realities, Contentious Debates and Of Course AI
• Advising The President On Cyber-Physical Resilience - Philip Venables (at PSW)
• EP201 Every CTO Should Be a CSTO (Or Else!) - Transformation Lessons from The Hoff
• EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side