Cloud Security Podcast by Google EP229 Beyond the Hype: Debunking Cloud Breach Myths (and What DBIR Says Now)
14 snips
Jun 9, 2025 Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, discusses the nuances of cloud breaches, questioning if they are merely due to leaked credentials. He reveals that customers are often responsible for the majority of security issues and highlights the common problem of misconfigurations. Pinto also talks about the evolving ransomware landscape and its future, pondering if it will remain a threat for the next two decades. Moreover, he touches on the role of AI in shaping the breach report, emphasizing the need for human oversight.
AI Snips
Chapters
Transcript
Episode notes
Understanding Cloud Breaches
- Cloud breaches depend heavily on the cloud service model: SaaS, PaaS, or IaaS, each has different security boundaries.
- Cloud breaches are often just breaches, as cloud is embedded in nearly every organization now.
Credential Abuse Drives Cloud Breaches
- Most cloud breaches involve credential theft or leaked keys as the primary access method.
- Even with strong cloud infrastructure, interface misconfigurations like weak MFA enforcement can lead to breaches.
Snowflake Breach Details
- Alex described the Snowflake breach as credential-driven but noted strong segmentation in the platform prevented data leakage between customers.
- The breach occurred because MFA was not enforced robustly, showing even good cloud design can be undone by misconfigurations.