EP177 Cloud Incident Confessions: Top 5 Mistakes Leading to Breaches from Mandiant

Guests:

• Omar ElAhdan, Principal Consultant, Mandiant, Google Cloud

• Will Silverstone, Senior Consultant, Mandiant, Google Cloud

Topics:

• Most organizations you see use both cloud and on-premise environments. What are the most common challenges organizations face in securing their hybrid cloud environments?

• You do IR so in your experience, what are top 5  mistakes organizations make that lead to cloud incidents?

• How and why do organizations get the attack surface wrong? Are there pillars of attack surface?

• We talk a lot about how IAM matters in the cloud.  Is that true that AD is what gets you in many cases even for other clouds?

• What is your best cloud incident preparedness advice for organizations that are new to cloud and still use on-prem as well?

Resources:

• Next 2024 LIVE Video of this episode / LinkedIn version (sorry for the audio quality!)

• “Lessons Learned from Cloud Compromise” podcast at The Defender’s Advantage

• “Cloud compromises: Lessons learned from Mandiant investigations” in 2023 from Next 2024

• EP174 How to Measure and Improve Your Cloud Incident Response Readiness: A New Framework

• EP103 Security Incident Response and Public Cloud - Exploring with Mandiant

• EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler