Risky Bulletin Between Two Nerds: Telcos bad, Cloud good.
10 snips
Nov 24, 2025 Dive into the contrasting worlds of telcos and cloud services as experts discuss the ongoing debate about security practices. Explore how recent cyber incidents like Salt Typhoon prompted regulators to scrutinize telco vulnerabilities. Discover why cloud companies may excel at security through innovative chaos engineering methods. The conversation also touches on the potential risks of national sabotage, the effectiveness of encryption, and the unique leverage small teams gain in cyber warfare. Regulation’s role is critically examined, as is the promise and peril of critical infrastructure.
AI Snips
Chapters
Transcript
Episode notes
Telcos Needed Regulatory Prodding
- Salt Typhoon showed telcos are attractive targets and compelled regulators to act.
- Tom Uren argues telcos needed prodding because breaches didn't naturally change their business incentives.
Cloud Outages Cascade Quickly
- Cloud outages (AWS, Cloudflare) reveal fragility from small failures cascading widely.
- The Grugq suggests cloud providers are still strong targets but often resilient due to lots of security investment.
Cloud Incentives Favor Security
- The Grugq argues cloud firms invest heavily in security because their business depends on it.
- He warns regulation could distract engineers with paperwork and reduce effective security work.