Cloud Security Podcast by Google EP210 Cloud Security Surprises: Real Stories, Real Lessons, Real "Oh No!" Moments
5 snips
Feb 10, 2025 Or Brokman, a Strategic Google Cloud Engineer specializing in cybersecurity, shares eye-opening insights from his cloud consulting experiences. He recounts one memorable case that revealed shocking security oversights. Brokman identifies a recurring mistake: prioritizing tools over processes, and discusses how to shift mindset. He emphasizes the vital need for collaboration between security and development teams to better protect organizations. His top advice for all companies? Focus on building a security-first culture to ensure successful cloud transformations.
AI Snips
Chapters
Books
Transcript
Episode notes
The European Bank Breach
- A European bank's CISO contacted Orr Brokman's team after a security breach.
- A publicly accessible storage bucket with sensitive data was created due to miscommunication and overlooked alerts.
Security Responsibility Fallacy
- "Security is everyone's responsibility" can be misleading, implying a lack of true ownership.
- It's similar to companies claiming security is their top priority when it's clearly business continuity.
Tools Over Processes
- A vehicle manufacturer sought to fix security issues by buying a new CNAP tool.
- The real problem was a lack of defined processes, like a security exception process.
