Rich Mogull

Rich Mogull, SVP of Cloud Security at FireMon and CEO at Securosis, dives into the intricacies of cloud security responsibility. He introduces the Cloud Shared Irresponsibilities Model, suggesting that cloud providers bear some blame in breaches due to customer misconfigurations. The discussion includes insights on what 'using the cloud securely' really means today and how to effectively teach cloud security. Rich also touches on balancing free and paid security features in the cloud and shares his top lesson for safer cloud practices.

Experienced cloud security experts Rich Mogull and Chris Farris share insights on effective cloud security strategies, moving beyond vulnerabilities. They discuss the Universal Threat Actor Model, practical steps in cloud environments, and managing a large volume of CSPM findings. The podcast also explores real-world security breaches, triaging, and automation of security responses, along with the speakers' diverse hobbies and favorite cuisines.

Rich Mogul, an expert in cloud security and educator at Black Hat and DEF CON, discusses the Cloud Security Maturity Model (CSMM). He explains how this practical framework offers tailored guidance for enhancing cloud security. Topics include the importance of measurable KPIs, the role of SMART objectives in governance, and building collaborative security frameworks. Rich emphasizes continuous assessment, self-assessment tools, and the need for clear communication between teams to strengthen security practices across organizations.

Rich Mogull, SVP of Cloud Security at Firemon and CEO of Securosis, shares his unique journey from being a paramedic to a cybersecurity expert. He discusses how lessons from managing physical disasters, like hurricanes, can enhance IT security incident response. The conversation digs into the concept of Black Swan events—unexpected crises that demand resilient strategies. Rich also emphasizes the value of early career opportunities and mentorship, urging cybersecurity professionals to cultivate adaptable, proactive responses to emerging threats.

Rich Mogul, a cloud security expert and trainer for the Cloud Security Alliance, discusses the Cloud Security Maturity Model (CSMM). He outlines how CSMM serves as a blueprint for improving cloud security practices across 12 categories and 3 domains. The conversation highlights the model's five levels of security maturity, and the importance of community involvement in creating effective frameworks. Rich emphasizes using metrics and self-assessments to fill gaps between technical teams and leadership, transforming cloud security into a collaborative and ongoing process.