Cloud Security Podcast by Google

Sarah Aoun, a Privacy Engineer at Google and former consultant on digital security for a world leader, dives into her unique journey from human rights to tech. She discusses the intricacies of designing privacy into Google's Fuschia operating system, particularly for ambient computing. Aoun highlights the importance of understanding who might be a high-risk target in today’s geopolitical landscape and offers insights on enhancing personal security beyond traditional methods. She emphasizes the collective responsibility of individuals and tech companies in prioritizing user privacy.

David French, a Staff Adoption Engineer at Google Cloud, dives into the intriguing world of 'detection as code.' He clarifies its real meaning and its advantages for security teams, discussing how a software engineering approach can enhance detection processes. Topics include the significance of robust testing methods, the challenges of working with limited API support, and the importance of standardizing detection rules. French also advocates for collaborative sharing of detection content, blurring the lines between traditional alert handling and an engineering-like mindset.

Daniel Fabian, Principal Digital Arsonist at Google, shares his insights from two years of AI red teaming. He reveals surprising findings about the unique security challenges AI systems pose compared to traditional software. Fabian discusses counterstrategies against prompt injection attacks and highlights the importance of threat modeling. He offers practical advice for organizations new to AI red teaming, emphasizing an adversarial mindset to identify vulnerabilities and the need for collaboration between security teams and developers. Embrace AI in red teaming for better defense!

Alex Pinto, Associate Director of Threat Intelligence at Verizon Business, discusses the nuances of cloud breaches, questioning if they are merely due to leaked credentials. He reveals that customers are often responsible for the majority of security issues and highlights the common problem of misconfigurations. Pinto also talks about the evolving ransomware landscape and its future, pondering if it will remain a threat for the next two decades. Moreover, he touches on the role of AI in shaping the breach report, emphasizing the need for human oversight.

Alan Braithwaite, Co-founder and CTO of RunReveal and a passionate data engineer, dives into the challenges of modern Security Information and Event Management (SIEM). He discusses the complexities of storage and integration in SIEM systems while comparing decoupled architectures with integrated solutions. With data volumes surging, Braithwaite envisions using ClickHouse for efficient log management. He also introduces 'Pipeline QL' for detection in SQL, sparking debates about its implications for security engineering and interoperability in the ever-evolving landscape of security data.

Eric Foster, CEO of Tenex.AI, is revolutionizing the security services industry through AI innovations. He delves into why starting an AI-native Managed Detection and Response (MDR) service from scratch is a game changer. The discussion highlights the balance between human analysts and AI agents, exploring how their roles will shift in the next five years. Concerns about AI's accuracy in cybersecurity are addressed, alongside essential metrics organizations should prioritize when evaluating MDR efficacy. This insightful chat paves the way for the future of security operations.

Christine Sizemore, a Cloud Security Architect at Google Cloud, dives into the complexities of AI supply chain security. She highlights the stark differences between AI and traditional software supply chains, using engaging examples like the Suez Canal incident. The discussion uncovers unexpected threats, such as data poisoning, and emphasizes the need for continuous security integration. Sizemore explores organizational pitfalls to avoid and humorously questions whether AI can secure itself—she even shares practical strategies for safeguarding AI systems.

Christian Kram, a strategic advisor and investor with a knack for AI, joins to discuss essential insights for board members navigating the complex world of emerging technologies. He underscores the importance of cohesive AI strategies over fragmented approaches. The conversation dives into the challenges boards face while harmonizing AI integration and cybersecurity measures, highlighting the transformative power of AI in supply chains. Kram advocates for a collaborative environment, reassuring employees that AI is a tool for enhancing efficiency, not a threat to job security.

Guest: Diana Kelley, CSO at Protect AI  Topics: Can you explain the concept of "MLSecOps" as an analogy with DevSecOps, with 'Dev' replaced by 'ML'? This has nothing to do with SecOps, right? What are the most critical steps a CISO should prioritize when implementing MLSecOps within their organization? What gets better  when you do it? How do we adapt traditional security testing, like vulnerability scanning, SAST, and DAST, to effectively assess the security of machine learning models? Can we? In the context of AI supply chain security, what is the essential role of third-party assessments, particularly regarding data provenance? How can organizations balance the need for security logging in AI systems with the imperative to protect privacy and sensitive data? Do we need to decouple security from safety or privacy? What are the primary security risks associated with overprivileged AI agents, and how can organizations mitigate these risks?  Top differences between LLM/chatbot AI security vs AI agent security?  Resources: “Airline held liable for its chatbot giving passenger bad advice - what this means for travellers” “ChatGPT Spit Out Sensitive Data When Told to Repeat ‘Poem’ Forever” Secure by Design for AI by Protect AI “Securing AI Supply Chain: Like Software, Only Not” OWASP Top 10 for Large Language Model Applications OWASP Top 10 for AI Agents  (draft) MITRE ATLAS “Demystifying AI Security: New Paper on Real-World SAIF Applications” (and paper) LinkedIn Course: Security Risks in AI and ML: Categorizing Attacks and Failure Modes

Hosts share their insights from the RSA cybersecurity conference, revealing a mix of excitement and skepticism about AI in cloud security. They analyze the potential of AI SOCs while cautioning against the pitfalls of automation. The reliance on outdated security technology is debated, alongside the importance of human oversight in AI applications. Humorous anecdotes lighten the discussion, including memorable marketing strategies and adventures at the event. Ultimately, the conversation navigates the evolving landscape of AI-native technologies versus adding AI to existing platforms.