Cloud Security Podcast by Google

The chaotic vibes of a live conference set the stage for insightful talks on AI’s growing role in security. Discussions unveiled the Model Armor initiative and the evolving integration of AI with cybersecurity. Surprising trends and marketing strategies caught attention, while a hopeful outlook emerged for transforming Security Operations Centers. The urgency for security professionals to adopt AI was emphasized, with a clear warning: adapt or risk falling behind in this fast-evolving landscape.

Guests: Michael Cote, Cloud VRP Lead, Google Cloud Aadarsh Karumathil, Security Engineer, Google Cloud Topics: Vulnerability response at cloud-scale sounds very hard! How do you triage vulnerability reports and make sure we’re addressing the right ones in the underlying cloud infrastructure? How do you determine how much to pay for each vulnerability? What is the largest reward we paid? What was it for? What products get the most submissions? Is this driven by the actual product security or by trends and fashions like AI? What are the most likely rejection reasons?  What makes for a very good - and exceptional? - vulnerability report? We hear we pay more for “exceptional” reports, what does it mean? In college Tim had a roommate who would take us out drinking on his Google web app vulnerability rewards. Do we have something similar for people reporting vulnerabilities in our cloud infrastructure? Are people making real money off this?  How do we actually uniquely identify vulnerabilities in the cloud? CVE does not work well, right? What are the expected risk reduction benefits from Cloud VRP? Resources: Cloud VRP site Cloud VPR launch blog CVR: The Mines of Kakadûm

Steve Ledzian, APAC CTO at Mandiant, dives into the evolving landscape of cybersecurity in the Asia Pacific region. He discusses how many boards still see cyber risks solely as technical issues, missing critical human factors. Steve tackles the confusing jargon plaguing the industry, emphasizing clear communication. He highlights unexpected benefits from the Google-Mandiant merger and shares insights on reducing dwell time in cyber incidents. Finally, he forecasts significant cybersecurity challenges ahead and what organizations should do now to prepare.

Henrique Teixeira, Senior VP of Strategy at Saviynt and former Gartner analyst, dives into the evolution of Identity and Access Management (IAM) amidst cloud and AI advancements. He addresses the challenges and opportunities these shifts create, particularly with ITDR (Identity Threat Detection and Response) and ISPM (Identity Security Posture Management). The discussion explores the unique security needs of machine identities versus human identities, as well as tips for creating memorable tech acronyms, blending humor with valuable insights on identity management.

In a fascinating discussion, Alex Polyakov, CEO of Adversa AI and expert in AI red teaming, dives into the vulnerabilities plaguing AI systems. He recounts a memorable red teaming exercise that unveiled surprising flaws. Polyakov highlights emerging threats like linguistic-based attacks and emphasizes how classic security mistakes resurface in AI. He critiques the industry's misconceptions about AI security and prompts organizations to rethink their cyber frameworks. Furthermore, he discusses the irony of using AI to safeguard AI, raising essential questions about the future of technology.

In this enlightening discussion, James Campbell, CEO of Cado Security, and Chris Doman, CTO, dive into the evolving landscape of cloud security. They clarify the differences between Cloud Detection and Response (CDR) and Cloud Investigation and Response Automation (CIRA), highlighting the critical role automation plays in enhancing security. The conversation explores the challenges of ephemeral cloud infrastructure and its impact on compliance. Listeners will gain insights into how modern SIEM/SOAR systems can integrate with CIRA for better cloud security strategies.

Meador Inge, a security engineer at Google, dives into the intricacies of threat modeling, detailing its essential steps and applications in complex systems. He explains how Google continuously updates its threat models and operationalizes the information to enhance security. The conversation explores the challenges faced in scaling threat modeling practices and how AI, particularly large language models like Gemini, is reshaping the landscape. With a humorous twist, Inge shares insights into unexpected threats and effective strategies for organizations starting their threat modeling journey.

Guest: Archana Ramamoorthy, Senior Director of Product Management, Google Cloud Topics: You are responsible for building systems that need to comply with laws that are often mutually contradictory. It seems technically impossible to do, how do you do this? Google is not alone in being a global company with local customers and local requirements. How are we building systems that provide local compliance with global consistency in their use for customers who are similar in scale to us?  Originally, Google had global systems synchronized around the entire planet–planet scale supercompute–with atomic clocks. How did we get to regionalized approach from there?  Engineering takes a long time. How do we bring enough agility to product definition and engineering design to give our users robust foundations in our systems that also let us keep up with changing and diverging regulatory goals? What are some of the biggest challenges you face working in the trusted cloud space? Is there something you would like to share about being a woman leader in technology?  How did you overcome the related challenges? Resources: Video “Compliance Without Compromise” by Jeanette Manfra (2020, still very relevant!) “Good to Great” book “Appreciative Leadership” book

Yigael Berger, Head of AI at Sweet Security, shares insights into the application of large language models (LLMs) for cloud security. He discusses the gap between LLMs' potential and their real-world effectiveness, especially in anomaly detection. Berger explains how LLMs analyze event sequences to enhance accuracy while managing noise. He also addresses the challenges SOC teams face with false positives and negatives, emphasizing the psychological barriers to embracing AI in security. Ultimately, he posits that LLMs may tip the balance in favor of defenders in the cybersecurity battle.

Dave Hannigan, CISO at Nu Bank, brings a wealth of knowledge from his time at Spotify to discuss the unique challenges faced in neobanking. He dives into the complexities of regulatory compliance and the innovative security practices necessary in the rapidly evolving Latin American finance landscape. Hannigan highlights the critical role of identity and access management in cloud security and shares key metrics for assessing security posture. He also reflects on the cultural shifts needed for effective cloud operations and why he chose Google SecOps for his team.