Cloud Security Podcast by Google cover image

Cloud Security Podcast by Google

Latest episodes

undefined
Mar 31, 2025 • 23min

EP217 Red Teaming AI: Uncovering Surprises, Facing New Threats, and the Same Old Mistakes?

In a fascinating discussion, Alex Polyakov, CEO of Adversa AI and expert in AI red teaming, dives into the vulnerabilities plaguing AI systems. He recounts a memorable red teaming exercise that unveiled surprising flaws. Polyakov highlights emerging threats like linguistic-based attacks and emphasizes how classic security mistakes resurface in AI. He critiques the industry's misconceptions about AI security and prompts organizations to rethink their cyber frameworks. Furthermore, he discusses the irony of using AI to safeguard AI, raising essential questions about the future of technology.
undefined
7 snips
Mar 24, 2025 • 32min

EP216 Ephemeral Clouds, Lasting Security: CIRA, CDR, and the Future of Cloud Investigations

In this enlightening discussion, James Campbell, CEO of Cado Security, and Chris Doman, CTO, dive into the evolving landscape of cloud security. They clarify the differences between Cloud Detection and Response (CDR) and Cloud Investigation and Response Automation (CIRA), highlighting the critical role automation plays in enhancing security. The conversation explores the challenges of ephemeral cloud infrastructure and its impact on compliance. Listeners will gain insights into how modern SIEM/SOAR systems can integrate with CIRA for better cloud security strategies.
undefined
9 snips
Mar 17, 2025 • 26min

EP215 Threat Modeling at Google: From Basics to AI-powered Magic

Meador Inge, a security engineer at Google, dives into the intricacies of threat modeling, detailing its essential steps and applications in complex systems. He explains how Google continuously updates its threat models and operationalizes the information to enhance security. The conversation explores the challenges faced in scaling threat modeling practices and how AI, particularly large language models like Gemini, is reshaping the landscape. With a humorous twist, Inge shares insights into unexpected threats and effective strategies for organizations starting their threat modeling journey.
undefined
Mar 10, 2025 • 29min

EP214 Reconciling the Impossible: Engineering Cloud Systems for Diverging Regulations

Guest: Archana Ramamoorthy, Senior Director of Product Management, Google Cloud Topics: You are responsible for building systems that need to comply with laws that are often mutually contradictory. It seems technically impossible to do, how do you do this? Google is not alone in being a global company with local customers and local requirements. How are we building systems that provide local compliance with global consistency in their use for customers who are similar in scale to us?  Originally, Google had global systems synchronized around the entire planet–planet scale supercompute–with atomic clocks. How did we get to regionalized approach from there?  Engineering takes a long time. How do we bring enough agility to product definition and engineering design to give our users robust foundations in our systems that also let us keep up with changing and diverging regulatory goals? What are some of the biggest challenges you face working in the trusted cloud space? Is there something you would like to share about being a woman leader in technology?  How did you overcome the related challenges? Resources: Video “Compliance Without Compromise” by Jeanette Manfra (2020, still very relevant!) “Good to Great” book “Appreciative Leadership” book
undefined
12 snips
Mar 3, 2025 • 28min

EP213 From Promise to Practice: LLMs for Anomaly Detection and Real-World Cloud Security

Yigael Berger, Head of AI at Sweet Security, shares insights into the application of large language models (LLMs) for cloud security. He discusses the gap between LLMs' potential and their real-world effectiveness, especially in anomaly detection. Berger explains how LLMs analyze event sequences to enhance accuracy while managing noise. He also addresses the challenges SOC teams face with false positives and negatives, emphasizing the psychological barriers to embracing AI in security. Ultimately, he posits that LLMs may tip the balance in favor of defenders in the cybersecurity battle.
undefined
10 snips
Feb 24, 2025 • 33min

EP212 Securing the Cloud at Scale: Modern Bank CISO on Metrics, Challenges, and SecOps

Dave Hannigan, CISO at Nu Bank, brings a wealth of knowledge from his time at Spotify to discuss the unique challenges faced in neobanking. He dives into the complexities of regulatory compliance and the innovative security practices necessary in the rapidly evolving Latin American finance landscape. Hannigan highlights the critical role of identity and access management in cloud security and shares key metrics for assessing security posture. He also reflects on the cultural shifts needed for effective cloud operations and why he chose Google SecOps for his team.
undefined
5 snips
Feb 17, 2025 • 26min

EP211 Decoding the Underground: Google's Dual-Lens Threat Intelligence Magic

Kimberly Goody, Head of Intel Analysis and Production at Google Cloud, dives into the fascinating world of threat intelligence. She shares how Google's Threat Intelligence Group uniquely combines underground forum data with incident response insights to identify cybercriminal campaigns. Goody explains the challenges of attributing attacks to specific actors and the importance of contextualizing threats. The discussion also highlights the role of AI in enhancing threat analysis and the collaborative efforts across Google's teams to strengthen security.
undefined
5 snips
Feb 10, 2025 • 27min

EP210 Cloud Security Surprises: Real Stories, Real Lessons, Real "Oh No!" Moments

Or Brokman, a Strategic Google Cloud Engineer specializing in cybersecurity, shares eye-opening insights from his cloud consulting experiences. He recounts one memorable case that revealed shocking security oversights. Brokman identifies a recurring mistake: prioritizing tools over processes, and discusses how to shift mindset. He emphasizes the vital need for collaboration between security and development teams to better protect organizations. His top advice for all companies? Focus on building a security-first culture to ensure successful cloud transformations.
undefined
10 snips
Feb 3, 2025 • 29min

EP209 vCISO in the Cloud: Navigating the New Security Landscape (and Don’t Forget Resilience!)

Beth Cartier, a former CISO and founder of Initiative Security, dives into the evolving world of cloud security, particularly for small businesses and startups. She discusses the unique challenges and benefits of vCISO roles in the cloud. The conversation highlights the necessity of resilience in cybersecurity and how organizations are adapting to AI and other emerging trends. Cartier also shares valuable insights on elevating security's importance within companies and staying updated on evolving threats, emphasizing continuous learning in the rapidly changing landscape.
undefined
22 snips
Jan 27, 2025 • 31min

EP208 The Modern CISO: Balancing Risk, Innovation, and Business Strategy (And Where is Cloud?)

John Rogers, CISO at MSCI with a rich background in cybersecurity and financial services, shares his insights on the evolving landscape of CISO responsibilities. He discusses the balance between innovative approaches and the real risks faced by organizations, especially in cloud security. The conversation covers the importance of proactive strategies, collaboration between teams, and effective communication with executives. Rogers also emphasizes staying grounded in reality while being forward-looking, advocating for strategic planning to navigate the complex cyber threat environment.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode