Cloud Security Podcast by Google

In this enlightening discussion, James Campbell, CEO of Cado Security, and Chris Doman, CTO, dive into the evolving landscape of cloud security. They clarify the differences between Cloud Detection and Response (CDR) and Cloud Investigation and Response Automation (CIRA), highlighting the critical role automation plays in enhancing security. The conversation explores the challenges of ephemeral cloud infrastructure and its impact on compliance. Listeners will gain insights into how modern SIEM/SOAR systems can integrate with CIRA for better cloud security strategies.

Meador Inge, a security engineer at Google, dives into the intricacies of threat modeling, detailing its essential steps and applications in complex systems. He explains how Google continuously updates its threat models and operationalizes the information to enhance security. The conversation explores the challenges faced in scaling threat modeling practices and how AI, particularly large language models like Gemini, is reshaping the landscape. With a humorous twist, Inge shares insights into unexpected threats and effective strategies for organizations starting their threat modeling journey.

Guest: Archana Ramamoorthy, Senior Director of Product Management, Google Cloud Topics: You are responsible for building systems that need to comply with laws that are often mutually contradictory. It seems technically impossible to do, how do you do this? Google is not alone in being a global company with local customers and local requirements. How are we building systems that provide local compliance with global consistency in their use for customers who are similar in scale to us?  Originally, Google had global systems synchronized around the entire planet–planet scale supercompute–with atomic clocks. How did we get to regionalized approach from there?  Engineering takes a long time. How do we bring enough agility to product definition and engineering design to give our users robust foundations in our systems that also let us keep up with changing and diverging regulatory goals? What are some of the biggest challenges you face working in the trusted cloud space? Is there something you would like to share about being a woman leader in technology?  How did you overcome the related challenges? Resources: Video “Compliance Without Compromise” by Jeanette Manfra (2020, still very relevant!) “Good to Great” book “Appreciative Leadership” book

Yigael Berger, Head of AI at Sweet Security, shares insights into the application of large language models (LLMs) for cloud security. He discusses the gap between LLMs' potential and their real-world effectiveness, especially in anomaly detection. Berger explains how LLMs analyze event sequences to enhance accuracy while managing noise. He also addresses the challenges SOC teams face with false positives and negatives, emphasizing the psychological barriers to embracing AI in security. Ultimately, he posits that LLMs may tip the balance in favor of defenders in the cybersecurity battle.

Dave Hannigan, CISO at Nu Bank, brings a wealth of knowledge from his time at Spotify to discuss the unique challenges faced in neobanking. He dives into the complexities of regulatory compliance and the innovative security practices necessary in the rapidly evolving Latin American finance landscape. Hannigan highlights the critical role of identity and access management in cloud security and shares key metrics for assessing security posture. He also reflects on the cultural shifts needed for effective cloud operations and why he chose Google SecOps for his team.

Kimberly Goody, Head of Intel Analysis and Production at Google Cloud, dives into the fascinating world of threat intelligence. She shares how Google's Threat Intelligence Group uniquely combines underground forum data with incident response insights to identify cybercriminal campaigns. Goody explains the challenges of attributing attacks to specific actors and the importance of contextualizing threats. The discussion also highlights the role of AI in enhancing threat analysis and the collaborative efforts across Google's teams to strengthen security.

Or Brokman, a Strategic Google Cloud Engineer specializing in cybersecurity, shares eye-opening insights from his cloud consulting experiences. He recounts one memorable case that revealed shocking security oversights. Brokman identifies a recurring mistake: prioritizing tools over processes, and discusses how to shift mindset. He emphasizes the vital need for collaboration between security and development teams to better protect organizations. His top advice for all companies? Focus on building a security-first culture to ensure successful cloud transformations.

Beth Cartier, a former CISO and founder of Initiative Security, dives into the evolving world of cloud security, particularly for small businesses and startups. She discusses the unique challenges and benefits of vCISO roles in the cloud. The conversation highlights the necessity of resilience in cybersecurity and how organizations are adapting to AI and other emerging trends. Cartier also shares valuable insights on elevating security's importance within companies and staying updated on evolving threats, emphasizing continuous learning in the rapidly changing landscape.

John Rogers, CISO at MSCI with a rich background in cybersecurity and financial services, shares his insights on the evolving landscape of CISO responsibilities. He discusses the balance between innovative approaches and the real risks faced by organizations, especially in cloud security. The conversation covers the importance of proactive strategies, collaboration between teams, and effective communication with executives. Rogers also emphasizes staying grounded in reality while being forward-looking, advocating for strategic planning to navigate the complex cyber threat environment.

Bob Blakley, co-founder and chief product officer of Mimic, dives deep into the evolving threat of ransomware, tracing its transformation from extortion to a sophisticated exploitation tool influenced by cryptocurrency. He challenges conventional views, arguing that ransomware presents a unique security dilemma distinct from other malware. Bob also discusses the critical need for rapid, machine-speed responses and re-evaluating current cybersecurity practices, particularly within startups, to effectively combat this escalating menace.