Cloud Security Podcast by Google

CEO of Material Security, Ryan Noon, discusses the challenges of email security beyond phishing. The podcast explores the concept of email security as an application security problem and the importance of protecting sensitive information in a zero trust world. It delves into challenges in the cybersecurity industry and offers tips on enhancing email security. Book recommendations are also provided.

Guests Elie Bursztein, security, anti-abuse and privacy researcher @ Google Kurt Thomas, security, anti-abuse and privacy researcher @ Google Topics: Can we say that "Multi-Factor Authentication - if done well - fixes phishing for good" or is this too much to say? What are the realistic and seen-in-the-wild bypasses for MFA as a protection? How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)? What do we know about burden vs value of MFA today? What can we realistically do to increase MFA/2FA adoption to the 90%s? Can we share anything about what we're seeing as industry benchmarks on MFA adoption so far? We've seen a lot of ugly debates over the value of SMS as MFA, what is your research-based take on this? Resources: Google Titan Security Key "Malicious Documents Emerging Trends: A Gmail Perspective" (RSA 2020) "New research: How effective is basic account hygiene at preventing hijacking" "New Research: Lessons from Password Checkup in action" "New research reveals who's targeted by email attacks" "New research: Understanding the root cause of account takeover" ""Why wouldn't someone think of democracy as a target?": Security practices & challenges of people involved with U.S. political campaigns" "Tales from the Trenches: Using AI for Gmail Security" (ep28)

Guests Elie Bursztein, security, anti-abuse and privacy researcher @ Google Kurt Thomas, security, anti-abuse and privacy researcher @ Google Topics: Can we say that "Multi-Factor Authentication - if done well - fixes phishing for good" or is this too much to say? What are the realistic and seen-in-the-wild bypasses for MFA as a protection? How do you think these controls fare vs top tier attackers (clearly, they work vs commodity threats)? What do we know about burden vs value of MFA today? What can we realistically do to increase MFA/2FA adoption to the 90%s? Can we share anything about what we're seeing as industry benchmarks on MFA adoption so far? We've seen a lot of ugly debates over the value of SMS as MFA, what is your research-based take on this? Resources: Google Titan Security Key "Malicious Documents Emerging Trends: A Gmail Perspective" (RSA 2020) "New research: How effective is basic account hygiene at preventing hijacking" "New Research: Lessons from Password Checkup in action" "New research reveals who's targeted by email attacks" "New research: Understanding the root cause of account takeover" ""Why wouldn't someone think of democracy as a target?": Security practices & challenges of people involved with U.S. political campaigns" "Tales from the Trenches: Using AI for Gmail Security" (ep28)

Guest: Jared Atkinson, Adversary Detection Technical Director at SpecterOps Topics: What are bad/good/great detections? Is this all about the Bianco's pyramid? Is high good and low bad? How should we judge the quality of detections? Can there be a quality framework? Is that judgment going to be site specific? What should we do to build more good directions? Is this all about reducing false positives? Can we really measure false negatives? How can we approach this? How can we test for detection goodness in the real world? What are the methods that work? It can't be just about paper ATT&CK coverage, right? What are your top 3 tips for improving the detection practice at an organization? Resources: "The Pyramid of Pain" post by David Bianco "On Threat Detection Uncertainty" "Detection Coverage and Detection-in-Depth" "Detection in Depth" by SpecterOps "Philosophy of Science: Rationality Without Foundations" by Karl Popper (yes, really) Red Canary "2021 Threat Detection Report" "The Black Swan: The Impact of the Highly Improbable" by Nassim Nicholas Taleb John Piaget's theory of cognitive development

Guests: Stephanie Wong Vicente Diaz, Jerome McFarland Scott Ellis Patrick Faucher Il-Sung Lee, Anoosh Saboori Topics: What is your session about? Why would audience care? What is special about your security technology? Resources: Google Cloud Next 2021 SEC212 6 layers of GCP data center security SEC101 Ransomware and cyber resilience SEC204 Take charge of your sensitive data SEC207 Securing the software supply chain SEC300 Trust the cloud more by trusting it less: Ubiquitous data encryption

Guest: Phil Venables (@philvenables), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Topics: We are here to talk Google Cybersecurity Action Team, and this is your brainchild, so tell our audience the origin of this idea? How is Cybersecurity Action Team going to help secure GCP enterprise clients? Is there also a "improve the security of the internet" story? Many organizations seem stuck in the pre-cloud thinking and mental models, can Cybersecurity Action Team help them transform their security? How? When we sometimes present our security innovations to clients, they say "but we are not Google", so how does Cybersecurity Action Team help us bring more of Google Cybersecurity to the world? What else do we plan to do with Cybersecurity Action Team to help customers modernize their security? How should customers engage with Cybersecurity Action Team? Resources: Google Cybersecurity Action Team "Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations" "Site Reliability Engineering" book (free) "Autonomic Security Operations: 10X Transformation of the Security Operations Center" paper

Guest: Aditi Joshi, Manager in Cloud Security Team @ Google Cloud Topics: What is Allyship? How is it defined? What is its main goal? Why is allyship important in Cloud Security, specifically? Are there aspects of security that make allyship particularly important? What specifically has Google Cloud Security deployed and operationalized around Allyship? How does effective allyship look like? More personally, how can I be a better ally? How does it fit into Google Cloud Security's overarching DEI efforts?

Guest: Rob Sadowski, Trust and Security Lead @ Google Cloud Topics: What are the big security themes at NEXT? Is security still visible? What about invisible security vs autonomic security? Is that just "invisible security" with a neat name? This has got to be your fourth or fifth Next, right? What's new this year compared to last years, aside from being virtual? Anything particularly uniquely Google we're talking about? What to watch at NEXT, if you are a CISO? We secure not just GCP with our tools and approaches, so what to watch if not yet a GCP client? If you have only time for 3 security sessions, which 3 to watch? Resources: Google Cloud NEXT

Guest: Matt Svensson, Senior Security Engineer @ BetterCloud Topics: What are the approaches for monitoring serverless and other modern application architectures? What are the challenges with these new environments? What approaches don't work? What can go wrong with modern stack security monitoring? What should we watch for in a modern application stack? Most new architecture setups are predicated on identities so is identity the center of threat detection here or not?

Guest: Elliott Abraham, Security and Compliance Specialist @ Google Cloud Topics: We talk about lift and shift vs cloud native, what are these and are they fair characterizations? Is lift and shift always negative? Does it always harm security? Are security planning needs different between them? What are the fundamentals with security during cloud migration that you have to get right regardless? What's your advice to a security team to help make a migration work well? How do you account for threat model differences in the cloud? Are cloud threats being more different or more the same to the classic ones? Resources: "Google Cloud security foundations guide" "The Phoenix Project" book "Threat Models and Cloud Security" (ep12) "Preparing for Cloud Migrations from a CISO Perspective" Part 1 (ep5) and Part2 (ep11)