Cloud Security Podcast by Google

Guest: Archana Ramamoorthy, Senior Director of Product Management, Google Cloud Topics: You are responsible for building systems that need to comply with laws that are often mutually contradictory. It seems technically impossible to do, how do you do this? Google is not alone in being a global company with local customers and local requirements. How are we building systems that provide local compliance with global consistency in their use for customers who are similar in scale to us?  Originally, Google had global systems synchronized around the entire planet–planet scale supercompute–with atomic clocks. How did we get to regionalized approach from there?  Engineering takes a long time. How do we bring enough agility to product definition and engineering design to give our users robust foundations in our systems that also let us keep up with changing and diverging regulatory goals? What are some of the biggest challenges you face working in the trusted cloud space? Is there something you would like to share about being a woman leader in technology?  How did you overcome the related challenges? Resources: Video “Compliance Without Compromise” by Jeanette Manfra (2020, still very relevant!) “Good to Great” book “Appreciative Leadership” book

Yigael Berger, Head of AI at Sweet Security, shares insights into the application of large language models (LLMs) for cloud security. He discusses the gap between LLMs' potential and their real-world effectiveness, especially in anomaly detection. Berger explains how LLMs analyze event sequences to enhance accuracy while managing noise. He also addresses the challenges SOC teams face with false positives and negatives, emphasizing the psychological barriers to embracing AI in security. Ultimately, he posits that LLMs may tip the balance in favor of defenders in the cybersecurity battle.

Dave Hannigan, CISO at Nu Bank, brings a wealth of knowledge from his time at Spotify to discuss the unique challenges faced in neobanking. He dives into the complexities of regulatory compliance and the innovative security practices necessary in the rapidly evolving Latin American finance landscape. Hannigan highlights the critical role of identity and access management in cloud security and shares key metrics for assessing security posture. He also reflects on the cultural shifts needed for effective cloud operations and why he chose Google SecOps for his team.

Kimberly Goody, Head of Intel Analysis and Production at Google Cloud, dives into the fascinating world of threat intelligence. She shares how Google's Threat Intelligence Group uniquely combines underground forum data with incident response insights to identify cybercriminal campaigns. Goody explains the challenges of attributing attacks to specific actors and the importance of contextualizing threats. The discussion also highlights the role of AI in enhancing threat analysis and the collaborative efforts across Google's teams to strengthen security.

Or Brokman, a Strategic Google Cloud Engineer specializing in cybersecurity, shares eye-opening insights from his cloud consulting experiences. He recounts one memorable case that revealed shocking security oversights. Brokman identifies a recurring mistake: prioritizing tools over processes, and discusses how to shift mindset. He emphasizes the vital need for collaboration between security and development teams to better protect organizations. His top advice for all companies? Focus on building a security-first culture to ensure successful cloud transformations.

Beth Cartier, a former CISO and founder of Initiative Security, dives into the evolving world of cloud security, particularly for small businesses and startups. She discusses the unique challenges and benefits of vCISO roles in the cloud. The conversation highlights the necessity of resilience in cybersecurity and how organizations are adapting to AI and other emerging trends. Cartier also shares valuable insights on elevating security's importance within companies and staying updated on evolving threats, emphasizing continuous learning in the rapidly changing landscape.

John Rogers, CISO at MSCI with a rich background in cybersecurity and financial services, shares his insights on the evolving landscape of CISO responsibilities. He discusses the balance between innovative approaches and the real risks faced by organizations, especially in cloud security. The conversation covers the importance of proactive strategies, collaboration between teams, and effective communication with executives. Rogers also emphasizes staying grounded in reality while being forward-looking, advocating for strategic planning to navigate the complex cyber threat environment.

Bob Blakley, co-founder and chief product officer of Mimic, dives deep into the evolving threat of ransomware, tracing its transformation from extortion to a sophisticated exploitation tool influenced by cryptocurrency. He challenges conventional views, arguing that ransomware presents a unique security dilemma distinct from other malware. Bob also discusses the critical need for rapid, machine-speed responses and re-evaluating current cybersecurity practices, particularly within startups, to effectively combat this escalating menace.

Ransomware is a growing threat, with evolving tactics that include data leaks and DDoS attacks. The podcast discusses the intricate business models of ransomware gangs, highlighting their aggressive extortion methods. Challenges specific to cloud environments are examined, stressing the importance of robust data governance. The ethical dilemma of whether to pay ransoms is a key topic, alongside practical advice for organizations to strengthen their defenses. Listeners gain insights into the interconnected roles of cyber insurance and corporate responsibility in combating this menace.

In this discussion, Andrew Kopcienski, a Principal Intelligence Analyst at Google Threat Intelligence Group, shares insights from the new Cybersecurity Forecast 2025 report. He addresses the misconceptions around AI's role in increasing threats, emphasizing the risk of compromised identities in hybrid environments. Andrew highlights the shift from phishing to stolen credentials and examines the growing complexities of zero-day vulnerabilities. He stresses the importance of effective detection strategies and regular audits to combat evolving threats, particularly from nation-state actors.