Cloud Security Today

Send us a textIn this episode, Nathanial Quist, also known as ‘Q’ returns along with Dr. Jay Chen, both of whom listeners might recognize from our inaugural episode where we discussed how common identity misconfigurations can undermine cloud security. Both Jay and Q are threat researchers with Palo Alto Networks Unit 42. Unit 42 is the global threat intelligence team at Palo Alto Networks and a recognized authority on cyberthreats, frequently sought out by enterprises and government agencies around the world.In our conversation, they discuss what they found in their latest Cloud Threat Report examining the impact of the COVID-19 pandemic. We explore how the tremendous increase in remote work has affected cloud security and why Jay is more concerned over the number of mistakes that people are making, rather than the type of mistakes. Tuning in you’ll hear what organizations can do to curtail the recent rise in security incidents and some interesting observations that Q and Jay learned from their data, such as the fact that even malicious hackers need a holiday and don’t want to spend all their time in front of a computer cryptojacking :-) Key Points From This Episode:Cloud security incidents grew, on average, 188% pre vs. post COVID-19 discovery.Retail organizations saw the greatest increase in security incidents at 402%.The cloud is no longer for low-impact data: 69% of data is PII.Tweetables:“We saw a decrease in crypto mining operations during the holiday period between December 24th through January 3rd. It just kind of goes to show that even malicious crypto miners want to take a holiday.” — Nathanial Quist [0:25:26]“Standardization can help you find the issue but automation can help you to prevent or mitigate [it].” — Jay Chen [0:32:02]Links Mentioned in Today’s Episode:Cloud Threat ReportClip from Tommy BoyNathaniel Quist on LinkedInJay Chen on LinkedInCloud Security TodayThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send us a textKeeping it simple is Brett’s mantra, and it has led to a great amount of success for him and the company he works for. As a security leader at Zoetis, the world’s largest animal healthcare company, Brett has managed to get ahead of the business in terms of adopting cloud securely. Although it may sound boring, standardizing security processes was a key element in the journey to automation for the Zoetis SOC. In today’s episode, Brett also talks about how he ended up in the world of cybersecurity after majoring in ecommerce, the different facets that make up his current role at Zoetis, as well as some of the tools that are extremely useful to Brett and his team. Brett also opines on how automation has led to a reduction in talent-drain on his team. We also briefly delve into the SolarWinds hack and how this changed the way Brett thinks and approaches supply chain security. Key Points From This Episode:Getting ahead of the business, build it before they come!Standardization MUST come before automation.Automation reduces talent-drain.Metrics that Brett and his team follow up on constantly.Tweetables:“Standardization...I just live and die by our process. We're very process-oriented. You can do that in the cloud but you have to take time to do that, and that's how it should be done.” — Brett Tode [0:10:38]“Your standardized processes are the things that really are going to keep you in control and keep you effective over time. Automation is really cool and great because it's going to save us time. But without that standardized process, you can never get to automation.” — Brett Tode [0:13:04]“In almost everything I do, I try to keep things simple. Don't try to make something so complex from the get-go because it’s just never going to work.” — Brett Tode [0:24:49]“We’re always going to strive to be better. I think everyone should do that because making yourself better is just providing more value for the company. At the end of the day, that's what we're all supposed to be doing.” — Brett Tode [0:25:52]Links Mentioned in Today’s Episode:Brett on LinkedInZoetis CareersThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send us a textWhile most companies have significantly increased their investments in SaaS, they have not updated their security controls and processes to ward off threats posed by this medium. Leaving SaaS security to Cloud Access Security Brokers (CASB) is not sufficient. The security controls need to be placed around the data, APIs, and applications that are running inside a cloud environment, not outside its perimeter. This is the kind of security that AppOmni provides and today we have its CEO, Brendan O'Connor on the show to dive deeper into the subject of SaaS security. We begin with Brendan’s journey into IT and security and hear a bit more about what makes him tick. From there, we dive into the subject of security in the cloud as it pertains to SaaS specifically. Brendan does a great job of explaining why SaaS platforms are subject to so many misconfigurations and why these are not being recognized by security teams. He gets into how the cloud infrastructure is set up and uses a few brilliant analogies to describe how an attacker might get into a SaaS platform without security ever realizing. He talks about some basic security measures companies need to take and shares more about how solutions like AppOmni can automate security. For insight into the vulnerabilities of SaaS and how to guard against them, tune in today!Key Areas From This Episode:Curiosity and a love for solving problems is Brendan’s method for keeping his edge.Brendan’s recommendations for security guardrails that always need to be in place.Hear Brendan’s argument about the need for automated SaaS security.Brendan’s recommendations for setting up and measuring SaaS security.Advice from Brendan about how security teams need to adapt in light of Solar Winds.Tweetables:“Companies have significantly expanded their SaaS investment and footprint and the SaaS applications themselves have really grown in complexity. Most companies haven't updated their security controls to support SaaS, or invested in new technology to manage this problem. That's where AppOmni comes in.” — @AppOmniSecurity [0:01:54]“I love solving puzzles. Enterprise security at scale is a hard problem. It's a puzzle. There is not a one-size-fits-all solution.” — @AppOmniSecurity [0:05:29]“SaaS applications are becoming closer to operating systems in the cloud than a single simple web app. You can't watch what every individual is doing. You have got to put guardrails in place.” — @AppOmniSecurity [0:20:30]“SaaS is a fundamentally different architecture than hosting things on-premise. You need to rethink, what is the value that you get from your security tools? How can you get that value today in an automated fashion in these new systems that support that new architecture?” — @AppOmniSecurity [0:24:44]Links Mentioned in Today’s Episode:Matt Chiodi on LinkedInMatt Chiodi on TwitterBrendan O’Connor on LinkedInThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send us a textWelcome to a brand new cloud security podcast, Cloud Security Today. Instead of focusing on the latest news, we’re exploring a different take on cloud security where we dig deeper into its eclectic “how-to” side. On Cloud Security Today, we are going to talk with experts from all over the community so you can do cloud security better. Today’s experts are Nathaniel Quist (Q) and Jay Chen, and they will be talking about Unit 42’s latest cloud threat research. First up Q and J, as we call them, introduce listeners to their professional histories before telling us how they choose their research projects. We then talk to Q and Jay about findings from their latest report on identity and access management. Together, they explain some of the common vulnerabilities that come with identity and access management, like misconfigured roles. Toward the end of the episode, we talk to Q about cryptojacking, as he explains the nuances to mining coins maliciously, the various teams behind the act, and how they use code against each other.  Key Points From This Episode:●      How to become a threat researcher. Q and Jay share a little bit about their background.●      Watch your roles and look out for wildcards in configurations!●      APIs don’t always behave as expected – test them!Tweetables:“My biggest surprise is that even in a multi-million-dollar enterprise environment with thousands of workloads, thousands of EC2 instances and databases, they still make very fundamental mistakes.” — Jay Chen [0:09:55]“The cloud has the potential to be so much more granularly controlled than just a normal on-prem environment. From the outside looking in, it's very complex. Complexity can bring some obscurity within the cloud environment.” — Nathaniel Quist [0:17:00]Links Mentioned in Today’s Episode: Matt Chiodi on LinkedInMatt Chiodi on TwitterUnit 42 Cloud Threat ReportNathaniel Quist on LinkedInJay Chen on LinkedInIAMFinder tool on GitHubThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.