No guests. We interviewed each other! Topics: What would you say are the most things that Chronicle is trying to address today? What are the good ways to use threat intel to detect threats that do not ruin your SOC? What does “autonomic” security mean, anyway? Is this a fancy way of saying “automatic” or something more? For sure, “the Cloud is not JUST someone else’s computer“ - but how does this apply to threat detection? What makes threat detection “cloud-native”? What kinds of ML magic does y...
Jul 19, 2021•21 min•Season 1Ep. 23
Guests: Phil Venables (@ philvenables ), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Dave Hannigan, Director, Financial Services Security & Compliance @ Google Cloud Topics: As a CISO, would you ever decide to use multiple clouds, if it were in your hands? How is security typically considered when companies go multi-cloud in their approach? Practically, or operationally, how does one think through securing multiple public cloud environments? What are the top chal...
Jul 12, 2021•24 min•Season 1Ep. 22
Guest: Kelly Anderson , Head of Product Marketing, User Protection Services @ Google Cloud Topics: What is marketing, really? Why is it sometimes reviled by the technologists? What makes a great marketer in cloud security? What’s different about cloud security marketing, as opposed to regular old on-premise security marketing? Is there still FUD in the cloud? Which things are the easiest or hardest to do in Google Cloud Security marketing? How do you talk about products so they stand out from th...
Jul 06, 2021•24 min•Season 1Ep. 21
Guest: Heather Adkins , Sr Director, Information Security @ Google Topics: Your RSA presentation has 3 pillars: zero trust, microservices, automation/zero prod, is this all you need to be secure & reliable in the modern world? Let’s drill down again into the “secure and reliable” concept, are you sure that they are interrelated? Is there a risk that microservices could actually increase attack surface? What are the practical security upsides of “no touch production”? SRE and DevOps revolutio...
Jun 28, 2021•28 min•Season 1Ep. 20
Guest 1: Sparky Toews, Product Manager for Adobe identity @ Adobe Topics 1: Why are bots a problem to you? Give us a bit of your bot threat assessment? Can you tell us how you think about and practice securing the user experience? What kind of security products or best practices are involved? How do you see what security professionals do to secure the user experience evolving over time? Guests 2: Randy Gingeleski, Senior Staff Security Engineer @ HBO Max Brian Lozada, CISO @ HBO Max Topics 2: Ca...
Jun 21, 2021•34 min•Season 1Ep. 19
Guests: Jane Chung, VP of Cloud @ Palo Alto Joe Crawford, Director of Strategic Technology Partnerships for Google Cloud @ Palo Alto Topics: What are the top security mistakes you’ve seen during cloud migrations? What is your best advice to security leaders who want to go to the cloud using the on-premise playbook? What security technologies may no longer be needed in the cloud? Which are transformed by the cloud? Cloud often implies agility, but sometimes security slows things down, how to fix ...
Jun 14, 2021•32 min•Season 1Ep. 18
Guest: Julien Vehent , Security Engineering Manager in the Detection and Response team @ Google Topics: What is special about detecting modern threats in modern environments? How does the Google team turn the knowledge of threats into detection logic? Run through an example of creating a detection for a new threat? How do we test our detection rules? We use the same people to write detections and to respond to resulting alerts, how is it working? What are the key skills of good security analysts...
Jun 07, 2021•24 min•Season 1Ep. 17
Guests: Tim Dierks, Engineering Director, Data Protection @ Google Cloud Topics: What are the key components of data security in the public cloud today? Why do companies need specific data security plans and products? Do you think Google Cloud today has enough controls for processing the most sensitive data? Many organizations seem to be unaware of where sensitive data exists in their cloud environments, how do you think this problem will be fixed? What is your view on encryption's role in futur...
Jun 01, 2021•28 min•Season 1Ep. 16
Guest: Greg Castle, Senior Staff Security Engineer at Google Topics: How is kubernetes security different from traditional host security? What’s different about securing GKE vs security Kubernetes on-prem? Where does one start with security hardening for GKE? In your view, what are top realistic threats to container deployments? What do users get wrong most often? Did we manage to make containers both more secure and more usable?...
May 24, 2021•21 min•Season 1Ep. 15
Guest: Zeal Somani, Security Solutions Manager @ Google Cloud, former PCI QSA Topics: What are the usable recipes for thinking about compliance in the cloud? What regulations are more challenging for public cloud users? How do you see the client/provider responsibility split for compliance? What is this “shift left” for compliance? How do we educate auditors and regulators who insist on 1980s solutions to 2020s problems? What are the most popular mistakes and blind spots with trying to be compli...
May 19, 2021•20 min•Season 1Ep. 14
Guest: Alyssa Miller , BISO @ S&P Global Ratings Topics: How do application security practices change as organizations launch their cloud transformations? What bad things happen to you if you lift/shift your big applications to somebody's IaaS? What unique challenges do containers and serverless deployments create for application security? Is there good news here? How can cloud native technologies make application security easier than a traditional on-prem environment? What can organizations...
May 10, 2021•25 min•Season 1Ep. 13
Guest: Seth Vargo , Security Engineer @ Google Cloud Topics: How should security teams change their thinking about threats in the cloud? Where and when should an organization start in building their threat model for their cloud environment? What are the key changes of threat models after cloud migration? More specifically, when it comes to identity, credentials, lateral movement, what are the key ways in which cloud security differs from traditional or on-premises security? How should users who ...
May 03, 2021•20 min•Season 1Ep. 12
Guests: Phil Venables ( @philvenables ), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Dave Hannigan, Director, Financial Services Security & Compliance @ Google Cloud Topics: To continue on the theme from Part 1 , is “cloud-native” about thinking? Security tools? Systems? Architecture? How do we practically help CISOs “speak cloud”? What are the first steps to cloud thinking for an “on-premise CISO”? What are the areas of security where it is easier to become a cl...
Apr 26, 2021•21 min•Season 1Ep. 11
Guest: Eric Foster , President at CYDERES , a Fishtech Group company Topics: How do you define “modern” SIEM? Does modern SIEM always imply SaaS SIEM? Is there a future for on-premises SIEM? What are your top 3 root causes for SIEM deployment failure today? Modern or not, does SIEM have a future? Can XDR or some other technology drive it off the rails? What features or inputs should SIEM have to detect modern threats such as those to cloud environments but also others? What’s different about thr...
Apr 19, 2021•25 min•Season 1Ep. 10
Guest: Avi Shua, CEO and Co-founder @ Orca Security Topics: Where do you spend more efforts, on detection of pre-fail issues (like configuration errors) or post-fail issues (like incidents)? How do you prioritize the preventative and detective controls in your platform? When talking to CISOs, how do you explain that cloud threat detection is different from the on-premise type? In your opinion, are agents dead in the cloud? Do you think your customers care more about cloud-specific threats or tra...
Apr 12, 2021•28 min•Season 1Ep. 8
Guest: John Kindervag, who is widely considered to be the creator of zero trust model in 2010 (currently works at ON2IT) Topics: What has changed in the world of zero trust since 2010? What must be trusted for a zero trust (ZT) system to work? What are key ZT project success pre-requisites? What is the first step in ZT implementation that increases the chance of its success? Is zero trust hard for most companies? What’s the most spectacular failure you’ve seen in a ZT project? Where do you see Z...
Apr 01, 2021•28 min•Season 1Ep. 8
Guest: Brandon Levene, Malware Inquisitor @ Google Cloud Topics covered: Which malware is scarier, state-sponsored or criminal? How do we approach cybercrime mitigation at Google? How do we actually track malware? Don’t we need “attribution” for it? What are the most useful telemetry sources for study in modern malware? Does ransomware have a bright future? Where do you see threat actors making the biggest investments? Resource: "Crimeware In The Modern Era" paper by Brandon Levene...
Mar 24, 2021•25 min•Season 1Ep. 7
Guests: no guests, just Tim and Anton Topics covered: Discussion of the interesting presentations from Cloud Security Talks Q1 2021 focused on trusted cloud, container security, cyber insurance, Chronicle, ML for network security, etc Resources: All Q1 2021 Cloud Security Talks “Cloud Risk Panel Discussion” video “A conversation on overcoming risk management challenges in the Cloud” video “Better together - expanding the Confidential Computing ecosystem” video “Detect potential threats to your c...
Mar 17, 2021•23 min•Season 1Ep. 6
Guests: Phil Venables ( @philvenables ), Vice President, Chief Information Security Officer (CISO) @ Google Cloud Nick Godfrey, Director, Financial Services Security & Compliance and a member of Office of the CISO @ Google Cloud Topics covered: Why do you think so many CISOs of traditional organizations fear cloud migrations? What is your best advice to a CISO who wants to migrate to the cloud using the on-premise playbook, or lift and shift? What are the real tradeoffs in this decision such...
Mar 11, 2021•20 min•Season 1Ep. 5
Episode 4 “Gathering Data for Zero Trust” focuses on enabling zero trust access in the real world Guest: Max Saltonstall ( @maxsaltonstall ), Developer Advocate @ Google Cloud Topics covered: What should be trusted for a zero trust system to work? What is the first thing you need to do to have a zero trust access project succeed? What data needs to be collected for zero trust system operation?...
Feb 24, 2021•24 min•Season 1Ep. 4
Episode 3 “Automate and/or Die?” focuses on automated remediation (or is it response!) in the cloud Guest: Joe Crawford, formerly in charge of cloud-native security at a large bank Topics covered: Can we automatically remediate vulnerabilities and threats in the cloud? Did you require humans to be in the loop for your automation? Is that still automation if we do? Does security fear of automation have a place in the cloud?...
Feb 11, 2021•18 min•Season 1Ep. 3
Episode 2 “Data Security in the Cloud” focuses on data security in the cloud Guest: Andrew Lance, Sidechain Topics covered: What is special about data security in the cloud? How data security plays in the shift from perimeter and network security to identity-based security? Can I use detective data security controls and turn them into preventative controls? Resources: “Designing and deploying a data security strategy with Google Cloud” paper...
Feb 11, 2021•20 min•Season 1Ep. 2
“Confidentially Speaking” episode focuses on confidential computing Guest: Nelly Porter, Group Product Manager @ Google. Topics covered: What risks are mitigated by confidential computing? What types of organizations must adopt confidential computing? How and where the data is encrypted? Resources: Confidential computing at Google Cloud
Feb 11, 2021•21 min•Season 1Ep. 1
