Join your hosts, Anton Chuvakin and Timothy Peacock, as they talk with industry experts about some of the most interesting areas of cloud security. If you like having threat models questioned and a few bad puns, please tune in!
Workspace makes the claim that unlike other productivity suites available today, it’s architectured for the modern threat landscape. That’s a big claim! What gives Google the ability to make this claim?
Workspace environments would have many different types of data, some very sensitive. What are some of the common challenges with controlling access to data and protecting data in hybrid work?
What are some of the common mistakes you see customers making with Workspace security?
What are some of the ways context aware access and DLP (now SDP) help with this?
Given your impressive and interesting history, tell us a few things about yourself?
What are the biggest challenges facing network security today based on your experience?
You came to Google to work on Network Security challenges. What are some of the surprising ones you’ve uncovered here?
What lessons from Google's approach to network security absolutely don’t apply to others? Which ones perhaps do?
If you have to explain the difference between network security in the cloud and on-premise, what comes to mind first?
How do we balance better encryption with better network security monitoring and detection?
Speaking of challenges in cryptography, we’re all getting fired up about post-quantum and network security. Could you give us the maybe 5 minute teaser version of this because we have an upcoming episode dedicated to this?
We hear you have some interesting insight on LLMs, something to do with blueboxing or something. What is that about?
When you look back, what were the most surprising cloud breaches in 2023, and what can we learn from them? How were they different from the “old world” of on-prem breaches?
For a long time it’s felt like incident response has been an on-prem specialization, and that adversaries are primarily focused on compromising on-prem infrastructure. Who are we seeing go after cloud environments? The same threat actors or not?
Could you share a bit about the mistakes and risks that you saw organizations make that made their cloud breaches possible or made them worse? Conversely, what ended up being helpful to organizations in limiting the blast radius or making response easier?
Tim’s mother worked in a network disaster recovery team for a long time–their motto was “preparing for the inevitable.” What advice do you have for helping security teams and IT teams get ready for cloud breaches? Especially for recent cloud entrants?