Join your hosts, Anton Chuvakin and Timothy Peacock, as they talk with industry experts about some of the most interesting areas of cloud security. If you like having threat models questioned and a few bad puns, please tune in!
We’ve got an interesting split within our security business: some of our focus is on making Google Cloud more secure, while some of our focus is on selling security products. How are you thinking about the strategy and allocation between these functions for business growth?
What aspects of Cloud security have you seen cloud customers struggle with the most?
What’s been the most surprising or unexpected security challenge you’ve seen with our users?
EP119 RSA 2023 - What We Saw, What We Learned, and What We're Excited About
Connie Fan, Senior Product and Business Strategy Lead, Google Cloud
We were at RSA 2023, what did we see that was notable and surprising?
Cloud Security showed up with three startups with big booths, and one big player with a small demo station. What have we learned here?
What visitors might have seen at the Google Cloud booth that we're really excited about?
Could you share why we chose these two AI use cases - generation of code and summarization of complex content - out of all the possibilities and the sometimes zany things we saw elsewhere on the floor?
Could you share a story or two that highlights how we came to this AI launch and what it looked like under the surface?
It seems like we’re seeing more cyber activity taking place in the context of geopolitical events. A lot of organizations struggle to figure out if/how to respond to these events and any related cyber activity. What advice do you have for these organizations and their leadership?
A lot of threat intel (TI) suffers from “What does this event mean for threats to our organization?” - sort of how to connect CNN to your IDS? What is your best advice on this to a CISO?
TI also suffers from “1. Get TI 2. ??? 3. Profit!” - how does your model help organizations avoid this trap?
Surely there are different levels of granularity here to TI and its relevance. Is what a CISO needs different from what an IR member needs? Do you differentiate your feed along those axes?
What does success look like? How will organizations know when they’re successful? What are good KPIs for these types of threat intelligence? In other words, how would customers know they benefit from it?
Is there anything unique that cloud providers can do in this process?
Why is everyone talking about SBOMs all of a sudden? Why does this matter to a typical security leader?
Some software vendors don’t want SBOM, and this reminds us of the food safety rules debates in the past, how does this analogy work here?
One interesting challenge in the world of SBOMs and unintended consequences is that large well resourced organizations may be better equipped to produce SBOMs than small independent and open source projects. Is that a risk?
Is the SBOM requirement setting the government up to be overly reliant on megacorps and are we going to unintentionally ban open source from the government?
What is the relationship between SBOM and software liability? Is SBOM a step to this? Won’t software liability kill open source?
How does Google prepare for EO internally; how do we use SBOM and other related tools?
To come back to the food analogy, SBOMs are all well and good, but the goal is not that consumers know they’re eating lead, but rather that our food becomes healthier. Where are we heading in the next five years to improve software supply chain "health and safety"?