EP102 Sunil Potti on Building Cloud Security at Google

Topics covered:

• One of the biggest shifts we’ve noticed is the shift from building security because we think security is good, to building security as a business. How did you make that cultural shift happen in our organization? 
• With organizations migrating to cloud we have a set of tradeoffs between meeting security teams where they are with on-prem expectations of security vs cloud-native approaches. How do you think about investing in next generation products vs holding the hands of CISOs just stepping into the cloud?
• What matters more to you as a leader, secure cloud (GCP, Workspace) or security products (Chronicle SecOps, BCE, SCC, etc)?
• Is invisible security the same as “building security in”? Aren’t there security controls where the value is derived from them being visible to users?
• Mandiant brings services expertise to Google Cloud, typically not our strong area and not our DNA, how do we plan to make the most of Mandiant within Google’s culture?