Cloud Security Today

Send a textKelly Bissell shares his extensive experience in cybersecurity, from early internet security challenges to the transformative impact of AI and machine learning. Discover practical insights on risk management, organizational culture, and the future roles of cybersecurity professionals in an AI-driven world.Emerging AI Standardshttps://www.aiuc-1.com/https://cloudsecurityalliance.org/ai-safety-initiativeThe book Matt couldn't remember: https://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/0385249462

Send a textIn this conversation, Nicole Dove shares her unique journey into the cybersecurity field, highlighting her transition from a finance and audit background to becoming a leader in information security at Riot Games. She discusses the importance of continuous learning, the challenges of writing a book on cybersecurity, and the evolving role of Business Information Security Officers (BISOs) in aligning security with business goals. Nicole emphasizes the need for innovative problem-solving and relationship management in cybersecurity, while also reflecting on her personal routines for maintaining sharpness in her role.

Send a textIn this conversation, Rinki Sethi, a seasoned cybersecurity leader, shares her journey from being a CISO at major companies to her current role at Upwind Security. She discusses the evolving landscape of cybersecurity, the impact of AI, and the importance of community in the industry. Rinki emphasizes the need for strong communication skills for CISOs, the significance of evaluating company culture before taking on new roles, and the necessity of leveraging AI to enhance cybersecurity programs. She also highlights the importance of personal growth and building supportive networks within the cybersecurity community.

Send a textIn this month's installment, Toni De La Fuente shares his journey into cybersecurity, detailing his early experiences with computers and his passion for hacking. He discusses the creation of Prowler, an open-source cloud security tool, and its differences from commercial solutions. The conversation explores cloud security challenges, the importance of open-source solutions, and the dynamics of scaling a startup. Toni also emphasizes the significance of passion in one's career and offers advice for aspiring tech professionals.And yes...we also talk about his LOVE for Iron Maiden ;-)

Send a textIn this episode, Matt interviews Bel Lepe, CEO and co-founder of Cerby, discussing the challenges and opportunities in identity security. They explore the significance of disconnected applications, the impact of shadow IT, and the importance of automation and AI in enhancing security practices. Bel shares insights from his previous experience at Ooyala and the lessons learned in building Cerby, including the recent Series B funding and future plans for the company.TakeawaysDisconnected applications pose significant risks in identity management.Shadow IT is becoming a major part of the IT landscape, not just a side issue.The startup journey involves learning from past experiences and adapting strategies.The human element remains a critical factor in cybersecurity incidents.

Send a textIn this conversation, Tammy Klotz discusses her journey as a leader and author, focusing on her book 'Leading with Empathy and Grace.' She shares insights on the importance of empathy, vulnerability, and authenticity in leadership and the challenges and rewards of writing a book. The discussion highlights the significance of acknowledging personal lives in the workplace and the foundational role of trust in professional relationships. If you are an aspiring leader in Cyber, this episode is for you. Tammy shares her secrets to successful leadership.

Send a textIn this conversation, MK Palmore shares insights from his diverse leadership journey, spanning the Marine Corps, FBI, and cybersecurity. He emphasizes the importance of a people-centered leadership approach, the balance between technical and leadership skills, and the significance of effective communication. MK reflects on his experiences, the impact of mentorship, and the lessons learned from both successes and failures in leadership roles. MK highlights the challenges in attracting diverse talent to cybersecurity and the necessity of nurturing new professionals. He concludes with insights on continuous learning and the importance of maintaining a beginner's mindset.TakeawaysDiverse experiences shape leadership philosophy.Mentorship plays a significant role in professional development.Silence from leaders can lead to assumptions and uncertainty.Leaders should increase communication during times of uncertainty.Maintaining a mindset of continuous learning is vital for personal growth.Chapters00:00Introduction to Leadership and Music02:57Diverse Leadership Experiences06:05The Importance of People-Centered Leadership09:05Technical Skills vs. Leadership Skills11:49Communication as a Leadership Skill14:53Learning from Mistakes in Communication18:01The Impact of Silence in Leadership20:44Navigating Uncertainty in Leadership25:06Bridging the Gap: Technical and Business Communication30:22Building Personal Brand and Eminence32:53Overcoming Barriers in Cybersecurity Talent Acquisition38:31Staying Sharp: Continuous Learning and Adaptability

Send a textIn this conversation, Lance Spitzner shares his unique journey from a military tank officer to a pioneer in cybersecurity, detailing the evolution of his career and the inception of the Honeynet Project. He emphasizes the importance of understanding the human element in security, advocating for a shift from mere security awareness to fostering a robust security culture within organizations. Spitzner discusses practical steps for security teams to enhance their approach, including leveraging AI to improve communication and engagement. He concludes by reflecting on the impact of his work and the growing recognition of the human side of cybersecurity.TakeawaysThe Honeynet Project was born from a need for cyber threat intelligence.Security culture is broader than security awareness; it encompasses attitudes and beliefs.Changing the environment is key to changing organizational culture.AI can be leveraged to enhance communication and simplify security policies.Positive interactions with security teams build a stronger security culture.Chapters00:00 From Military to Cybersecurity Pioneer03:04 The Birth of the Honeynet Project05:59 Understanding the Human Element in Security09:13 Security Culture vs. Security Awareness11:51 Changing Organizational Culture for Security14:46 Practical Steps for Security Teams17:55 Leveraging AI in Security Culture21:11 Measuring Success in Cybersecurity Training

Send a textIn this conversation, Dr. Chase Cunningham, aka Dr. Zero Trust, shares his unique journey into the cybersecurity field, emphasizing the importance of purpose and self-care in a high-stress industry. He discusses the challenges of implementing zero trust strategies in organizations, the significance of understanding offensive tactics to enhance defensive measures, and the need for systemic change in national cybersecurity. Dr. Zero Trust also provides valuable advice for aspiring cybersecurity professionals, highlighting the supportive community and the importance of continuous learning.TakeawaysZero Trust is a strategy, not a product.Self-care is critical in high-stress environments.Understanding offensive tactics is essential for defense.Start small when implementing Zero Trust.

Send a textIn this conversation, Steve Martano discusses his journey from writing about baseball analytics to becoming a key player in cybersecurity executive search and strategy. He emphasizes the evolving role of CISOs, the importance of aligning with business objectives, and the need for strong leadership skills. The discussion also covers trends in CISO compensation, the mental health challenges faced by security leaders, and the significance of organizational culture in driving satisfaction and effectiveness in cybersecurity roles.The Latest CISO Compensation Trends & Benchmarks.TakeawaysUnderstanding economics can enhance a CISO's effectiveness.Compensation data must be contextualized for accurate benchmarking.Low attrition doesn't always indicate job satisfaction.CISOs face increasing pressures and scope creep in their roles.The job market is expected to become more active in 2025.Chapters00:00 The Journey from Baseball to Cybersecurity05:53 The Intersection of Leadership and Cybersecurity12:00 Mental Health and Satisfaction Among CISOs17:49 Preparing for Future Attrition in Cybersecurity Roles26:29 Engagement and Satisfaction Beyond Compensation32:13 The Evolving Role of Cybersecurity Leadership38:15 Mentorship and Professional GrowthThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textNate Lee discusses his transition from a CISO role to fractional CISO work, emphasizing the importance of variety and exposure in his career. He delves into the rise of AI, particularly large language models (LLMs), and the associated security concerns, including prompt injection risks. Nate highlights the critical role of orchestrators in managing AI interactions and the need for security practitioners to adapt to the evolving landscape. He shares insights from his 20 years in cybersecurity and offers recommendations for practitioners to engage with AI responsibly and effectively.TakeawaysNate transitioned to fractional CISO work for variety and exposure.Prompt injection is a major vulnerability in LLM systems.Orchestrators are essential for managing AI interactions securely.Security practitioners must understand how LLMs work to mitigate risks.Nate emphasizes the importance of human oversight in AI systems.Link to Nate's research with the Cloud Security Alliance.The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textSummaryIn this conversation, Chris Hetner discusses the evolving role of boards of directors in cybersecurity, emphasizing the need for improved communication and understanding of cyber risks. He highlights the challenges boards face in adapting to new SEC rules and the importance of leveraging AI responsibly. Hetner also shares insights on tools for quantifying cyber risk and prioritizing investments while advocating for continuous learning and proactive engagement with board members.TakeawaysBoards are becoming more aware of cybersecurity risks.Cybersecurity discussions often receive limited airtime in board meetings.The SEC's new disclosure rules can drive more frequent discussions on cyber risk.AI governance is crucial as AI technologies become more prevalent.Collaboration with general counsel and risk officers is essential.Chapters00:00 Introduction and Background on Cybersecurity and Boards03:05 Current Challenges Facing Boards in Cybersecurity06:11 Understanding Cyber Risk and Communication with Boards08:58 Improving Board Engagement with Cybersecurity11:56 Leveraging SEC Guidelines for Cyber Risk Discussions15:02 The Role of AI in Cybersecurity Governance18:05 Tools for Quantifying Cyber Risk21:12 Prioritizing Cybersecurity Investments24:02 The Importance of AI Governance26:57 Staying Informed in Cybersecurity30:13 Final Thoughts and Continuous LearningThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textMeg Anderson, the CISO at Principal Financial Group, discusses her 17-year tenure as a CISO and the factors contributing to her long-term success. She attributes her longevity to her passion for the job and the opportunities for growth and development at Principal. Meg emphasizes the importance of understanding the business impact of cybersecurity and holding people accountable. She also highlights the significance of focusing on the basics of cybersecurity and not getting caught up in the latest trends. Meg shares her experience with mentorship and its role in her career. She also discusses the programs implemented at Principal to attract and retain cyber talent, such as a formal mentorship program and a robust internship program.TakeawaysPassion for the job and naivete can contribute to long-term success as a CISO.Understanding the business impact of cybersecurity and holding people accountable is crucial.Focusing on the basics of cybersecurity is essential, rather than getting caught up in the latest trends.Mentorship plays a significant role in career development.Taking time away from work is essential for personal growth and avoiding burnout.Chapters00:00 Introduction and Long-Term Success as a CISO03:15 The Importance of Naivete and Passion06:34 The Role of Mentorship10:54 Attracting and Retaining Cyber Talent12:50 Organizing a Cyber Youth Summit21:13 Building a Cyber Program Around Company Culture28:07 Focusing on the Basics of Cybersecurity36:19 Personal Growth and Parting WordsThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textPurav Desai is a Microsoft 365 incident responder at a large financial institution (name withheld to protect the innocent). He shares his journey and expertise in the field. He explains how his early exposure to Microsoft security solutions and their constant innovation led him to specialize in 365 security and incident response. He discusses the importance of mentors and influential figures in his career, highlighting the lessons he learned from them. He then dives into his popular project, Deciphering UAL (Unified Audit Logs), which aims to make sense of the complex logs in Microsoft 365. Purav shares an incident response scenario involving a banking Trojan and how he used telemetry and logging to investigate and remediate the issue. He concludes by discussing effective threat detection methods in Microsoft 365, including threat hunting with KQL and leveraging Zero-Hour Auto-Purge (ZAP) to prevent the spread of attacks. In our conversation, we dive into:How specializing in Microsoft 365 security and incident response can be a wise choice due to the constant innovation and market demand for Microsoft solutions.How having mentors and influential figures in your career can provide valuable guidance and inspire you to push yourself and try new things.His personal project, Deciphering UAL (Unified Audit Logs), aims to make sense of the complex logs in Microsoft 365, providing insights for digital forensics and incident response.How proper licensing and logging configuration are crucial for effective incident response.How native tools like Purview Audit and eDiscovery provide valuable insights for forensic analysis.The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textThis month, we welcome Eric Gagnon, Team Lead of Adversary Simulation, Purple Teaming, and Tradecraft Development at Desjardins. The conversation covers a wide range of topics related to cybersecurity, including purple teaming, red teaming, blue teaming, and Eric's journey in cybersecurity. Eric shares insights on certifications, threat hunting, cloud security, and the importance of knowledge exchange between red and blue teams. He also discusses the use of AI in cybersecurity and the need to stay sharp in the field.TakeawaysPurple teaming involves collaborative operations to exchange ideas, evaluate security controls, and test out tactics, techniques, and procedures (TTPs) real threat actors use.Certifications in cybersecurity, such as Offensive Security Certified Professional (OSCP) and Offensive Security Certified Expert (OSCE), provide valuable knowledge and an edge in the field.Threat hunting involves looking for a granular activity that may indicate a compromise, filtering out the noise, and focusing on the suspicious behavior of threat actors.Cloud security requires automation, cyber hygiene, and visibility, focusing on prioritizing techniques and testing them against the enterprise's environment.Knowledge exchange between red and blue teams during a purple team engagement is essential and should include a common language, centralized documentation, and reporting against the MITRE ATT&CK framework.Staying sharp in cybersecurity involves continuous learning, participation in CTFs, engaging with passionate individuals, and challenging oneself through talks, podcasts, and specialized training.Chapters00:00Introduction to Purple Teaming and Cybersecurity Journey08:09Certifications and Insights in Cybersecurity15:08Threat Hunting and Granular Activity Detection35:02Knowledge Exchange in Purple Teaming: Red and Blue Collaboration39:57Staying Sharp in Cybersecurity: Continuous Learning and EngagementThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textThis month, we welcome Swathi Joshi, VP of SaaS Cloud Security at Oracle, to discuss key moments and decisions that shaped her career path, including rejections from Google and Twitter. She emphasizes the importance of learning from rejection and seeking feedback to improve. Swathi also shares insights on the role of mentors and advises on finding and working with mentors. In the second part of the conversation, she discusses building a SaaS security program as an enterprise consumer of SaaS. She highlights the importance of addressing misconfigurations, ensuring visibility and access control, and meeting compliance needs. Swathi also suggests asking about backup and exploring risk scoring for vendors. In this conversation, Swathi discusses best practices for managing vendor risk, vulnerability management through third parties, and incident response in SaaS applications. She also shares insights on privacy operations and critical privacy controls in SaaS. Swathi emphasizes the importance of collaboration, robust incident response plans, and data lifecycle management. She also highlights the need for identity and access control and the challenges of normalizing incident response across different SaaS platforms. Swathi's leadership philosophy is collaborative and pace-setting, and she emphasizes the importance of stress management.TakeawaysLearn from rejection and seek feedback to improveBuild long-term relationships with mentors and create a personal advisory boardWhen building a SaaS security program, focus on addressing misconfigurations, ensuring visibility and access control, and meeting compliance needsAsk about backup and explore risk scoring for vendors. Managing vendor risk requires close collaboration with privacy, legal, and contract partners.Incident response in SaaS applications shares foundational principles with traditional on-prem software, but there are differences in data snapshotting and managing dependencies.Privacy operations can be operationalized by focusing on identity, access control, and data lifecycle management.Leadership should be collaborative, open to ideas, and adaptable to different situations.Stress management is crucial for effective leadership and should be acknowledged and actively managed.LinksPrivacy Operations TemplateSwathi's LI ProfileChapters00:00 Navigating Career Challenges and Learning from Rejection08:13 The Role of Mentors in Career Growth15:26 Building a Strong SaaS Security Program21:20 Meeting Compliance Needs in a SaaS Environment21:56 Backup and Risk Scoring for SaaS Vendors22:38 Managing Vendor Risk26:12 Improving Vulnerability Management through Third Parties26:35 Navigating Incident Response in SaaS Applications34:03 Operationalizing Privacy Operations in SaaS40:50 The Importance of Collaboration in Leadership43:04 Managing Stress for Effective LeadershipThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textEpisode SummaryOn this episode, Sandy Bird, CTO and Co-Founder of Sonrai Security, joins the show to discuss identity security in the Cloud. Prior to Sonrai Security, Sandy co-founded Q1 Labs, which was acquired by IBM. He then became the CTO and helped IBM Security grow to $2B in revenue.Today, Sandy talks about his journey in cybersecurity and how to manage and eliminate dormant identities. Why should listeners be concerned about zombie identities? Hear about the permissions attack surface and where to start implementing zero trust policies.Timestamp Segments·       [01:41] Getting into cybersecurity.·       [03:48] Key lessons from IBM.·       [08:40] Zombie identities.·       [12:53] Is it possible to manage and eliminate dormant identities?·       [16:17] Tying the process into a CI/CD pipeline.·       [21:01] The Dirty Dozen of Cloud Identity.·       [24:13] The permissions attack surface.·       [27:00] Zero Trust best practices.·       [30:08] Creating nett new machine identities.·       [33:17] Prioritizing identity misconfigurations.·       [35:15] Sandy’s mentors and inspirations.·       [37:37] How does Sandy stay sharp? Sound Bites"Nothing is a straight path in starting companies in your career.""Zombie identities are identities that were part of previous projects and never get cleaned up.""Fix the low-hanging fruit first, such as getting rid of zombie identities and locking down sensitive identities." Relevant LinksWebsite:          sonraisecurity.comLinkedIn:         Sandy BirdQuantifying Cloud Access: Overprivileged Identities and Zombie Identities

Send a textEpisode SummaryCorey Elinburg, a cybersecurity leader, discusses the importance of approaching cybersecurity as a transformational force and empowering the business. He emphasizes the need to avoid draconian controls and adopt a mentality of finding solutions rather than saying no. Corey also shares insights on hiring security leaders and building relationships with vendors. He highlights the value of cloud-based security services in rapidly aligning IT with the business and shares examples from his experience. Corey emphasizes the importance of digital trust in healthcare and the need to prioritize patient safety. He also discusses personal growth and staying up to date in cybersecurity.TakeawaysApproach cybersecurity as a transformational force that empowers the business.Avoid draconian controls and focus on finding solutions rather than saying no.Embrace innovation and set the terms of adoption to drive business transformation.Build trust and empower your team to enable scalability and focus on strategic initiatives.Cloud-based security services offer agility, scalability, and rapid alignment with the business.Build relationships with vendors by understanding their value proposition and engaging in problem-solving.Chapters·       [02:10] Kind words about Corey.·       [03:13] Transforming business through IT.·       [05:20] Where security programs go wrong.·       [06:35] Corey’s hiring persona.·       [07:50] Embracing innovation.·       [14:26] Principles to accomplish your vision.·       [17:20] Cloud-based security models.·       [23:55] Bringing value to businesses.·       [28:09] From practitioner to leader.·       [33:41] Unifying security and developers in purpose and practice.·       [38:15] Implementing digital trust.·       [41:28] Corey’s growth formula.·       [42:53] Corey’s parting words. Notable Quotes·       “It’s not just controls. It’s empowering the business to operate in a resilient way.”·       “Too often in cyber, we forget that we’re selling in every interaction.”·       “When you engage trying to solve a problem rather than engage trying to sell a product, you’re immediately on a better footing.” Relevant LinksWebsite:          www.commonspirit.orgLinkedIn:         Corey ElinburgThe future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Send a textEpisode SummaryOn this episode, Global Head of InfoSec and GRC Strategy at VMWare, Ashish Suri, joins the show to discuss data security and AI. Ashish has over 20 years of experience in business transformation, cybersecurity, data privacy, and enterprise risk management. He has served in numerous roles, including Head for Data Risk, Privacy, and Cybersecurity at Apple, Head of Technology Process and Controls at PayPal, and Senior Director of Finance Internal Controls at Visa.Today, Ashish talks about the distinction between data secrecy and data security, data security in the Cloud, and the business benefits of investing in data security. How does AI fit into security? Hear about cost-effective risk mitigation strategies and the evolving DSPM space, and get Ashish’s formula for personal growth. Timestamp Segments·       [01:33] Ashish’s role at Apple.·       [04:27] Data secrecy vs data security.·       [07:20] Data security in the Cloud.·       [09:30] Ashish’s approach to data security.·       [13:53] What does a business get out of data security?·       [17:34] The CIA Triad.·       [21:39] AI and Cloud security.·       [24:24] AI in cybersecurity products.·       [27:59] Cost-effective risk mitigation strategies.·       [30:49] Wading through the DSPM space.·       [35:15] Ashish’s growth formula.·       [37:06] Being humble.·       [38:00] Ashish’s parting words. Notable Quotes·       “The more we are out there in the Cloud, the larger our footprint becomes, and the risk continues multiplying in different directions.”·       “Speed, accuracy, and automation will also get complimented with people, process, and technology.”·       “Keep learning and keep listening.” Relevant LinksWebsite:          Bedrock Security

Send a textEpisode SummaryOn this episode, CISO at Palo Alto Networks, Niall Browne, joins the show to talk about Security, Cloud, and AI. Before joining Palo Alto Networks, he served as the CSO of Cloud platforms for the past sixteen years, including as the CSO and CTO at Workday.Today, Niall talks about his journey starting in the early days of the Internet, his work during Palo Alto’s shift to Cloud and now AI, and how to keep track of risk with automation. How can teams do more with less? Hear about how to communicate risk to company board members, the usefulness of Gen AI, and the cyber skills shortage. Timestamp Segments·       [01:39] Niall’s Bank of Ireland experience.·       [05:07] How did the early internet catch Niall’s attention?·       [08:56] What is Niall most proud of?·       [11:34] Palo Alto’s shift to Cloud.·       [16:43] Overcoming resistance to the shift.·       [22:53] Keeping a pulse on risk.·       [28:07] Communicating risk to boards.·       [33:46] Doing More With Less.·       [38:00] How does Gen AI make processes better?·       [41:27] The cyber skills shortage.·       [47:04] Niall’s personal growth formula. Notable Quotes·       “More with less is key.”·       “Hiring the right skill set is very difficult.” Relevant LinksWebsite:          www.paloaltonetworks.comLinkedIn:         Niall Browne Resources:Doing More with Less: The Case for SOC Consolidation.The future of cloud security.Simplify cloud security with Prisma Cloud, the Code to Cloud platform powered by Precision AI.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.