Guest: Michele Chubirka, Senior Cloud Security Advocate, Google Cloud Topics: So, if somebody wakes you up at 3AM (“Anton’s 3AM test”) and asks “Do we need firewalls in the cloud?” what would you say? Firewalls (=virtual appliances in the cloud or routing cloud traffic through physical firewalls) vs firewalling (=controlling network access) in the cloud, do they match the cloud-native realities? How do you implement trust boundaries for access control with cloud-native options? Can you imagine a modern cloud native security architecture that includes a firewall? Can you imagine a modern cloud native security architecture that excludes any firewalling?  Firewall, NIDS, NIPS, NGFW …. How do these other concepts map to the cloud? How do you build a "traditional-like" network visibility layer in the cloud (and do we need to)? Resources: Video version of this episode: LinkedIn or YouTube “Security Architect View: Cloud Migration Successes, Failures and Lessons” (ep105) “Love it or Hate it, Network Security is Coming to the Cloud” with Martin Roesch (ep113) Gartner Bimodal IT definition Ross Anderson “Security Engineering” book The New Stack blog Trireme tool CNCF site security landscape Google Cloud Firewall

Guests:  Nelly Porter, Group Product Manager, Google Cloud Rene Kolga, Senior Product Manager, Google Cloud Topics: Could you remind our listeners what confidential computing is? What threats does this stop? Are these common at our clients?  Are there other use cases for this technology like compliance or sovereignty? We have a new addition to our Confidential Computing family - Confidential Space. Could you tell us how it came about? What new use cases does this bring for clients? Resources: “Confidentially Speaking” (ep1) “Confidentially Speaking 2: Cloudful of Secrets” (ep48) “Introducing Confidential Space to help unlock the value of secure data collaboration” Confidential Space security overview “The Is How They Tell Me The World Ends” by Nicole Perlroth NIST 800-233 “High-Performance Computing (HPC) Security: Architecture, Threat Analysis, and Security Posture”

Guest: Jeff Reed, VP of Product,  Cloud Security @ Google Cloud Topics: You’ve had a long career in software and security, what brought you to Google Cloud Security for this role? How do you balance the needs of huge global financials that often ask for esoteric controls (say EKM with KAJ) vs the needs of SMBs that want easy yet effective, invisibility security? We’ve got an interesting split within our security business: some of our focus is on making Google Cloud more secure, while some of our focus is on selling security products.  How are you thinking about the strategy and allocation between these functions for business growth? What aspects of Cloud security have you seen cloud customers struggle with the most? What’s been the most surprising or unexpected security challenge you’ve seen with our users? “Google named a Leader in Forrester Wave™ IaaS Platform Native Security” - can you share a little bit about how this came to be and what was involved in this? Is cloud migration a risk reduction move?  Resources: “Google named a Leader in Forrester Wave™ IaaS Platform Native Security” “Sunil Potti on Building Cloud Security at Google” (ep102) Books by Haruki Murakami We are hiring product managers!

Guest: Connie Fan, Senior Product and Business Strategy Lead, Google Cloud Topics: We were at RSA 2023, what did we see that was notable and surprising? Cloud security showed up with three startups with big booths, and one big player with a small demo station. What have we learned here? What visitors might have seen at the Google Cloud booth that we're really excited about? Could you share why we chose these two AI cases - generation of code and summarization of complex content - out of all the possibilities and the sometimes zany things we saw elsewhere on the floor? Could you share a story or two that highlights how we came to this AI launch and what it looked like under the surface?  Resources: “RSA 2023 - How to Protect Your Organization from Cyberattacks in Time of Political Turmoil” (ep118) “RSA 2022 Reflections - Securing the Past vs Securing the Future” (ep70) “How We Attack AI? Learn More at Our RSA Panel!” (ep68) “Security Operations, Reliability, and Securing Google with Heather Adkins” (ep20)

Guests:   Shanyn Ronis, Head of the Mandiant Communication Center John Miller,   Head of Mandiant Intelligence Analysis Topics: It seems like we’re seeing more cyber activity taking place in the context of geopolitical events. A lot of organizations struggle to figure out if/how to respond to these events and any related cyber activity.  What advice do you have for these organizations and their leadership? A  lot of threat intel (TI) suffers from “What does this event mean for threats to our organization?” - sort of how to connect CNN to your IDS? What is your best advice on this to a CISO?  TI also suffers from “1. Get TI 2. ??? 3. Profit!” - how does your model help organizations avoid this trap?  Surely there are different levels of granularity here to TI and its relevance. Is what a CISO needs different from what an IR member needs? Do you differentiate your feed along those axes? What does success look like? How will organizations know when they’re successful? What are good KPIs for these types of threat intelligence? In other words, how would customers know they benefit from it? Is there anything unique that cloud providers can do in this process? Resources: RSA 2023 Session “Intelligently Managing the Geopolitics and Security Interplay” on Wed Apr 26 9:40AM “Sandworm” by Andy Greenberg “Reading Mandiant M-Trends 2023”