Cloud Security Podcast by Google Anton Chuvakin

Guest:
Angelika Rohrer, Sr. Technical Program Manager , Cyber Security Response at Alphabet
Topics:
Incident response (IR) is by definition “reactive”, but ultimately incident prep determines your IR success. What are the broad areas where one needs to prepare?
You have created a new framework for measuring how ready you are for an incident, what is the approach you took to create it?
Can you elaborate on the core principles behind the Continuous Improvement (CI) Framework for incident response? Why is continuous improvement crucial for effective incident response, especially in cloud environments? Can’t you just make a playbook and use it?
How to overcome the desire to focus on the easy metrics and go to more valuable ones?
What do you think Google does best in this area?
Can you share examples of how the CI Framework could have helped prevent or mitigate a real-world cloud security incident?
How can other organizations practically implement the CI Framework to enhance their incident response capabilities after they read the paper?
Resources:
“How do you know you are "Ready  to Respond"? paper
EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil
EP103 Security Incident Response and Public Cloud - Exploring with Mandiant
EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics
EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?
 

Guest:
Shan  Rao, Group Product Manager, Google 
Topics:
What are the unique challenges when securing AI for cloud environments, compared to traditional IT systems?
Your talk covers 5 risks, why did you pick these five? What are the five, and are these the worst?
Some of the mitigation seems the same for all risks. What are the popular SAIF mitigations that cover more of the risks?
Can we move quickly and securely with AI? How?
What future trends and developments do you foresee in the field of securing AI for cloud environments, and how can organizations prepare for them?
Do you think in 2-3 years AI security will be a separate domain or a part of … application security? Data security? Cloud security? 
Resource:
Video (LinkedIn, YouTube)  [live audio is not great in these]
“A cybersecurity expert's guide  to securing AI products with Google SAIF“ presentation
SAIF Site
“To securely build AI on Google Cloud, follow these best practices” (paper)
“Secure AI Framework (SAIF): A Conceptual Framework for Secure AI Systems” resources
Corey Quinn on X (long story why this is here… listen to the episode)

Guests:
None
Topics:
What have we seen at RSA 2024?
Which buzzwords are rising (AI! AI! AI!) and which ones are falling (hi XDR)?
Is this really all about AI? Is this all marketing?
Security platforms or focused tools, who is winning at RSA?
Anything fun going on with SecOps?
Is cloud security still largely about CSPM?
Any interesting presentations spotted?
Resources:
EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side (RSA 2024 episode 1 of 2)
“From Assistant to Analyst: The Power of Gemini 1.5 Pro for Malware Analysis” blog
“Decoupled SIEM: Brilliant or Stupid?” blog
“Introducing Google Security Operations: Intel-driven, AI-powered SecOps” blog
“Advancing the art of AI-driven security with Google Cloud” blog

Guest:
Elie Bursztein, Google DeepMind Cybersecurity Research Lead, Google
 Topics:
Given your experience, how afraid or nervous are you about the use of GenAI by the criminals (PoisonGPT, WormGPT and such)?
What can a top-tier state-sponsored threat actor do better with LLM? Are there “extra scary” examples, real or hypothetical?
Do we really have to care about this “dangerous capabilities” stuff (CBRN)? Really really?
Why do you think that AI favors the defenders? Is this a long term or a short term view?
What about vulnerability discovery? Some people are freaking out that LLM will discover new zero days, is this a real risk?
 Resources:
“How Large Language Models Are Reshaping the Cybersecurity Landscape” RSA 2024 presentation by Elie (May 6 at 9:40AM)
“Lessons Learned from Developing Secure AI Workflows” RSA 2024 presentation by Elie (May 8, 2:25PM)
EP50 The Epic Battle: Machine Learning vs Millions of Malicious Documents
EP40 2021: Phishing is Solved?
EP135 AI and Security: The Good, the Bad, and the Magical
EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
PyRIT LLM red-teaming tool
Accelerating incident response using generative AI
Threat Actors are Interested in Generative AI, but Use Remains Limited
OpenAI’s Approach to Frontier Risk
 

Guest:
Payal Chakravarty, Director of Product Management, Google SecOps, Google Cloud
Topics:
What are the different use cases for GenAI in security operations and how can organizations  prioritize them for maximum impact to their organization?
We’ve heard a lot of worries from people that GenAI will replace junior team members–how do you see GenAI enabling more people to be part of the security mission?
What are the challenges and risks associated with using GenAI in security operations?
We’ve been down the road of automation for SOCs before–UEBA and SOAR both claimed it–and AI looks a lot like those but with way more matrix math-what are we going to get right this time that we didn’t quite live up to last time(s) around?
Imagine a SOC or a D&R team of 2029. What AI-based magic is routine at this time? What new things are done by AI? What do humans do?
Resources:
Live video (LinkedIn, YouTube) [live audio is not great in these]
Practical use cases for AI in security operations, Cloud Next 2024 session by Payal
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
15 must-attend security sessions at Next '24
 

Guests: 
no guests (just us!)
Topics:
What are some of the fun security-related launches from Next 2024 (sorry for our brief “marketing hat” moment!)?
Any fun security vendors we spotted “in the clouds”?
OK, what are our favorite sessions? Our own, right? Anything else we had time to go to?
What are the new security ideas inspired by the event (you really want to listen to this part! Because “freatures”...)
Any tricky questions at the end? Resources:
Live video (LinkedIn, YouTube) [live audio is not great in these]
15 must-attend security sessions at Next '24
Cloud CISO Perspectives: 20 major security announcements from Next ‘24
EP137 Next 2023 Special: Conference Recap - AI, Cloud, Security, Magical Hallway Conversations (last year!)
EP136 Next 2023 Special: Building AI-powered Security Tools - How Do We Do It?
EP90 Next Special - Google Cybersecurity Action Team: One Year Later!
A cybersecurity expert's guide to securing AI products with Google SAIF Next 2024 session
How AI can transform your approach to security Next 2024 session