Cyber Sentries: AI Insight to Cloud Security

TruStory FM
Cyber Sentries: AI Insight to Cloud Security

Dive deep into AI's accelerating role in securing cloud environments to protect applications and data. In each episode, we showcase its potential to transform our approach to security in the face of an increasingly complex threat landscape. Tune in as we illuminate the complexities at the intersection of AI and security, a space where innovation meets continuous vigilance.

  1. On-Prem AI Uprising: Navigating the Future of Cloud Security

    4일 전

    On-Prem AI Uprising: Navigating the Future of Cloud Security

    Diving into the Rise of On-Prem AI and Cloud Security In this episode of Cyber Sentries, host John Richards is joined by Doron Caspin, a Senior Manager of Product Management at Red Hat, and Christopher Nuland, a Technical Marketing Manager at Red Hat. They explore the growing trend of on-premise open source models for running AI and the unique benefits and challenges that come with it. The conversation also touches on how DeepSeek has challenged the big players and validated the value of smaller agentic models. John, Doron, and Christopher dive into the shifting landscape of AI and cloud security. They discuss the trends Red Hat is seeing in the industry, such as the move towards smaller, domain-specific language models and the importance of securing AI workloads in hybrid cloud environments. The guests share insights on the key considerations organizations face when deciding to run AI models on-premises, including compliance requirements and the need to treat AI models with the same level of security as databases. Questions we answer in this episode: What are the benefits and challenges of running AI on-premises?How can organizations secure their AI workloads in hybrid cloud environments?What impact has DeepSeek had on the AI industry?Key Takeaways: On-prem AI offers unique advantages for industries with strict compliance requirementsTreating AI models like databases is crucial for ensuring robust securityThe future of AI is likely to be open source, with smaller, domain-specific models gaining tractionThis episode is a must-listen for anyone interested in the intersection of AI and cloud security. John, Doron, and Christopher provide valuable insights and practical advice for organizations navigating this rapidly evolving landscape. Whether you're a security professional, data engineer, or business leader, you'll come away with a deeper understanding of the trends shaping the future of AI and the steps you can take to secure your AI workloads. Links & Notes Try Red Hat Advanced Cluster Security Cloud ServiceRed Hat Advanced Cluster Security for KubernetesTraining an AI to Conquer Double Dragon: Reinforcement Learning DemoLearn more about Paladin CloudGot a question? Ask us here! (00:00) - Welcome to Cyber Sentries (00:31) - Red Hat (01:04) - Meet Christopher and Doron (05:26) - Past to Present (07:54) - Trends in the Approach (12:24) - The Security Side (16:15) - Key Considerations (19:26) - Training and Models (22:33) - Iterations and Shifts (25:36) - Importance of Security Foundations (28:35) - Security in Agent Space (30:00) - Wrap Up

    33분
  2. Play, Grow, Land: The Strategic Path to Enterprise AI with Jim Wilt

    1월 8일

    Play, Grow, Land: The Strategic Path to Enterprise AI with Jim Wilt

    Navigating AI Adoption: From Exploration to Implementation In this illuminating episode of Cyber Sentries, John Richards sits down with Jim Wilt, distinguished chief architect at Weave and veteran security practitioner. With decades of experience in emerging technologies since the mainframe era, Jim brings unique insights into how organizations can successfully integrate AI while maintaining robust security practices. The conversation delves deep into a three-phase approach for AI adoption: learning, growing, and landing. Jim emphasizes the importance of experimentation before commitment, challenging the common rush to define use cases before understanding the technology's capabilities. He shares practical examples of how organizations can progress from internal testing to external deployment, while maintaining security at each stage. The discussion explores how AI isn't about replacement but enhancement - whether for individual roles or organizational processes - and why adaptability in implementation is crucial for success. Questions we answer in this episode: How should organizations approach their initial AI adoption?What's the optimal timeline for moving from experimentation to implementation?When and how should security measures be integrated into AI initiatives?Key Takeaways: "Replaceable architecture" is becoming more critical than "reusable architecture" in the AI eraOrganizations need 9-18 months of internal testing before external AI deploymentSecurity measures should scale up gradually, from minimal during learning to comprehensive in productionThis episode provides invaluable guidance for any organization navigating AI adoption. Jim's practical, experience-based insights cut through the hype, offering a clear roadmap for sustainable AI integration while maintaining security integrity. Whether you're just starting your AI journey or looking to refine your existing approach, this discussion offers actionable strategies for success. Links & Notes ‘What Air Canada Lost In ‘Remarkable’ Lying AI Chatbot Case’CIO.com: From risk to reward: Mastering the art of adopting emerging technologiesGenerative AI (GenAI) – A PrimerGenAI and the Human ExperienceReplaceable is the New ReusableApplied AIConnect with Jim on LinkedInLearn more about Paladin CloudGot a question? Ask us here! (00:04) - Welcome to Cyber Sentries (00:55) - Meet Jim Wilt (01:46) - Jim’s Background (03:59) - Where to Start (13:28) - Public vs. Private Models (17:52) - Time in Growth Period (18:48) - Use Cases (21:57) - Transitioning to External Use (29:06) - Scaling from Personal to Organizational (31:52) - Safeguarding (37:21) - Flexibility (38:34) - Wrap Up

    42분
  3. AI's Identity Revolution: Securing Disconnected Apps and Eliminating Human Error with Bel Lepe

    2024. 12. 11.

    AI's Identity Revolution: Securing Disconnected Apps and Eliminating Human Error with Bel Lepe

    Bel Lepe Reveals How AI Reduces Security Risks By Removing the Human Element In this episode of Cyber Sentries, host John Richards is joined by Bel Lepe, Co-founder and CEO of Cerby, to explore how removing the human factor through automation can dramatically decrease an organization's attack surface. John and Bel dive into the transformative potential of AI in identity and access management, especially for applications that don't support modern security protocols. Bel shares his insights on the current state of identity security and how Cerby is tackling the challenge of securing disconnected apps at scale. He explains how generative AI enables Cerby to build and maintain integrations for thousands of apps without relying on standards. The discussion also touches on emerging trends in identity, including the fragmentation of identity across multiple platforms and the growing threat of AI-powered impersonation attacks. Questions we answer in this episode: How can AI reduce security risks by removing the human element?What are the key challenges in securing apps that don't support modern identity protocols?How will the rise of AI shape the future of identity security?Key Takeaways: The majority of security incidents are caused by human errorAI allows custom integrations to be built at scale without relying on standardsMulti-factor authentication is crucial for protecting against emerging threatsWhether you're a security professional looking to stay ahead of the curve or a business leader seeking to understand the impact of AI on your organization's security posture, this episode is packed with valuable insights. Tune in to learn how AI is revolutionizing identity and access management and what you can do to safeguard your organization in the face of evolving threats. Links & Notes Learn more about CerbyLearn more about Paladin CloudGot a question? Ask us here! (00:00) - Welcome to Cyber Sentries (01:03) - Meet Bel Lepe (02:42) - Validating the Problem (04:07) - The Problem (06:32) - Their Approach (08:24) - Scaling (10:38) - Looking to the Future (15:32) - The Future of Identity (22:25) - Building Better Awareness (23:46) - Wrap Up

    26분
  4. The Adaptive CISO: Digital Defense Evolution with Timothy Youngblood

    2024. 11. 13.

    The Adaptive CISO: Digital Defense Evolution with Timothy Youngblood

    Securing the Digital Future with Former Fortune 500 CISO Tim Youngblood John Richards welcomes Timothy Youngblood, a four-time Fortune 500 CISO and current CISO in Residence at Astrix Security, to discuss the evolving landscape of cybersecurity leadership. With experience at Dell, Kimberly Clark, McDonald's, and T-Mobile, Tim brings unique insights into how security leadership must adapt to emerging threats while maintaining operational effectiveness. The conversation explores Tim's journey from Dell's first CISO to handling security across diverse industries. John and Tim delve into fascinating security incidents, including a notable McFlurry API DDoS attack at McDonald's, demonstrating how modern security challenges can emerge from unexpected places. The discussion shifts to the critical topic of non-human identity attacks and the growing importance of managing machine identities in cloud environments. Tim shares his perspective on how AI is reshaping security practices and why education remains fundamental to effective security programs. Questions we answer in this episode: How do companies integrate security during acquisitions and mergers?What unique challenges do global companies face in cybersecurity?How should organizations approach non-human identity security?Key Takeaways: Security leadership requires strong business acumen alongside technical expertiseEducation and culture-building are crucial for successful security programsThe scale of non-human identities poses a major security blind spot for many organizationsThis episode offers invaluable insights for security professionals navigating complex organizational challenges while adapting to emerging threats. Whether you're a seasoned CISO or aspiring security leader, Tim's practical experiences and strategic approaches provide actionable wisdom for building robust security programs in any environment. Links & Notes Securing Non-human IdentitiesFind Tim on LinkedInLearn more about Paladin CloudGot a question? Ask us here! (00:04) - Welcome to Cyber Sentries (01:12) - Meet Tim Youngblood (08:07) - Challenges (11:03) - Change Management (11:37) - Transitioning to Next Role (16:21) - McDonald’s (19:57) - Flexibility (21:50) - Handling New Challenges (26:11) - Non-Human Identity Attacks (33:55) - Wrap Up

    36분
  5. Open Source AI Unleashed: Transparency, Sovereignty, and Data Control with JJ Asghar

    2024. 10. 09.

    Open Source AI Unleashed: Transparency, Sovereignty, and Data Control with JJ Asghar

    Open Source AI: Transparency, Sovereignty, and Who Controls the Data In this episode of Cyber Sentries, host John Richards is joined by JJ Asghar, an Open Source Champion and Developer Advocate at IBM. They explore the importance of open source in the AI world, how transparency can allow for AI sovereignty, and why we should care about who controls the data. JJ shares his journey into the AI space at IBM and his strong opinions formed from working on open source AI projects. The discussion delves into the differences between mainstream closed-source AI models and the emerging open-source alternatives, highlighting the privacy and trust aspects that are becoming increasingly important, especially outside the United States. Questions we answer in this episode: How does open source fit into the recent surge of AI?What are the benefits of open-source AI models compared to closed-source ones?Why is AI sovereignty important, and how does it relate to open source?The conversation covers the challenges of building and running AI models, the compute resources required, and how open-source approaches can provide more transparency and control. JJ explains the concept of AI sovereignty, where countries and organizations want to run AI within their borders and under their own rules and restrictions. This brings up issues of hardware accessibility and the lifecycle of AI models. Key Takeaways: Open-source AI allows for greater transparency and trust compared to closed-source modelsAI sovereignty is becoming increasingly important for countries with strict privacy lawsThe lifecycle of AI involves training, fine-tuning, and inferencing, each with different compute requirementsWhile open source offers many benefits, the discussion also touches on the challenges, such as the potential for model poisoning and the current lack of genealogy in AI models. Despite these hurdles, open source remains a powerful force in the AI world, with the potential to provide more eyes on the code and faster problem resolution. This episode offers valuable insights into the complex world of AI, the role of open source, and the importance of data control and transparency. Whether you're a developer, a security professional, or simply interested in the future of AI, this conversation provides a thought-provoking look at the challenges and opportunities ahead. Links & Notes IBM's open source foundational model GraniteGranite Foundation Models PaperHugging FaceIBM's coding assistance projectInstructLabCrew AIAI Sovereignty PaperLearn more about Paladin CloudGot a question? Ask us here! (00:04) - Welcome to Cyber Sentries (00:55) - Meet JJ Asghar (03:17) - Working with AI (04:29) - AI and Open Source (10:31) - Approach (14:38) - Sovereignty (18:20) - Inferencing (20:47) - Black Box Situation (30:10) - Weighing the Differences (35:09) - Timeline (40:39) - Finding JJ (42:06) - Communities (44:49) - Wrap Up

    46분
  6. Demystifying Zero Trust: Key Policy Checks for Cloud Native Security with Zack Butcher

    2024. 09. 11.

    Demystifying Zero Trust: Key Policy Checks for Cloud Native Security with Zack Butcher

    Decoding Zero Trust Security for Cloud Native Environments In this episode of Cyber Sentries, John Richards welcomes Zack Butcher, Founding Engineer at Tetrate, to explore the critical components of zero trust security for cloud native and microservice environments. Zack, with deep expertise from his time at Google and work with NIST, shares practical insights on achieving a zero trust posture. John and Zack dive into the fundamental mindset shift required for zero trust - moving from implicit to explicit trust. They break down the five key policy checks that define runtime zero trust, and how these controls can enable identity-based segmentation. Zack illuminates how this approach allows organizations to boost assurance while strategically relaxing painful network-level constraints. Questions we answer in this episode:• What does Zero Trust really mean in practice?• How can organizations adopt a Zero Trust mindset?• What role does a service mesh play in Zero Trust? Key Takeaways:• Zero Trust requires making all trust explicit• 5 key runtime policy checks define a Zero Trust posture• Identity-based policies boost assurance and agility Whether you're wrestling with Zero Trust definitions, microservice security, or cloud native challenges, this episode delivers a wealth of battle-tested wisdom. Zack's clear explanations and examples, combined with John's knack for extracting practical takeaways, make this a must-listen for anyone navigating the complex world of cloud native security. Links & Notes Zack on LinkedInSecurity Strategies for Microservices-based Application Systems (Sidebar has the A-D publications)A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Cloud EnvironmentsTetrate AcademyLearn more about Paladin CloudGot a question? Ask us here! (00:04) - Welcome to Cyber Sentries (01:01) - Meet Zack (04:55) - Reflecting on the Journey (05:46) - Deep on Security Aspect (09:52) - Zero Trust and Definitions (15:35) - Consensus (18:09) - Availability and Assurance (22:28) - Driving Growth (25:44) - How AI Can Be Used for Security (30:07) - Links and Finding Zack (30:36) - Wrap Up

    33분
  7. Decoding Machine Language: The Next Phase of the AI Cloud Security Revolution with Murali Balcha

    2024. 08. 14.

    Decoding Machine Language: The Next Phase of the AI Cloud Security Revolution with Murali Balcha

    Decoding the Language of Machines: AI's Potential to Revolutionize Cloud Security In this episode of Cyber Sentries, host John Richards is joined by Murali Balcha, founder and CTO at Trilio, to explore how AI could transform cloud security by understanding the unique language of machines. Balcha brings over 20 years of experience in IT, particularly in storage systems, to the conversation. Harnessing AI for Proactive SecurityJohn and Murali dive into the potential of AI to enhance cloud security by analyzing the vast amounts of data generated by IT systems. By treating system logs as a language that AI can learn, models could be trained to identify threats and anomalies in real-time, even detecting zero-day attacks that traditional rule-based systems might miss. This shift towards proactive, AI-driven security could significantly reduce the time between a threat emerging and its detection. Questions we answer in this episode: How can AI be applied to cloud security?What advantages does AI offer over traditional rule-based security systems?How can AI models be trained to understand the unique language of machines?Key Takeaways: AI has the potential to revolutionize cloud security by learning the language of machinesAI models can identify threats and anomalies in real-time, even detecting zero-day attacksShifting towards proactive, AI-driven security could significantly enhance threat detection and response timesThis episode offers valuable insights into the cutting-edge applications of AI in cloud security. Listeners will gain a deeper understanding of how machine learning can be harnessed to protect their systems and data, as well as a glimpse into the future of proactive, intelligent security solutions. Links & Notes Check out Murali’s blogFind Murali on LinkedInLearn more about Paladin CloudGot a question? Ask us here! (00:00) - Welcome to Cyber Sentries (00:56) - Meet Murali Balcha (03:29) - AI’s Evolution (06:06) - Transferring Data (14:43) - How Trillio’s Looking at AI (23:36) - Wrap Up

    27분
  8. Navigating the AI Revolution in AppSec: Ori Bendet's Insights on the Future of Application Security

    2024. 07. 10.

    Navigating the AI Revolution in AppSec: Ori Bendet's Insights on the Future of Application Security

    Ori Bendet Shares Insights on AppSec and Managing AI Risks In this episode of Cyber Sentries, John Richards is joined by Ori Bendet, VP of Product Management at Checkmarx, a leader in application security. They explore the critical role of application security in today's digital landscape and discuss strategies for managing the risks and opportunities presented by the rapid adoption of AI in software development. Ori shares his journey into the cybersecurity industry and offers advice for those transitioning into the field. He emphasizes the importance of focusing on areas that are business-critical, such as application security, as more companies become software-driven. Ori also discusses the shift in application security from finding every vulnerability to prioritizing the most critical risks, given the accelerated pace of development and deployment. Questions we answer in this episode:• How can organizations effectively prioritize application security risks?• What are the key challenges and opportunities presented by AI in software development?• How should security teams adapt their practices to manage AI-generated code? The conversation delves into the disruptive impact of AI on software development and the new types of risks it introduces, such as AI hallucination, data poisoning, and prompt injection. Ori stresses the importance of a layered approach to securing AI-generated code and the need for organizations to assess their specific use cases and risks before defining policies and tools. Key Takeaways:• Application security is critical as companies become increasingly software-driven.• Focus on prioritizing the most critical risks rather than trying to find every vulnerability.• Adopt a layered approach to securing AI-generated code and keep the human in the loop. This episode offers valuable insights for anyone looking to understand the evolving landscape of application security and the impact of AI on software development. Ori's expertise and practical advice make this a must-listen for security professionals, developers, and business leaders alike. Links & Notes Check out CheckmarxThe Stanford Research on Secure Code Generated by GenAI SolutionsLearn more about Paladin CloudGot a question? Ask us here! (00:00) - Welcome to Cyber Sentries (00:56) - Meet Ori Bendet (02:31) - Advice When Thrust Into Cyber Security (04:34) - Application Security (07:37) - Opportunities for Growth (09:58) - Shift to Business Risk (12:28) - Making Assessment (16:08) - Core Cybersecurity Principals (20:31) - Restrictions Needed? (23:17) - Using AI in Checkmarx (27:57) - Give Them What Matters Most (29:40) - Wrap Up

    32분
모두 보기(16개)

예고편

평가 및 리뷰

5
최고 5점
6개의 평가

소개

Dive deep into AI's accelerating role in securing cloud environments to protect applications and data. In each episode, we showcase its potential to transform our approach to security in the face of an increasingly complex threat landscape. Tune in as we illuminate the complexities at the intersection of AI and security, a space where innovation meets continuous vigilance.

정보

무삭제판 에피소드를 청취하려면 로그인하십시오.

이 프로그램의 최신 정보 받기

프로그램을 팔로우하고, 에피소드를 저장하고, 최신 소식을 받아보려면 로그인하거나 가입하십시오.
국가 또는 지역 선택

아프리카, 중동 및 인도

아시아 태평양

유럽

라틴 아메리카 및 카리브해

미국 및 캐나다