John Stone, Chaos Coordinator @ Office of the CISO,
Let’s talk about security incident response in
the cloud. Back in 2014 when I [Anton] first touched on this,
the #1 challenge was getting the data to investigate as cloud
providers had few logs available. What are the top 2022 cloud
incident response challenges?
Does cloud change the definition of a security
storage bucket” an incident?Is vulnerability an incident in the
What should I have in my incident response
plans for the cloud? Should I have a separate cloud IR
What is our advice on running incident response
jointly with a CSP like us?
How would 3rd party firms (like, well,
Mandiant) work with a client and a CSP during an
We all read theThreat
Horizons reports, but
can you remind us of the common causes for cloud incidents we
observed recently? What goals do the attackers typically pursue
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure.
We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit.
We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.