Time flies when you’re having fun! We’ve produced 46 episodes of the Cloud Security Podcast by Google since our launch in February 2021. Looking back, we’d like to share some cloud security lessons and insights we picked up along the way.Over the course of 2021, the following themes emerged as the most popular with our audience.Zero trust securityCloud threat detectionMaking Cloud migrations more secureData security in the cloudLet’s explore each of these while highlighting some of the more interesting episodes:Zero trustOn the zero trust side, we had a great episode where we interviewed the creator of the term “zero trust”, John Kindervag. We looked through more than 10 years of history of zero trust beginning with the coining of the term in 2010 and early Google efforts in this area. John also shared some practical tips on how to approach zero trust in today’s IT environments.The second zero trust episode focused on the technical details of collecting data for successful zero trust implementations. We covered some of the critical tasks and data points you must have before beginning any zero trust project.Rest assured, more episodes on zero trust are coming.Cloud migration securityThe topic of security during cloud migration has been covered both at the leadership level, in our CISO panels, as well as using field lessons from customers, partners, and Googlers. For example, in our CISO panel, Phil Venables, Google Cloud’s CISO, and others emphasized that security in the cloud involves a mindset shift, not just technology change. On the other hand, while looking at some of the implementation lessons, we covered common mistakes that companies make while migrating. One of our partners shared lessons they’ve learned supporting cloud migrations. We also touched on how some organizations faced challenges abandoning pre-cloud thinking and practices.When migrating to the cloud, where you’re starting from matters as much as where you’re going, and even where you and your customers are located, as we cover in our Europe-focused episode. Specifically, for our users in Europe, a different set of regulatory challenges are in play, including the overlapping and multiplicative regulatory complexity that arises from European federalism.Finally, most organizations really migrate data and workloads to multiple clouds, and there are specific multi-cloud security challenges covered in this episode.Cloud threat detectionWe dug deep into the topic of threat detection, looking at many angles: from more philosophical challenges down to operational issues with creating rules and practicing detection engineering. A very popular episode shares how some threat detection challenges are solved here at Google. Specifically, we covered how our engineers pursue threat research, then create detection code, and then follow up triaging and responding to the “signals” generated by their detection logic. Yes, Google security engineers both write detection logic and respond to the output of that detection logic. Talk about aligned incentives to create low-noise rules! No Google security story would be complete without mentioning our fun episode with Heather Adkins. She shared perspective on securing Google and her talk at RSA 2021, which, unlike the proverbial tree falling in the forest, really did happen, even if virtually. Some great content on SIEM modernization was revealed in the episode where we interviewed one of the key implementation partners for Chronicleand Google Cloud security. We covered how SIEM technology is evolving in the cloud age, and plan to further explore this rich topic in future episodes.Another excellent episode with a Chronicle user focused on how SIEM technology evolved and how to make it work for you now and in the future.Data security in the cloudData security in the cloud presents both new challenges as well as solutions to old challenges. Things like pervasive encryption in GCP certainly solves some challenges while at the same time, reliance on identity is difficult for organizations that are used to building network security barriers between attackers and data. We covered foundational approaches to data security in the cloud and key pillars of a strategy in our second episode. Next, we asked more key questions about how secure data in the cloud really is and what controls are most important to address customer needs.A NEXT 2021 special episode gathered together several product managers that build various data security products at Google Cloud (our DLP, encryption, etc.). They spoke to some of the data security innovations built here at Google and how they’ve been productized for our Cloud customers.Other topics and notable episodesWe’ve also talked in-depth about automated response to security events in the cloud. Cloud platforms are API first environments, so our security response can be automated in ways that weren’t previously possible. We spoke with a Cloud Security director who automated vulnerability and threat response at a large American bank, and we spoke with the engineering team who built, from the ground up, the automated response system for a large pharmaceutical company.We also covered some of the interesting security research done at Google, such as at VirusTotal (two in fact) and by our counter-abuse team.What’s nextYou can review past episodes on the site and subscribe for upcoming episodes (please!) via Google Podcasts, Apple Podcasts and Spotify. Also, do follow Cloud Security Podcast on Twitter for episode announcements and audience commentary. Finally, let us know what we should cover in 2022! We look forward to another exciting year bringing you some of the most interesting and diverse voices across the Cloud Security community.Related ArticleAchieving Autonomic Security Operations: Reducing toilAs organizations go through digital transformation, the importance of building a highly effective threat management function rises to be …Read Article
Quelle: Google Cloud Platform
Published by