28 min listen
EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?
EP98 How to Cloud IR or Why Attackers Become Cloud Native Faster?
ratings:
Length:
27 minutes
Released:
Nov 21, 2022
Format:
Podcast episode
Description
Guests: Matt Linton, Chaos Specialist @ Google John Stone, Chaos Coordinator @ Office of the CISO, Google Cloud Topics: Let’s talk about security incident response in the cloud. Back in 2014 when I [Anton] first touched on this, the #1 challenge was getting the data to investigate as cloud providers had few logs available. What are the top 2022 cloud incident response challenges? Does cloud change the definition of a security incident? Is “exposed storage bucket” an incident? Is vulnerability an incident in the cloud? What should I have in my incident response plans for the cloud? Should I have a separate cloud IR plan? What is our advice on running incident response jointly with a CSP like us? How would 3rd party firms (like, well, Mandiant) work with a client and a CSP during an investigation? We all read the Threat Horizons reports, but can you remind us of the common causes for cloud incidents we observed recently? What goals do the attackers typically pursue there? Resources: “Building Secure and Reliable Systems” book (especially ch 14-16, and ch17) Google Cybersecurity Action Team Threat Horizons Report #4 Is Out! (#3, #2, #1) “Incident Plan vs Incident Planning?” blog (2013)
Released:
Nov 21, 2022
Format:
Podcast episode
Titles in the series (100)
Zero Trust: Fast Forward from 2010 to 2021: Guest: John Kindervag, who is widely considered to be the creator of zero trust model in 2010 (currently works at ON2IT) Topics: What has changed in the world of zero trust since 2010? What must be trusted for a zero trust (ZT) system to... by Cloud Security Podcast by Google