Cloud Security Podcast

The assumption most vuln programmes were built on is gone. That you'd have time between discovery and exploitation. Months went down to weeks. In some cases seconds. Sophisticated attacks no longer require sophisticated attackers. #cloudsecurity #CISO @brinqa

Everyone complains about AI hallucinations in security. Have you ever worked a 3am shift? Humans hallucinate too. You misread an alert because you didn't have the right context. An agent does the same thing for the same reason. @runpanther @jack_naglieri

AI guardrails are dead. They were built as perimeter checks. Block prompt injection at the entry point. But with agentic AI the attack surface isn't at the entry point anymore. #cloudsecurity #AIsecurity #CISO @CheckPointSW @LakeraAI

An HR employee opened WhatsApp. Activated Meta AI inside it. Started feeding patient records into it for a summary. Unsanctioned AI. Inside a sanctioned app. With HIPAA data. how would you even write an IR rule to stop that? #cloudsecurity #CISO @Ent_Security

Security can't keep being the blocker. Joe Sullivan says the number one trait for the next gen security team is curiosity. @sgerlach's anti-pattern: needs procedures. Stays in the box. @StackHawk

Offence already has YOLO mode. Give AI the objective. Get out of the way. Come back when you find a zero day. Defence is still asking a human to approve every step. @EppSecurity , CISO at @sysdig , asks What does YOLO mode look like for cybersecurity? #cloudsecurity #CISO

An email arrived in a user's inbox. White text. White background. Invisible to humans. #cloudsecurity #CISO @Mimecast

Inception to production in less than three days. Including testing. Including everything. Your security programme was built for a deployment cadence that no longer exists. #cloudsecurity #CISO @PaloAltoNtwks

An org took 284 days to recover from ransomware. Six months later, same group hit them again. The backup they restored from had a backdoor in it. Having backups and having clean backups are two different things.When did you last do a full clean recovery test? @Commvault

Detection engineering is probably just going to get absorbed by agents. Not augmented. Absorbed. @jack_naglieri with 15 years in SecOps says 100% of alerts should be triaged by agents. Is your detection programme built for that? #cloudsecurity #CISO @runpanther

Lateral movement used to take days. Then 12 hours. Now two and a half minutes. Your stack was built for a threat landscape that no longer exists. #cloudsecurity #CISO

An HR employee opened WhatsApp. Sanctioned tool. Completely normal. Then activated Meta AI inside it and started feeding it patient records. The EDR only saw WhatsApp running. Your tools know which apps are open. They don't know what's happening inside them. @Ent_Security

Zero stolen credentials to full AWS admin. Eight minutes. CVE to exploitation used to take 18 months. Now it's under a day. A SOC analyst isn't losing because they lack tools. They're losing because the loop is too slow. #cloudsecurity #CISO @EppSecurity @sysdig

75-85% of mission critical work happens in the browser. The browser was built to deliver ads. AI made it worse - Claude Code, Gemini CLI, agents running at terminal level. Your network controls don't see any of it. #cloudsecurity #CISO @island_io

Your AI agent will do whatever it's told. Not just by you. Every tool result is a potential prompt injection and it doesn't have to happen all at once. Jasson Casey from @beyondidentity calls it the Ron Burgundy problem. Who's checking yours? #cloudsecurity #AIsecurity

Non-engineers are pushing code to production. When security finds a vulnerability, who do you send the ticket to? We spoke to Joe Sullivan and Scott Gerlach from @StackHawk #appsec #cybersecurity

A CEO got a LinkedIn DM from a trusted contact. Investment opportunity. Looked real They clicked. Logged in with Google Workspace to view it The attacker knew something most security teams still don't your personal accounts are your company's attack surface now @PushSecurity

Attack campaigns that used to take weeks, now finish in minutes. Security teams are now seeing 10–15 step attack campaigns completed within minutes. AI may be the only way defenders can keep up with the speed of modern attacks. #AISecurity #SOC @DropzoneAI

Phishing doesn’t always come from suspicious domains anymore. Sometimes it comes from legitimate SaaS platforms. Attackers now sign up to tools like DocuSign or Google Sites, create a document with a big phishing button, and send it through the platform. #InfoSec @PushSecurity

AI security is starting to look a lot like cloud security did a decade ago. AI services are introducing new responsibility gaps. User → AWS Bedrock → Model Provider → External tools That’s 4–5 parties in the security chain. Where does responsibility actually sit?