Talking Cloud with an emphasis on Cloud Security

In this episode of Talking Cloud, I speak with Adi Golan, Vice President of Skyhawk Security, discussing the evolution of cloud security, the challenges faced in the industry, and the innovative solutions being developed to enhance security measures. We explore the role of AI and machine learning in cybersecurity, the complexities of CNAPP, and the importance of observability and incident response in preventing breaches. The conversation highlights the rapid changes in the cybersecurity landscape and the need for collaboration between security and cloud teams. We delve into the complexities of cloud security, the evolving threats posed by AI and social engineering, and the importance of predictive technology in cybersecurity. We also discuss the role of adversarial AI in simulating attacks, the necessity of automated remediation, and the challenges of prioritizing vulnerabilities in a dynamic cloud environment. The conversation highlighted the risks associated with third-party vendors and the need for integration and interoperability in security solutions, culminating in a discussion about the future of cybersecurity. I hope you enjoy it!

In this engaging conversation, Vikram Phatak and I explore the rapid evolution of AI and cloud technology, discussing its profound impact on daily life and the cybersecurity industry. We delve into the significance of trust in technology leadership and the challenges of maintaining integrity in a market filled with hype and misinformation. Our discussion also highlights the transformative role of AI technologies like transformers and the importance of data-driven assessments in cybersecurity. In this conversation, we delve into the complexities of product development, particularly in the cybersecurity sector. We discuss the challenges faced by engineers and developers in understanding the context of their work, the importance of testing and assurance in cybersecurity, and the dynamics of leadership in tech companies. The conversation also touches on the monetization strategies of cybersecurity testing organizations and the integrity of their testing processes. We also discuss the critical aspects of network visibility, the dynamics between market leaders and challengers in cybersecurity, the implications of cloud testing, and the importance of integrity in cyber ratings. Finally, we explore the future of cybersecurity, emphasizing the role of AI and human resources, and the challenges posed by rapidly evolving technologies such as quantum computing.

In this episode of Talking Cloud, I engage with Craig Calder to explore the evolving landscape of AI and its implications for business and society. We discuss the importance of curiosity in tech, the shift towards outcome-based pricing models, and the challenges of implementing AI in organizations. The conversation also touches on the future of identity security and the rapid evolution of technology, emphasizing the need for education and adaptation in this fast-paced environment. I hope you enjoy it!

In this episode of Talking Cloud, I interview Kirsten Bay, CEO and co-founder of Cysurance, discussing her journey from supply chain operations to the world of cybersecurity and insurance. We explore the evolution of data valuation, the complexities of cyber insurance, and the importance of understanding risk management in today's digital landscape. Kirsten shares insights on how businesses can better navigate cybersecurity challenges and the innovative approaches being taken in the insurance sector to address these issues. In this conversation, Kirsten and Grant delve into the complexities of cyber insurance, discussing the evolving landscape of risk management in the face of increasing cyber threats. We explore the integration of security products with insurance solutions, the impact of AI on cybersecurity risks, and the importance of managing severity in cyber incidents. Our discussion highlights the need for organizations to adapt to new technologies while maintaining robust security measures, and the future implications of data security and privacy.

In this episode of Talking Cloud, Grant Asplund interviews Paul Chang, CEO of Brand Engagement Network (BEN), discussing the evolution of AI technologies, particularly large language models, and their applications in business. Paul shares insights from his extensive experience at IBM and how BEN is leveraging AI to create tailored solutions for various industries. The conversation explores the importance of customer engagement through AI avatars, the integration of middleware and backend systems, and the scalability of AI solutions in enhancing customer service. In this conversation, Grant Asplund and Paul discuss the transformative role of AI in customer service, healthcare, and various industries. They explore the evolution of Ben, an AI platform, and its applications in enhancing user engagement through customizable avatars and personalized interactions. The discussion highlights real-world use cases, including healthcare awareness campaigns and automotive sales, emphasizing the importance of tailored solutions and the future of AI technology.

Episode #74 features a great discussion with Steve Winterfeld, Advisor, and Fractional CISO with Cyber Vigilance Advice (CVA) LLC. Steve is passionate about cybersecurity. He served as CISO for Nordstrom Bank, Director of Cybersecurity for Nordstrom, and Director of Incident Response and Threat Intelligence at Charles Schwab. Steve also published a book on Cyber Warfare and holds CISSP, ITIL, and PMP certifications. We discussed a variety of topics, and during our conversation, Steve offered these resources: On finding job: Lessons Learned on Finding a Cybersecurity Job After a Layoff - Security Boulevard On starting / managing a career: Creating a Roadmap for Your Dream Cybersecurity Career - Security Boulevard 

This week, my guest is Matt Stamper, CEO | CISO & Executive Advisor. Matt is a multi-time CISO with extensive experience in cybersecurity, information security, cloud security, IT audit, risk management, privacy, AI security, and governance. Matt is a former research director and security analyst at Gartner (NYSE: IT) and has extensive experience in cloud services and IT service management, including international experience in Latin America and China. Throughout his career, Matt has spoken to 1000s of CISOs, CIOs, and other corporate leaders and boards of directors. Matt's experience includes early-stage startups and large, multinational public companies spanning multiple industries, including managed services, managed security services, global telecom, and advisory. Matt excels at conveying complex cybersecurity and technology concepts to boards of directors, executive management, professional service providers, cybersecurity personnel, and vendors in the cybersecurity industry.

I first met my episode 68 guest in 2002. I recently completed the reacquisition of MetaInfo from Check Point. While Check Point retained 20%, my employees and I owned 80%. Chris, the CEO of Nominum, reached out to me to discuss a possible merger between our companies. The short story is we never merged. Chris led Nominum until they were acquired by Akamai Technologies in 2017. Today, Chris is the CEO of Bastille, a unique wireless security vendor disrupting the industry. We have a wonderful, wide-ranging discussion. I hope you enjoy this episode!

In this episode, I sit with the Head of Cloud Security Engineering at Check Point Software. Brian McHenry joined Check Point after over a decade and a half at F5 focused on WAF. Brian has been a practitioner, a Sales Engineer, and a Product Manager. Hear why Brian left F5 and joined Check Point and what he started in NY in 2016.

All the way from Northern Ireland, my episode 66 guest is Chris Cooney, Director of Advocacy at Coralogix. Chris explains the differences between 'visibility' and 'observability' and discusses the benefits of their support for open systems.

Episode 65 features Marina Segal, a friend, former colleague, and now co-founder and CEO of her VC-backed start-up, Tamnoon (www.tamnoon.io). I first met and worked with Marina Segal at Dome9 and, subsequently, Check Point Software. Marina is a shrewd and highly experienced executive with a strong background in Security Governance, Risk, and Compliance. In this age of AI, automation, and BOTs, she and her team have created an interesting value proposition with a human touch. I hope you enjoy the discussion.   *PLEASW NOTE*Correction* Midway through the broadcast I refer to CNAPP as a 'horizontal vertical' solution and I meant to say CSPM, not CNAPP. My bad. Thanks!

Happy 2025! In this two-part episode, my guest is the founder of North Labs, Collin Graves. We discuss a variety of topics, including, of all things, the similarities between Higher Education and manufacturing! I'll never think of a  'bow-tie' in the same way again! Collin was an early pioneer in cloud computing and was one of the very first certified on AWS. Please comment and let us know what you think!

Happy 2025! In this two-part episode, my guest is the founder of North Labs, Collin Graves. We discuss a variety of topics, including, of all things, the similarities between Higher Education and manufacturing! I'll never think of a  'bow-tie' in the same way again! Collin was an early pioneer in cloud computing and was one of the very first certified on AWS. Please comment and let us know what you think!

In another two-part episode, I sit down with a long-time cybersecurity professional and personal friend, Cal Jeffrey. We first met in 1998 when we were both at Check Point Software. We've remained great friends and have collaborated multiple times. I affectionately call him my personal SMEE—subject matter expert on everything! Joking aside, Cal is a knowledgeable, intelligent, and engaging colleague, and I'm sure you'll enjoy this episode. Please comment and share your thoughts!

In another two-part episode, I sit down with a long-time cybersecurity professional and personal friend, Cal Jeffrey. We first met in 1998 when we were both at Check Point Software. We've remained great friends and have collaborated multiple times. I affectionately call him my personal SMEE—subject matter expert on everything! Joking aside, Cal is a knowledgeable, intelligent, and engaging colleague, and I'm sure you'll enjoy this episode. Please comment and share your thoughts!

Part 2 My special guest on episode 62 (in two parts) is a long-time Information Security Executive, entrepreneur, and investor. Todd Beebe cut his teeth in the industry attempting to find his way into other people's systems and networks but turned those skills into a long and successful career bolstering and protecting systems and networks. It was a fascinating discussion with great insights from Todd. 

Part 1 My special guest on episode 62 (in two parts) is a long-time Information Security Executive, entrepreneur, and investor. Todd Beebe cut his teeth in the industry attempting to find his way into other people's systems and networks but turned those skills into a long and successful career bolstering and protecting systems and networks. It was a fascinating discussion with great insights from Todd. 

I'm finally back with a new video format. Thanks for sticking with me. I've decided to run solo in this episode and show one of the most popular presentations I've delivered in the last few years. It's not just a bunch of slides; I show a number of very cool sites too! (links below) I hope you enjoy it! (Special thanks to Jason Prost for the initial slides. Thanks to Pete Nicoletti for the cool AI Risk Repository from MIT) Please comment and let me know what you think! The A.I. Dilemma 60 Minutes Interview with Jeff Hinton (13:12) CBS Online Interview with Jeff Hinton (42:30) Prof. Geoffrey Hinton - "Will digital intelligence replace biological intelligence?" Information is Beautiful – LLM's Great article explaining LLM's Ryan Gosling Explaining LLM's (deepfake) Chance the Rapper Explaining RAG (deepfake) Will Smith Eating Spaghetti – 2023 and Today Retrieval-Augmented Generation (RAG) explained Model Autophagy Disorder (MAD) There's an AI for that! GAMMA:This is a great one for creating documents and presentations SEOWriting: This is a great one for creating documents and presentations AI Won't Replace Humans — But Humans With AI Will Replace Humans Without AI AIToolHund: This is a site listing AI Aggregator Sites https://airisk.mit.edu/#How-to-use-the-AI-Risk-Repository

Episode #60 features Ori Mankali. Ori is a highly seasoned and experienced software developer and leader who now heads engineering for Akeyless Security. Ori is a pioneer in cloud computing, cloud security, and container technologies. Listen as we discuss numerous topics including zero-trust, remote access security, AI, software development, and more. It was a fun discussion for me and I hope you enjoy it as much as I did!

If you've been in the cybersecurity industry sometime during the past two decades, you've likely heard of the analyst firm ESG-Enterprise Strategy Group. What you may not know is, before my guest joined ESG more than 21 years ago, the 'S' stood for storage. My guest in Episode 59, Jon Oltsik originally launched the security practice at ESG which now boasts five analysts. Join Jon and me as we discuss several topics including the changes in cybersecurity over the past two decades the impact of AI and more.

Needless to say, the hottest topic today is Artificial Intelligence and all its variations. So, I found another expert on AI to be my guest. Roland Cozzolino has numerous inventions and patents to his name including inventing the real-time buying of online advertising, common today.  Roland is a perfect example of someone who looks at things differently and, as a result, sees different ways to solve problems. He's a brilliant mathematician, developer, AI expert, serious music aficionado, and a terrific guest I know you'll enjoy.

With a B.Sc., in Physics and Computer Science and M.Sc., in Computer Science, Face Recognition in Infrared Images, and achieving Magna Cum Laude in both, my guest on Episode 57 is a brilliant entrepreneur and the Co-Founder of revolutionary email security vendor, Avanan (Now part of Check Point Software). Hear how they put NLP and AI to work to create the world's top-rated API-based cloud email security solution. 

One of the most gnawing and growing security risks in the cloud is the explosion of identities, of all types.  Identities mean entitlements, privileges, and access. And in the world of Zero-Trust, this can get pretty granular and complex. In this episode, we have the pleasure of a return guest. Venkat is the Co-Founder and CEO of Stack Identity (www.stackidentity.com) and when he last was on the program (Oct 2021-Episode 36) Stack had just come out of stealth.  Hear about their use cases, the challenges they address, and the security vulnerabilities they remove. 

Episode 55 kicks off 2024 with a terrific discussion, covering numerous topics, with a highly seasoned cybersecurity executive. Jonathan (Jon) Sargent has held various CISO/CTO/Cloud Security executive roles over the past two decades. Additionally, he's served as adjunct faculty and assistant adjunct professor for cybersecurity. Adding to his rich perspective and experience, Jon is the Managing Partner and Co-Founder of Eilat Partners and Venture Advisor at Glilot Capital Partners.

In episode 54 I have the dubious honor and privilege of having the Global Chief Information Security Officer for MongoDB, Lena Smart as my guest. Lena is an extremely sharp, pragmatic, and experienced CISO. We have a fantastic time discussing a variety of topics! Hear what she and her team are doing to stay ahead of the bad guys! It's a terrific 50 minutes that will pass by in no time!

One of the greatest benefits of traveling around the world is meeting new people and making new friends. My guest on episode 53 is a highly accomplished international executive whom I only met about a year ago but today I consider him a dear friend. A brilliant *data-centric* executive who has been working in BI for decades...this is a terrific episode with Ido Biger, EVP, Chief Information and Data Officer at Delek US Holdings, Inc. *NOTE* This is the third of the three final programs with my co-host (Episodes 51, 52, 53). Unfortunately, he can no longer continue as my co-host and won't be on the program with me after episode 53.

This is the second time we've had the privilege of having Sean on Talking Cloud. Now Sean is the Head of Information Security and Compliance at KinderCare Education. With over 1,400 KinderCare centers in 40 states and more than 200,000 enrolled children, Sean has his hands full. Hear all about it in this episode. *NOTE* This is the second of the three final programs with my co-host (Episodes 51, 52, 53). Unfortunately, he can no longer continue as my co-host and won't be on the program with me after episode 53.

In this episode, we have a fantastic discussion with a long-time friend, colleague, and amazingly technical executive, Steve DeJong. Steve has decades of technical experience with the internet, security, and software development. He is currently the Distinguished Engineer for Vercara - Previously, Neustar Security Services.  *NOTE* This is the first of the three final programs with my co-host (Episodes 51, 52, 53). Unfortunately, he can no longer continue as my co-host and won't be on the program with me after episode 53.

This episode features our great friend, Zohar Alon. Geek at heart. Cyber and Cloud pioneer. Will always be Ex-Check Point. Loves building companies (Dome9), now leading Cybereason Product and R&D. Investing in great companies like Firefly, Adaptive Shield, Tamnoon, Laminar, Argon, Safe Base and Descope. Giving back to young entrepreneurs as much as possible.

We're pleased to be on your screens and/or in your ears once again this week for episode 49 as we talk patent infringement with Orca Security and Wiz, the importance of identity, and we chat with Neatsun Ziv - CEO and cofounder of OX Security and learn about the world of #SupplyChainSecurity. Join us!

We're back this week with a brand-new episode! Grant Asplund and Patrick Pushor discuss this episode's cloud news, and then speak with Kenneth Foster about risk, leadership, and communication - all critical to understanding when moving at the pace of #cloud. We hope you join us!  

Thrilled to have Marina Segal, CEO and Co-Founder at Tamnoon join Patrick Pushor and me on Talking Cloud Podcast. In addition to our interview with Marina, we discuss the startling video from Center for Humane Technology, The A.I. Delima https://youtu.be/xoVJKj8lcNQ - IMHO - controlling GLLMMM based AI is OUR responsibility…Are we too late!? Please leave your comments!

Super excited for episode 46! Grant Asplund and Patrick Pushor are back to talk news and interview and fantastic guest in Frederick Kautz - Open Source, CNCF, and SPIFFE pro. We talk the importance of cloud-independent identity, the trend of platform vs point solution, and the collapse of Silicon Valley Bank . We hope you join us!

We're back and return to form in this week's show! Grant Asplund and Patrick Pushor dish the news, we have a fantastic guest in Chuck Brooks, and Startup Standup returns this week with Torq! We hope you enjoy it! Watch Episode #45 NOW! Subscribe today!!

Just when you thought you had us all figured out we go ahead and switch things up! We're back with late-night news, Amir Kaushansky of Armo as our guest, and ... a whole new feature in 'Ordinary Bob'. We hope you join us! Watch Episode #44 NOW! Subscribe today!!

Patrick and I are back with this week's news, Eric Kedrosky of Sonrai Security as our guest, and Spyderbat in our Startup Standup segment! We are getting our kinks worked out...We hope you tune in and subscribe! Watch Episode #43 NOW! Subscribe today!!   

We're back and super excited for our kick-off episode with actual content! And what content it is! We talk to Roland Cloutier, Global CSO for TikTok, and hear from Shira Shamban and Solvo in our Startup Standup segment. Come join us! Watch Episode #42 NOW! Subscribe today!! 

Well, I have good news and bad news... the bad news is, that we've been playing catch-up for a while since moving TalkingCloud Podcast to YouTube and expanding our segments to include a review of worthy news headlines, a unique industry guest, and Startup Standup, a fifteen-minute feature dedicated to allowing start-ups to come on the program and deliver whatever messages they want!!  The good news is, that I have a new Co-Host, Cloud SME, Patrick Pushor, and some amazing guests lined up! In this episode, (#41) Patrick and I discuss our new 'video' program and the new segments, and what you can expect in the coming episodes! Watch Episode #41 NOW! Subscribe today!! 

I feel incredibly fortunate having stumbled into the industry back in 1983. Needless to say, there have been numerous significant milestones and technological advancements in the last nearly four decades. In this episode my guest can claim the company he co-founded invented one of the most significant cyber security advancements and introduced IPS; heretofore only IDS was available. Marc Willebeek-LeMair was on the front lines of reshaping cyber security with in-line IDS. Now, with his new company SPYDERBAT, where he is founder and CEO, he's at it again.

It was episode 18 in October 2020 when we first had Shira Shamban, Co-Founder and CEO of Solvo on TalkingCloud. Back then, she and David had only recently launched their cloud security startup so, in this episode, we get to hear how much Shira and her team at Solvo have learned and, how much they have evolved and grown.

Supply chain breaches are in the headlines like never before...and seemingly increasing every day. Exacerbating the risks is the rapid and widespread increase in use of cloud including SaaS, code repositories and open-source code use. In this episode you'll hear Eran Orzel, Chief Revenue Officer (CRO) and Founding Member at Argon Security discuss the use cases they address and some of the unique aspects of the Argon solution.

In episode 37 I have the pleasure to speak with Sitaraman (Ram) Lakshminarayanan, Director, Security Architecture at Guardant Health...As you will hear, I find it easier to write Ram's name than to say it! :^D Ram has several years of experience as a security architect. His roots are in software development and this provides him with keen insights and understandings of the challenges in building and securing todays cloud native environments and applications. 

In this episode, we are introduced to "AccessOps" by the creator of the term and co-founder of stealth-startup Stack Identity. Venkat Raghavan discusses his current passion; addressing the challenges of access and access control in the cloud-native world. Today, virtually everything has an 'identity and these identities are given access to data. Not all of these are human. In fact, many are non-human including micro-services, functions, applications, and other assets. Regardless of their form, all 'identities' need to be managed. AccessOps is the new category Stack Identity has created to address this exploding cloud-native challenge. 

Well, it's taking a bit longer than I'd hoped but, I finally got the opportunity to sit down with one of the best cyber security professionals in the business. He's been at the same company for more than 20 years and has repeatedly reinvented himself and the cyber security offerings available from his employer. He has led the various cyber security practices of this giant telco since he first created them! I hope you enjoy episode #35 with my special guest, Terry Hect, Director, Security Center of Excellence at AT&T.

Nearly a decade ago Nick Lippis Co-Founded ONUG, and today the ONUG community has expanded to over 5,000 strong and continues growing.  In this episode, you'll hear Nick discuss the exciting project ONUG is spearheading to provide enterprises with, as he explains, critical and currently missing "...connective tissue..." for multi-cloud, hybrid deployments. You'll hear Nick explain their plans for a "cupcake, birthday cake, and wedding cake" and how you can get involved. To learn more about ONUG go to www.onug.net

If you've ever heard of Aston Martin and know, even a little, about cars you know, Aston Martin is not a typical automobile. The same could be said about their CISO; Robin is anything but typical. In our thirty-third episode, we travel across the pond (again) to the UK to talk with Robin Smith, Head of Cyber and Information Security. Hear why Robin quotes Einstein ("We can't solve problems by using the same kind of thinking we used when we created them.") and believes the problems and challenges we face in the cloud will take a new way of thinking...what he calls liquid thinking.

In episode 32, we speak with Mr. Joe Sullivan, and while you may not know or recognize his name, I'm betting every penny I have, you know one or more of his previous employers where he led cybersecurity. Ever heard of eBay, PayPal, Uber, or Facebook? Now at Cloudflare, Inc., Joe and I have a fun and engaging conversation covering numerous topics including zero trust, the good and bad of the internet, and the challenges securing today's hyper-connected computing environment.

In this episode, my conversation is with Sean Mcdermott, President & CEO, Founder RedMonocle | Windward Consulting Group. This recording of Talking Cloud is sure to not disappoint! With +24 years as a consultant, Sean offers several keen insights and considerations. You can learn more about Sean and his company, RedMonocle here: https://www.redmonocle.com/

For our 30th episode, we have a highly experienced cloud executive as our guest.  Mr. Dustin Milberg has nearly as many years in the industry as TalkingCloud has episodes. As the Field CTO, Dustin engages with executives every day discussing their journey to the cloud. Hear Dustin share his thoughts, insights, and recommendations and why he says migrating to the cloud is all about the journey, not the destination.  You'll also hear Dustin subtly remind me not everyone is familiar with an Etch-a-Sketch!

In episode 29 we have our first discussion with an executive from the university industry. John McClure is the Chief Information Security Officer at Laureate International Universities. As the CISO for an organization with tens of thousands of employees and hundreds of thousands of university students, John offers some interesting insights and considerations about our changing cyber-security landscape and the benefits realized as a result of the 'forced' digital transformation we've all been through.