EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?

Guest: Maxime Lamothe-Brassard,  Founder @ LimaCharlie Topics: What does an engineering-centric approach to cybersecurity mean? What to tell people who want to "consume" rather than "engineer" security? Is “engineering-centric” approach the same as evidence-based or provable?  In practical terms, what does it mean to adopt an "engineering-centric approach" to cybersecurity for an organization?  How will it differ from what we have today? What will it enable? Can you practice this with a very small team? How about a very small team of “non engineers”? You seem to say that tomorrow's cybersecurity will look a lot like software engineering. Where do we draw the line between these two? Resources: Atomic Red Team Sigma rules/content LimaCharlie blog 8 Megatrends drive cloud adoption—and improve security for all The Cybersecurity Defenders Podcast

Om Podcasten

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.