EP145 Cloud Security: Shared Responsibility, Shared Fate, Shared Faith?

Guest: Jay Thoden van Velzen, Strategic Advisor to the CSO, SAP  Topics: What are the challenges with shared responsibility for cloud security? Can you explain "shared" vs "separated" responsibility? In your article, you mention “shared faith”, we have “shared fate”, but we never heard of shared faith. What is this? Can you explain? What about the cloud models (SaaS, PaaS, IaaS), how does this sharing model differ? While at it, what is cloud, really? [yes, we really did ask this!]  Resources: LinkedIn post and  Blog EP132 Chaos Engineering for Security: How to Improve Software Resilience with Kelly Shortridge “Security Chaos Engineering” book Shared responsibility failures blog Shared fate at Google Cloud (also see blogs one and two) National Cyber Security strategy

Om Podcasten

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.