Security Operations, Reliability, and Securing Google with Heather Adkins

Guest: Heather Adkins, Sr Director, Information Security @ Google Topics: Your RSA presentation has 3 pillars: zero trust, microservices, automation/zero prod, is this all you need to be secure & reliable in the modern world? Let’s drill down again into the “secure and reliable” concept, are you sure that they are interrelated? Is there a risk that microservices could actually increase attack surface? What are the practical security upsides of “no touch production”?  SRE and DevOps revolutionized IT, can we expect a similar revolution for security? Where would it come from? Resources: “Building Secure and Reliable Systems” RSA 2021 presentation by Heather Adkins  “Building Secure and Reliable Systems” book (free) “Modern Threat Detection at Google” (ep 17) Google BeyondCorp Google BeyondProd NIST 800-27 “Zero Trust Architecture”

Om Podcasten

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.