Cloud Security Today artwork

What (actually) Works In Cloud Security

Cloud Security Today

English - September 21, 2021 16:00 - 37 minutes - 25.8 MB - ★★★★★ - 13 ratings
Technology devsecops cloud security cloud aws azure google supply chain Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Putting the Sec in DevOps
Next Episode: Innovating at the Speed of Relevance

Some of the most pertinent issues in cloud security are also very foundational. Questions like where to start, what works, and also what doesn’t work, can leave teams feeling frustrated and at a loss over how to proceed. Here to help us unpack these important questions is Jonathan Villa, the Cloud Security Practice director at GuidePoint Security.

Jonathan’s career wasn’t always in security, he has spent time as an application developer, and as a pentester. All of this led him to build solutions in the cloud over a decade ago which organically transitioned into cloud security. In our conversation with Jonathan, we discuss what he learned about cloud security throughout his career, what he has found to be effective, both in terms of technology and managing teams. We explore important issues like how security has struggled with automation and how to address it. Later we address the challenges facing talent development in security and how to address them, including having leadership take a more long-term view and training junior staff members. Jonathan also discusses the RACI model, why so many companies struggle to implement it correctly and how best to be effective. Today’s episode offers key insight into cloud security, leadership, and the importance of teams, so make sure you tune in today!

Jonathan's LinkedIn profile

“I think that if security organizations really look to build more, they may attract more talent with development experience.” — Jonathan Villa [0:08:07]

“When you look at the average tenure of a CISO, I don't know what it is now, it's like two years or something like that. It's like, how do you build a long-term talent development model if the leaders themselves are gone every two years?” — Jonathan Villa [0:20:39]

Secure applications from code to cloud.
Prisma Cloud, the most complete cloud-native application protection platform (CNAPP).

Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.