Goodpods logo
Goodpods

Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
Cloud Ace - Frank Kim: Navigating the Cloud Security Journey for Individual Contributors and Business Leaders

Frank Kim: Navigating the Cloud Security Journey for Individual Contributors and Business Leaders

10/05/22 • 43 min

Cloud Ace

Frank Kim, the Lead for the SANS Cloud Security and Security Leadership curriculums, joins Brandon Evans to discuss how these areas intersect, the role cloud technologies and vendors play in the People, Process, and Technology Framework, why developers who introduce security flaws today can become the security experts of the future, and the importance of staying curious about cloud trends like multicloud and DevOps.
Our Guest - Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Cybersecurity Leadership and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevSecOps Automation.

Follow Frank Kim

Twitter: https://twitter.com/fykim
LinkedIn: https://www.linkedin.com/in/frank-kim/
Web: https://www.sans.org/profiles/frank-kim/

Resources mentioned in this episode
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

plus icon
bookmark

Frank Kim, the Lead for the SANS Cloud Security and Security Leadership curriculums, joins Brandon Evans to discuss how these areas intersect, the role cloud technologies and vendors play in the People, Process, and Technology Framework, why developers who introduce security flaws today can become the security experts of the future, and the importance of staying curious about cloud trends like multicloud and DevOps.
Our Guest - Frank Kim

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Cybersecurity Leadership and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevSecOps Automation.

Follow Frank Kim

Twitter: https://twitter.com/fykim
LinkedIn: https://www.linkedin.com/in/frank-kim/
Web: https://www.sans.org/profiles/frank-kim/

Resources mentioned in this episode
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

Previous Episode

undefined - Introducing SANS Cloud Ace

Introducing SANS Cloud Ace

Welcome to the SANS Cloud Ace podcast. Our exciting podcast season 1 will be hosted by Brandon Evans, a SANS instructor and co-author of SEC510: Public Cloud Security: AWS, Azure, and GCP. We'll cover applicable information to use right away with topics such as how to move from on-prem to cloud, identity and access management, and more.

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

Next Episode

undefined - Anton Chuvakin: Remapping Mental Models in IT, Security, and Compliance for the Cloud

Anton Chuvakin: Remapping Mental Models in IT, Security, and Compliance for the Cloud

Dr. Anton Chuvakin and Brandon Evans discuss why some organizations desperately try to follow the on-premises blueprint when securing the cloud, how to prevent Compliance from getting in the way of the evolution of IT Security, and what Anton is doing at Google Cloud to deal with the Shared Responsibility Model breaking in the real world.

Our Guest - Dr. Anton Chuvakin

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019.
Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team.
Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books "Security Warrior", "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" and ""PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance"" (book website) and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and other books.

Resources mentioned in this episode
Some ideas on compliance as code: https://cloud.google.com/blog/products/identity-security/risk-and-compliance-as-code
https://www.forbes.com/sites/googlecloud/2022/04/19/demystifying-shared-fate-a-new-approach-to-understand-cybersecurity/
https://cloud.google.com/blog/products/identity-security/8-megatrends-drive-cloud-adoption-and-improve-security-for-all

Sponsor's Note:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcas

SPONSER NOTE:

Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Review and Download Cloud Security Resources: sans.org/cloud-security/

Join our growing and diverse community of cloud security professionals on your platform of choice:

Discord | Twitter | LinkedIn | YouTube

If you like this episode you’ll love
Aspen Ideas to Go

Aspen Ideas to Go

The Art of LiveOps

The Art of LiveOps

Geschichte ist Gegenwart! Der History & Politics Podcast der Körber-Stiftung

Geschichte ist Gegenwart! Der History & Politics Podcast der Körber-Stiftung

The Edtech Podcast

The Edtech Podcast

The CRM Sushi Podcast, With Inbound Marketing Expert Wes Schaeffer The Sales Whisperer®

The CRM Sushi Podcast, With Inbound Marketing Expert Wes Schaeffer The Sales Whisperer®

Episode Comments

Generate a badge

Get a badge for your website that links back to this episode

Select type & size
Open dropdown icon
share badge image

<a href="https://goodpods.com/podcasts/cloud-ace-215853/frank-kim-navigating-the-cloud-security-journey-for-individual-contrib-24205720"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to frank kim: navigating the cloud security journey for individual contributors and business leaders on goodpods" style="width: 225px" /> </a>

Copy