Dr. Anton Chuvakin and Brandon Evans discuss why some organizations desperately try to follow the on-premises blueprint when securing the cloud, how to prevent Compliance from getting in the way of the evolution of IT Security, and what Anton is doing at Google Cloud to deal with the Shared Responsibility Model breaking in the real world. Our Guest - Dr. Anton Chuvakin Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books "Security Warrior", "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" and ""PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance"" (book website) and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and other books.  Resources mentioned in this episode Some ideas on compliance as code: https://cloud.google.com/blog/products/identity-security/risk-and-compliance-as-code  https://www.forbes.com/sites/googlecloud/2022/04/19/demystifying-shared-fate-a-new-approach-to-understand-cybersecurity/ https://cloud.google.com/blog/products/identity-security/8-megatrends-drive-cloud-adoption-and-improve-security-for-all Sponsor's Note: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube