In many ways, the human appetite for computing power is ever-growing. More computing power can be found in the cloud for our ever-growing thirst for power. But that’s still not enough.

Enter the next generation of computing power – quantum computing. Your host, Scott Emo, speaks with one of the world's few quantum computing and privacy experts, John O'Malley.

Scott and John discuss the difference between a regular computer vs a quantum computer, what q-bits are, problems in security due to quantum computing, and the quantum cloud.

We are joined by Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute and considered a pioneer in privacy auditing. 

He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. He was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was also appointed to two California State task forces on privacy and data security laws.

There has always been speculation that the global COVID-19 pandemic forced many IT departments into a scramble and forced the issue of many cloud application migration, often way earlier than planned to support ongoing business operations. But to what extent and to what benefit has always been a guess, until now. 

Anitian and The Ponemon Institute teamed up and implemented a study to help quantify exactly this. You can download the full report at  www.anitian.com/ponemon.

In this episode, we talk with Jacob Ansari, a Security Advocate at Schellman, where he leads the firm's security best practices advocacy. He develops and leads educational efforts on security practices, emerging threats, and security industry developments for both internal and external audiences. 

Jacob shares his experiences as a CISO and assessor as we talk with Jacob about topics such as:

• What is a Security Advocate?
• What it means to promote good security practices
• High-profile vulnerabilities such as Spring4Shell and Log4J
• Threats and concerns around cyber regarding the Russia/Ukraine conflict

Jacob also shares his thoughts on what's most critical for companies building applications in the cloud as well as interesting updates around the area of compliance.

Predicting the near future, especially in cloud security, can be fun and eye-opening. And that’s exactly what we intend to do on this episode. Tis’ the season for trends and predictions as we kick off the new year and we’re going to cover our own list of top predictions today on Security on Cloud. We welcome Dr. Michael J Savoie the President and CEO of HyperGrowth Solutions, a company specializing in the integration of business and technology, and also as a Clinical Professor in the Ryan College of Business at the University of North Texas to discuss the trends and predictions in cloud security.

Chief Security Advisor for Microsoft Azure, Mark McIntyre shares his experience in helping Microsoft's US government customers move confidently to the cloud while securing their legacy IT systems. Questions and Topics on this episode include:

• What are the driving forces behind organizations migrating for Microsoft Azure?
• What effect has the pandemic had on the speed of digital transformation regarding security?
• What do CISO teams need to think about in terms of defending an organization?
• What are the challenges and benefits that companies face with security as they move from a data center model to the cloud?
• What will be the impact of the President's executive order on cybersecurity?
• Are CISOs understanding the power of cloud-based machine learning and automation in security?

In this episode, Scott and John speak with veteran cybersecurity venture capitalist Sean Cunningham, Managing Director at ForgePoint Capital. With over 25 years of cybersecurity VC investment experience, as well as 25 startups and 18 successful exits, Sean shares how he started his VC career and his thoughts on what’s “hot” in the cloud security and enterprise security spaces today.  Sean also discusses the effects of the pandemic and how its impact on the trends in the cloud security market. Scott and John have Sean dive into how ForgePoint Capital is more than just the venture arm for startups, and how they actually help build them. Lastly, Sean shares personal confessions of the "do's and don'ts" for companies who are seeking VC funding. A must-listen episode!

In this episode, we are joined by the well-known white-hat hacker Robert Hansen of Bit Discovery. As a 26-year veteran in the computer security industry and known by insiders as @RSnake, Robert shares how he became a security researcher and white-hat hacker.

As a white-hat hacker at SecTheory he hacked into the back ends of over 21 hundred banks, credit card processors, flight control systems, and SCADA control networks.

We discuss some of the biggest security issues in the cloud as well as get Robert's take on the move to zero-trust in the cloud.

We also get insight from Robert on questions like:

• How does he see cloud security differing from the old data center model?
• Does he think the CI/CD build environment is a new attack vector of focus for 2021?
• Is he seeing people still move to the cloud, especially after 2020?
• For a threat researcher, what would he do to protect his cloud environment if you had one?

Tune in for this fascinating discussion about current security concerns and issues that could affect you when moving and securing your apps in the cloud.

There is uncertainty around the Cybersecurity Maturity Model Certification or CMMC. Tony Bai joins John and Scott to explain the CMMC framework, its importance, and why it’s being introduced.

Learn what CMMC compliance is, what the requirements are, how it compares to NIST 171, and who needs to obtain CMMC certification.

Tony gives insight into how CMMC applies to Controlled Unclassified Information (CUI) and the requirements by the Department of Defense (DoD). Learn about the various levels of CMMC the assessment process for certification.

Richard Stiennon, Chief Research Analyst with IT-Harvest and industry executive, joins the podcast.

Richard gives insight on some of the bigger and most known data attacks in reference to what we are learning for future avoidance.

What are some of the security lessons that we’ve learned from these attacks? On both the supplier side as well as the consumer side.

Are current verification methods sufficient to assure security from attacks?

Scott dives into Richard’s recent publishings including the Forbes article “There is No Cloud Security Segment” and his book the Security Yearbook 2020

John asks Richard about automating security in the Cloud. What if there was a completely engineered security environment that handled security in an automated way?

We discuss “What is true cloud security” and how can companies move this security to the cloud.

Richard gives insight into what needs to happen next to see larger security models fully deployed in the cloud.

Richard shares thoughts on the overlap of so many security vendors. Are they doing the same thing or is there something different?

Security on Cloud explores the ups and downs, and ins and outs of cloud security like no other podcast. Hear interviews with industry heavyweights, analysts, and technologists in the cloud security and compliance space.

You can receive the insights you need to navigate security and compliance in this new cloud-driven world. Also, hear about high-level trends that face the cloud security industry that you need to be on top of to stay ahead. How to deal with compliance nightmares, how the whole process works and some tips and tricks to make your journey smoother.