New Cloud Security Podcast Video: Kyle Poly on Building Operational Security Teams

In this new video from Cloud Security Podcast, guest Kyle Poly, Head of Security Operations at Perplexity, discusses the importance of building an operational security team before focusing on compliance. Kyle emphasizes that attackers and hackers do not wait for companies to become compliant before launching their attacks. He stresses that in the event of an incident, the first question asked is not about ISO or SOC 2 certifications, but rather what happened and what was compromised. Without a detection and response process, it is impossible to answer these crucial questions.

Kyle also addresses new threats related to AI, including prompt injection, where AI agents can be manipulated to perform unauthorized actions. He explains that engineers need to be aware of the security implications when writing prompts for AI agents, ensuring that these agents handle trusted and untrusted data differently. Kyle also mentions the importance of building a resilient and scalable operational security team, using modern and scalable infrastructures like Snowflake and robust APIs to manage massive volumes of data.

The discussion continues on the use of data lakes for detection and response, highlighting that traditional Security Information and Event Management (SIEM) systems are no longer suitable for modern cloud environments. Kyle advocates for the use of data lakes to centralize logs and security data, allowing for better contextualization and faster incident response. He also mentions the importance of sharing data lake infrastructures between security and data engineering teams to optimize resources and skills.

Kyle shares his enthusiasm for integrating AI into operational security teams, noting that AI can automate repetitive and tedious tasks, allowing teams to focus on higher-value activities. He also mentions the importance of defining a Minimum Viable Product (MVP) for AI integration in security teams, starting with simple use cases and gradually evolving to more complex scenarios.

Finally, Kyle discusses the practical implications of these concepts in the real world, emphasizing that security teams must be ready to adopt new technologies and methodologies to stay competitive. He concludes by sharing his optimism for the future of operational security, highlighting that AI and autonomous agents will play a crucial role in threat detection and response.

To learn more, watch the full video at the following address: https://www.youtube.com/watch?v=Z263N8FhR3A