Lawfare Daily: What Can Be Done to Improve Cloud Security with Maia Hamin, Trey Herr, and Marc Rogers
The Lawfare Podcast
The Lawfare Institute
4.7 • 6.4K Ratings
🗓️ 20 June 2024
⏱️ 58 minutes
🔗️ Recording | iTunes | RSS
🧾️ Download transcript
Summary
The Cyber Safety Review Board’s (CSRB) report on the Summer 2023 Microsoft Exchange online intrusion sheds light on how a series of flaws in Microsoft’s cloud infrastructure and security processes allowed a hacking group associated with the People’s Republic of China (PRC) to strike the “equivalent of gold” in accessing the official email accounts of many of the most senior U.S. government officials managing the U.S. government’s relationship with the PRC. Lawfare Senior Editor Stephanie Pell sat down Maia Hamin, Associate Director with the Atlantic Council’s Cyber Statecraft Initiative; Trey Herr, Assistant Professor of cybersecurity and policy at American University’s School of International Service and Director of the Cyber Statecraft Initiative at the Atlantic Council; and Marc Rogers, Co-Founder and Chief Technology Officer for the AI observability startup nbhd.ai, to discuss their recent Lawfare piece about the CSRB’s report and the lagging state of cloud security policy. They talked about ways to improve cloud service provider transparency, other investigative and regulatory tools that could facilitate better cloud security, and their thoughts on Microsoft’s response to the CSRB’s report.
To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/c/trumptrials.
Support this show http://supporter.acast.com/lawfare.
Hosted on Acast. See acast.com/privacy for more information.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | The following podcast contains advertising. |
| 0:04.0 | To access an ad-free version of the Lawfair Podcast, |
| 0:08.0 | become a material supporter of Lawfair at Patreon.com slash Lawfair. That's Patreon.com |
| 0:16.4 | slash Lawfair. Also check out Lawfair's other podcast offerings, rational security, chatter, lawfare no bull, and the aftermath. |
| 0:31.0 | And many companies were, I would say, sold a story that Cloud could provide a lot more than it can actually provide. |
| 0:41.0 | It's the Law Fair Podcast. |
| 0:44.0 | I'm Stephanie Pell, senior editor at Law Fair. |
| 0:47.1 | With Maya Hammond, associate director |
| 0:49.6 | at the Atlantic Council's Cyber State Craft Initiative, Trey Her, Assistant Professor of Cybersecurity |
| 0:56.2 | and Policy at American University's School of International Service, and Director of the |
| 1:01.5 | Cyber State Craft Initiative at the Atlantic Council, |
| 1:05.0 | and Mark Rogers, co-founder and Chief Technology Officer for the AI Observability Start startup neighborhood. |
| 1:14.0 | Allowing folks to compete on security and actually make good security practice a |
| 1:18.7 | competitive differentiator is something that is a huge carry-up. The big chunks of the industry that will cost the federal |
| 1:24.8 | government nothing. Today we're talking about cloud security, the Cyber Safety Review Board |
| 1:32.0 | or CSRB's report on the Summer |
| 1:35.0 | 2023 Microsoft Exchange online intrusion and lagging cloud policy. |
| 1:41.0 | Maya, Trey, and Mark, you published a lawfare article about cloud security in light of the |
| 1:48.1 | Cyber Safety Review Board's report on the Summer 2023 Microsoft Exchange Online Intrusion. |
| 1:57.0 | Before we get into the substance of the report, |
| 2:00.0 | can you talk about the growth and role that cloud services have come to play in our digital ecosystem over the last 10 years? |
| 2:09.0 | And why cloud security is so critical? |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from The Lawfare Institute, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of The Lawfare Institute and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.