
EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier
From Cloud Security Podcast by Google by Anton Chuvakin
April 20, 2026 · 29 min · Season 1 · Episode 273
About this episode
The episode discusses the implications of cloud security and AI on regulatory compliance and the challenges faced by CISOs.
Guest: Jeanette Manfra , VP, Head of Risk and Compliance, Google Cloud Topics: How does "outsourcing" security to the cloud change the intensity of the security vs. privacy struggle for a CISO? Does the centralization of cloud make it a bigger target for regulators, or is there a dimension we're missing? Does the Shared Responsibility Model actually survive contact with regulators, and how does AI complicate that boundary? Can AI actually automate the translation of fragmented rules into evidence, or are we just dreaming? How do we navigate the collision between transparency (logging everything) and privacy (recording nothing)? What is your one piece of practical advice for leaders helping their teams adopt AI? Resources: Video version EP14 Making Compliance Cloud-native EP161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud EP258 Why Your Security Strategy Needs an Immune System, Not a Fortress with Royal Hansen EP126 What is Policy as Code and How Can It Help You Secure Your Cloud Environment?
People in this episode
Host: Anton Chuvakin
Guest: Jeanette Manfra
Topics covered
- AI Assurance
- Concentration Risk
- Regulatory Compliance
- Cloud Security
- Shared Responsibility Model
- Privacy vs. Transparency
Keywords
- cloud security
- AI
- CISO
- regulatory compliance
- privacy
- Shared Responsibility Model
- transparency
- logging
- risk management
Mentioned in this episode
Organizations: Google Cloud, CISA, Google
Products: AI
Books & works: EP14 Making Compliance Cloud-native, EP161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud, EP258 Why Your Security Strategy Needs an Immune System, Not a Fortress with Royal Hansen, EP126 What is Policy as Code and How Can It Help You Secure Your Cloud Environment?
More episodes of Cloud Security Podcast by Google
- EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality · May 4, 2026 · 20 min
- EP274 AI, Zero Trust and Secure by Design Walk into a Bar... · April 27, 2026 · 30 min
- EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? · April 13, 2026 · 34 min
- EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess? · April 9, 2026 · 27 min
- EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security · April 6, 2026 · 27 min
- EP269 Reflections on RSA 2026 - Beyond AI AI AI AI AI AI AI · March 30, 2026 · 33 min
Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.