
EP274 AI, Zero Trust and Secure by Design Walk into a Bar...
From Cloud Security Podcast by Google by Anton Chuvakin
April 27, 2026 · 30 min · Season 1 · Episode 274
About this episode
The episode discusses the momentum of the Secure-by-Design movement and its implications for identity and AI in security.
Guest: Grant Dasher, ex-CISA, ex-Google, Distinguished Engineer, Google (again) Topics: Why is the "Secure-by-Design" movement gaining so much momentum now, and is it a response to the failure of "bolted-on" security, or just a natural evolution of cloud maturity? In a future Secure-by-Design world, is identity the only perimeter that actually matters anymore? Or is this a cliche? As we move toward a world of autonomous agents, how does our approach to machine identity need to change? Are we just talking about more complex Service Accounts, or do we need a fundamental shift in how we authorize "intent" What is your advice to people who want to move fast and cannot wait for Secure by Design / Default AI to be decided by consensus or IETF, NIST or OASIS committee? We love the argument that modern AI agents are effectively repeating the mistakes of 1960s payphones - mixing the data plane and the control plane. What is your rebuttal? How do we build "Agentic Security" that doesn't fall for 60-year-old traps? Customers are torn between their Zero Trust implementations and their AI adoption. Is Zero Trust now "legacy," or is it the prerequisite for everything we're trying to do with AI…
People in this episode
Host: Anton Chuvakin
Guest: Grant Dasher
Topics covered
- Secure-by-Design
- Zero Trust
- AI adoption
- machine identity
- Agentic Security
- cloud maturity
Keywords
- Secure-by-Design
- Zero Trust
- AI agents
- machine identity
- cloud security
- authorization
- Service Accounts
Mentioned in this episode
Organizations: CISA, Google, IETF, NIST, OASIS
More episodes of Cloud Security Podcast by Google
- EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality · May 4, 2026 · 20 min
- EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier · April 20, 2026 · 29 min
- EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? · April 13, 2026 · 34 min
- EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess? · April 9, 2026 · 27 min
- EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security · April 6, 2026 · 27 min
- EP269 Reflections on RSA 2026 - Beyond AI AI AI AI AI AI AI · March 30, 2026 · 33 min
Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.