Guests:
- Kelli Vanderlee, Senior Manager, Threat Analysis, Mandiant, Google Cloud
- Scott Runnels, Mandiant Incident Response, Google Cloud
Topics:
Topics covered:
- Do we need to rethink "Mean Time to Respond" entirely, or are we just in deep trouble?
- Why are threat groups collaborating so well, and are there actual lessons for defenders in their "business" model?
- What is the scalable advice for teams worried about voice phishing and GenAI cloning?
- What does "weaponizing the administrative fabric" actually mean in a world where identity is the perimeter?
- Why is identity/SaaS compromise "news" in 2026 when cloud security folks have been shouting about it for years? What actually changed?
- What’s the latest in supply chain compromise, particularly regarding malicious open-source packages?
- How do we defend against malware that is "lazy" enough to use the victim’s own AI tools for reconnaissance?
- What is the specific advice for Detection and Response (D&R) teams to handle "living off the land" (or "living off the cloud")?
- How do you fix the situation when IT and Security departments genuinely hate each other?
- Besides reading the report, what is the one book or piece of advice for a CISO to survive this year?