Screaming in the Cloud

• The Latest on Microsoft Security with Ann Johnson

  Microsoft has its fingers in a lot of pots, but just how secure are said pots? On this episode, Corey is joined by Ann Johnson, Corporate Vice President and Deputy CISO of Microsoft's Customer Security Management Office. Ann talks about her 40-year professional journey and how it's culminated in her current role. Corey is known to “punch up” at the big guys in the tech industry, but he and Ann talk about the challenges of corporate leadership and being a public face in such a prominent company. Since it’s 2025, of course, they’re going to talk about AI’s pros and cons (and why it shouldn’t be used to make art).Show Highlights(0:00) Intro(0:51) The Duckbill Group sponsor read(1:25) What Ann's been up to since she and Corey last spoke (2:29) The makeup of Microsoft Security(4:28) The unique company culture at Microsoft(8:42) What's going on with Microsoft Azure(10:31) How Ann handles the immense pressure of working in Microsoft Security(14:13) The toxic nature of online criticism(19:57) The Duckbill Group sponsor read(20:24) The value of telling your leaders the truth(23:31) Ann's thoughts on the current state of AI(28:44) Properly defining what AI can and can't do(30:54) Why Ann helps fund multiple STEM scholarships(32:16) The need for the humanities alongside tech(33:38)  Where you can find more from Ann JohnsonAbout Ann JohnsonAnn Johnson is Corporate Vice President and Deputy CISO at Microsoft. In this role, Ann drives all external engagement for the Microsoft Office of the CISO. She is a long-tenured, recognized thought leader on cybersecurity, published author, and a sought-after global speaker and digital author specializing in cyber resilience, online fraud, cyberattacks, compliance, and security. Ann challenges traditional schools of thought and cyber-norms–from the way the tech industry tackles cyber threats to the language it uses to communicate–and encourages the industry to get outside its comfort zones and expand how it addresses the evolving threat landscape with the power of technology and people. As a global cybersecurity leader and strategist, she is looking ahead at how today’s cybersecurity investments will impact tomorrow’s cybersecurity reality.  Ann currently serves on the Board of Directors of N-Able, Human Security, Datavant, and is Member of the Board of Advisors for Cybersecurity Center of Excellence, WA and the Signal Cyber Museum Society. Ann is also an Executive Sponsor of the Microsoft Women in Cybersecurity Group.LinksAnn Johnson’s LinkedIn: https://www.linkedin.com/in/ann-johnsons/Microsoft Security: https://www.microsoft.com/en-us/securityAfternoon Cyber Tea: afternooncybertea.comSponsorThe Duckbill Group: duckbillgroup.com

  --------  

  35:03
• Finding Engineers with Empathy with Lili Rogowsky

  If you believed, they put a data center on the moon. No, for real, they did, and it’s partially thanks to Lili Rogowsky, partner at Atypical Ventures. Lili joins Corey to discuss her unconventional leap from law to venture capital. Although she made a sharp turn career-wise, Lili remains grounded in the often heartless world of venture capital—highlighting the importance of empathy and technical prowess in founding successful enterprises. Out of all resources, time carries the heftiest price tag, and this half-hour episode is a low-risk, high-yield investment.Show Highlights(0:00) Intro(1:12) The Duckbill Group sponsor read(1:46) How Corey (kinda) met Lili(3:38) What attracted Corey to Atypical Ventures(5:58) How Atypical helped put a data center on the moon(8:34) VC “done right”(9:59) What led Lili to run a VC firm(13:43) Quitting jobs until you find something you like(16:28) The Duckbill Group sponsor read(16:54) The value of sharing your time(21:44) Risk assessment, well-dressed horses, and punching up in comedy(24:44) The importance of humility in life and business(29:15) Where you can find more from Lili and Atypical VenturesAbout Lili RogowskyLili is a dynamic investor, attorney, advisor, and entrepreneur. She is a partner at Atypical Ventures, an early-stage fund that identifies and invests in “engineers with empathy” working on plausible science fiction. A voracious reader driven by her curiosity and love of type 2 fun, Lili’s experience includes (in no particular order) mountaineering, visual arts, marine science, founding a law firm, cave/ shark diving (not necessarily at the same time), data privacy/ security, gardening, recruiting, battling NYC rats that eat her car, and interplanetary internet.LinksAtypical Ventures: atypical.com Email Lili: [email protected] SponsorThe Duckbill Group: duckbillgroup.com

  --------  

  30:42
• Making Dropping and Sharing Easy with Timo Josten

  Dropping and sharing files should be easy. What a novel idea. On this episode, Corey speaks with Timo Josten, the sole developer behind Dropshare. We bring up the fact that he’s the only guy working on it because the tool is quite impressive! Corey loves it and so does an entire community of folks on Github! Together, they discuss the evolution and functionality of Dropshare. Timo also shares how he balance of enhancing Dropshare, emphasizing user feedback, and customization options, all while offering feature updates and maintaining sustainability. Show Highlights(0:00) Intro(1:06) The Duckbill Group sponsor read(1:39) What does Dropshare do? (6:10) Dropshare's impressive flexibility and dedicated community(10:27) How Timo landed on Dropshare's business model(12:38) What's new in Dropshare 6?(16:09) The Duckbill Group sponsor read(16:36) Determining what should be an update or part of the next version of Dropshare(18:30) Dropshare’s iOS app(21:04) The perks of being able to configure deletion in Dropshare(25:45) Dropshare's thriving GitHub community(29:26) Where you can find more from Timo and DropshareAbout Timo JostenTimo Josten is the developer of Dropshare, the macOS and iOS app to upload anything anywhere.LinksTimo’s LinkedIn profile: https://www.linkedin.com/in/timo-josten-493962185/Timo’s personal website: https://josten.ioDropshare: https://dropshare.app/shitposting.pictures SponsorThe Duckbill Group: duckbillgroup.com 

  --------  

  30:31
• “Just in Case” vs. “Just in Time” with Aditya Bhargava

  How you learn is important. Corey Quinn is joined by Aditya Bhargava, a Staff Software Engineer at Etsy and the author of Grokking Algorithms. They talk about the nuances of technical learning and the contrasting philosophies of "just in time" versus "just in case" learning. In this episode, Aditya emphasizes the importance of effective teaching methods and the value of incorporating fun things like drawings into technical explanations. This approach also bleeds into his illustrated Substack, DuckTypes. As Corey and Aditya discuss, a good, informative book doesn’t need to drag on, and this quick, insightful, 30-minute conversation is no different.Show Highlights(0:00) Intro(1:24) The Duckbill Group sponsor read(1:58) Corey's admiration for Aditya's writing(5:40) How Aditya clearly explains AWS networking(8:06) “Just in case” vs. “just in time”(10:15) Why business books don't need to be hundreds of pages long(14:19) Reading for pleasure vs. reading for work(16:57) The Duckbill Group sponsor read(17:24) Explaining Aditya's book on algorithms(20:07) The great editor behind Aditya's book(22:20) DuckTyped and how Aditya got into AWS networking(25:16) Where networking folks fall in the era of the cloud(28:12) The importance of staying up-to-date in your field(31:46) Where you can find more from AdityaAbout Aditya BhargavaAditya Bhargava is a Software Engineer with a dual background in Computer Science and Fine Arts. He blogs on programming at adit.io.LinksAditya’s blog: https://www.adit.io/Grokking Algorithms, Second Edition: https://www.manning.com/books/grokking-algorithms-second-editionDuckTyped: https://www.ducktyped.org/Last Skeet in AWS: https://lastskeetinaws.com/SponsorThe Duckbill Group: duckbillgroup.com 

  --------  

  32:51
• The Current State of Cloud Security with Crystal Morin

  Sysdig’s 2025 Cloud-Native and Security Usage Report is hot off the presses, and Corey has questions. On this episode, he’s joined by Crystal Morin, a Cybersecurity Strategist at Sysdig, to break down the trends of the past year. They discuss Sysdig’s approach to detecting and responding to security and the success the company has seen with the rollout of Sysdig Sage (an AI product that Corey thinks is actually useful). They also chat about what’s driving a spike in machine identities, practical hygiene in cloud environments, and the crucial importance of automated responses to maintain robust security in the face of increasingly sophisticated cyber threats.Show Highlights(0:00) Intro(0:39) Sysdig sponsor read(2:22) Explaining Sysdig's 5/5/5 Benchmark(4:06) What does Sysdig's work entail?(10:03) Cloud security trends that have changed over the last year(14:30) Sysdig sponsor read(15:16) How Sysdig is using AI in its security products(19:09) How many users are adopting AI tools like Sysdig Sage(25:51) The reality behind the recent spike of machine identities in security(29:24) Handling the scaling of machine identities(35:37) Where you can find Sysdig's 2025 Cloud-Native and Security Usage ReportAbout Crystal MorinCrystal Morin is a Cybersecurity Strategist with more than 10 years of experience in threat analysis and research. Crystal started her career as both a Cryptologic Language Analyst and Intelligence Analyst in the United States Air Force and as a contractor for Booz Allen Hamilton, where she helped develop and evolve their cyber threat intelligence community and threat-hunting capabilities. In 2022, Crystal joined Sysdig as a Threat Research Engineer on the Sysdig Threat Research Team, where she worked to discover and analyze cyber threat actors taking advantage of the cloud. Today, Crystal bridges the gap between business and security through cloud-focused content for leaders and practitioners alike. Crystal’s thought leadership has been foundational for pieces such as the “2024 Cloud-Native Security and Usage Report” and “Cloud vs. On-Premises: Unraveling the Mystery of the Dwell Time Disparity,” among others.LinksSysdig’s 2025 Cloud-Native and Security Usage Report: https://sysdig.com/2025-cloud-native-security-and-usage-report/Sysdig on LinkedIn: https://www.linkedin.com/company/sysdig/Crystal’s LinkedIn: https://www.linkedin.com/in/crystal-morin/SponsorSysdig: https://sysdig.com/

  --------  

  36:46

Weitere Technologie Podcasts

Trending Technologie Podcasts

Über Screaming in the Cloud

Screaming in the Cloud: Zugehörige Podcasts