Welcome to the latest edition of Cloud CISO Perspectives for March 2026. In this issue, Nick Godfrey highlights his conversation with Francis deSouza at the RSA Conference, focusing on innovative security strategies.
RSAC '26: Security in a Digital Future
By Nick Godfrey, Senior Director, Office of the CISO
During the RSA Conference, I engaged with Francis deSouza, Google Cloud’s COO, about the pressing questions surrounding security in a digital age. We discussed how traditional security measures are inadequate against modern threats and the need for a proactive approach.
Three Stages of Organizational Transformation
Organizations adopting new technologies typically progress through three stages:
- Automate tasks: Implementing technology to handle repetitive tasks.
- Redesign workflows: Utilizing technology to manage comprehensive processes.
- Rethink functions: Completely transforming departmental operations, such as security operations.
DeSouza emphasized the necessity for a workforce that is proficient in both their specific roles and the technologies they employ.
Securing New Digital Landscapes
As organizations increasingly rely on digital solutions, protecting critical assets such as data and operational models becomes essential. We are observing a rise in threats like model extraction attacks, which pose significant risks to organizations.
Utilizing advanced tools, we have seen a reduction in investigation times for complex alerts, demonstrating the effectiveness of our security measures.
The Evolving Threat Landscape
Threat actors are leveraging new technologies in several ways:
- Empowering less-skilled individuals to execute sophisticated attacks.
- Utilizing advanced techniques to enhance existing methods.
- Increasing the speed and scale of attacks.
These developments highlight the need for organizations to adapt their security strategies continuously.
Defensive Strategies
Despite the challenges posed by modern threats, there are opportunities for defenders:
- Leveraging technology to enhance security measures.
- Implementing comprehensive identity management strategies.
- Utilizing contextual insights to improve threat detection.
Organizations must embrace a proactive stance to effectively manage the growing volume of threats.
Key Announcements from RSA Conference
Several significant updates were shared at the conference:
- Wiz Acquisition: Google has finalized its acquisition of Wiz, enhancing our security offerings.
- Mandiant Research: New insights from Mandiant’s reports provide valuable information on current threats.
- Threat Intelligence Initiatives: The introduction of the Disruption Unit aims to strengthen defenses against malicious actors.
For more detailed insights and updates from the RSA Conference, please refer to our blog.
Latest Security Updates
Stay informed about the latest developments in security practices and technologies. Key topics include:
- Building effective red teams to prepare for various attack scenarios.
- Governance strategies to mitigate risks associated with shadow technologies.
- Innovative approaches to securing AI systems and data.
