Cloud security is one of the most talked-about issues in cybersecurity today—but are we talking about the right things? In the latest episode of the TechSpective Podcast, I sat down with Cristian Rodriguez, Field CTO for the Americas at CrowdStrike, to explore the evolving landscape of cloud threats and how defenders need to adapt. With over a decade at CrowdStrike and more than 20 years in the cybersecurity space, Cristian brings a seasoned perspective on how adversaries have shifted their tactics—and how security teams can respond effectively. The Comfort Trap of Posture Management A major theme of our conversation is the current overreliance on cloud security posture management (CSPM). While CSPM tools play a critical role in identifying misconfigurations, compliance gaps, and other baseline security issues, Cristian points out that they are inherently limited by their snapshot-in-time nature. They’re valuable for hygiene, but they don’t give you a dynamic view of what’s happening in your environment right now. And that’s a problem—because attackers aren’t waiting for your next scan. They’re actively probing, logging in with stolen credentials, and moving laterally through cloud environments in ways that traditional security tooling often fails to detect. Living Off the Land, Evolved for the Cloud We also touch on a concept many security professionals know well: “living off the land.” This is when attackers use legitimate tools and processes already present in an environment to evade detection. What’s changing, Cristian explains, is how these techniques are now being used within cloud-native services—hiding in plain sight within container workloads, serverless functions, and IAM policies. This shift demands a new level of runtime visibility. You can’t just know what resources exist and how they’re configured—you need to understand who is accessing them, when, from where, and why. Behavioral analysis, real-time anomaly detection, and identity-based insights are becoming table stakes in defending modern cloud architectures. AI as a Force Multiplier for the SOC Naturally, no conversation about modern cybersecurity would be complete without discussing AI. Cristian shares how CrowdStrike’s AI assistant, Charlotte, is changing the game for SOC analysts by helping them triage incidents faster, guide investigations, and even orchestrate responses across multiple systems using natural language commands. But AI isn’t just about automation—it’s about augmentation. AI doesn’t replace the analyst; it frees them up to focus on what really matters. In a world where adversaries can break out and cause damage in under an hour, that time savings is crucial. Preparing for What’s Next We also touch on what has become a focus for me. It is one of the biggest questions for the future of AI: What happens when the next generation of cybersecurity professionals enters the field having never worked without AI? If level-one SOC roles are increasingly automated, how do tomorrow’s defenders gain the experience needed to make critical decisions in high-stakes situations? It’s a thought-provoking discussion that blends current challenges with a forward-looking lens on where the industry is headed—and what that means for the people defending it. Tune In to Learn More If you're a security leader, cloud architect, SOC analyst, or anyone trying to keep pace with the changing threat landscape, this is a must-listen episode. We explore not just the threats themselves, but the mindset shift required to defend against them—and the technologies that can help tip the scales in our favor. Listen now on your favorite podcast platform or watch the full conversation on YouTube. Have thoughts on this episode or topics you'd like to see covered in future discussions? Let me know on LinkedIn—I’d love to hear what’s on your mind.