Building your cybersecurity product’s data platform to automatically process massive volumes of data and deliver high-speed search, rich contextual insight, threat detection, and context-aware response automation can be difficult, even with modern day data lakes. One option to avoid the challenges of data lakes and enable your engineers …

Dev : "I need that library's functionality for the new feature!" Sec : "I can't approve it if I don't know that it's safe to deploy!" Dev : "And when will we know?" Sec : "My queue is 11 weeks long...." The most contentious conversations between security and development teams often involve the …

Open ecosystems and collaborative partnerships matter, particularly with cloud infrastructure solutions. Google Cloud maintains a robust partner ecosystem that encourages companies like file-data-services provider Nasuni to create innovative solutions that run on its infrastructure. Partners can leverage what Google Cloud has built and advanced over many years to offer …

While technology organizations seem to be in agreement regarding the necessity of well-structured Identity and Access Management (IAM) for securing their cloud deployments, they’re often ill-prepared for the level of effort required. Putting your house in order is hard: think of IAM as the blueprint for building a …

Welcome to the first Cloud CISO Perspectives for April 2023. This is our first month moving to a twice-monthly cadence, with a guest column at the end of April from my friend and colleague, Kevin Mandia. Today, I’d like to talk about the newest report from the Google …

Content production is increasingly happening in the cloud. While moving a creative process that spans three centuries into the modern era brings challenges and risks, MovieLabs is one organization that takes digital transformation seriously. A nonprofit research and development group founded by a consortium of the major Hollywood studios …

Threats to the software supply chain and open source software (OSS) security continue to be major areas of concern for organizations creating apps and their developers. According to Mandiant’s M-Trends 2022 report, 17% of all security breaches start with a supply chain attack, the initial infection vector second …

Digital transformation is now a strategic imperative for organizations across every industry. For governments and regulated businesses, moving services to the cloud poses a unique set of challenges. As a vital enabler of transformation, the cloud can unlock innovation and help keep pace with the accelerating pace of digital …

Google Public Sector has completed the process with Florida Department of Law Enforcement (FDLE) to ensure Google Cloud supports the requirements necessary to store, process, and support criminal justice information (CJI). As part of this process, Google Public Sector worked with FDLE to conduct physical audits of facilities nationally …

Firewall Insights helps you understand and optimize your Cloud Firewall rules by providing insights, recommendations, and metrics about how your firewall rules are being used. We are excited to announce new enhancements for Firewall Insights that support hierarchical firewall policies and network firewall policies. These enhancements are now generally …

When it comes to creating and deploying cloud infrastructure on Google Cloud, more organizations are using CrossGuard from Pulumi. This policy-as-code offering lets you set guardrails to enforce compliance for resources, so you can provision your own infrastructure while sticking to best practices and baseline your organization’s security …

In 2016, Google’s "X", the moonshot factory, began working on a project aimed to take on cybersecurity. The belief that we could increase the speed and impact of security teams if it were much easier, faster, and more cost-effective for them to capture and analyze security-related clues from …

Data is one of the most important assets of any enterprise. It is essential for making informed decisions, improving efficiency, and providing a competitive edge. However, managing data comes with the responsibility of preventing data misuse. Especially in regulated industries, mishandling data can lead to significant financial and reputational …

In a previous blog post, we introduced how multi-party computation (MPC) can help reduce risk from single points of compromise and can facilitate instant, policy-compliant digital asset transactions. One of the quickest and easiest ways companies can implement MPC solutions is with Google Cloud's Confidential Space. This solution offers …

Welcome to Cloud CISO Perspectives for March 2023. The Biden-Harris Administration released its National Cybersecurity Strategy on March 2, so this month I’d like to discuss how the strategy aligns with our approach to security at Google Cloud. While the strategy is intended to guide American cybersecurity efforts …

Measuring the effectiveness of security operations programs can be challenging. Since time is of the essence when it comes to effective threat detection and response, one metric that is commonly used by security operations teams is service level agreements (SLAs). SLAs define the desired amount of time it should …

Today, we are happy to announce that Confidential Space is Generally Available. Confidential Space builds on our Confidential Computing portfolio. It provides a secure enclave, also known as a Trusted Execution Environment (TEE), that our Google Cloud customers can leverage for privacy-focused use cases such as joint data analysis …

Financial services institutions increasingly rely on external service providers for a variety of technology-related services, including cloud computing. This trend materialized as firms recognized the value in focusing on their core competencies while using third party solutions to gain business, operational, security, resiliency, and other efficiencies. As the financial …

Google Cloud offers a clever way of allowing Google Kubernetes Engine (GKE) workloads to safely and securely authenticate to Google APIs with minimal credentials exposure. I will illustrate this method using a tool called kaniko. What is kaniko? kaniko is an open source tool that allows you to build …

Cloud Audit logs serve a vital purpose in Google Cloud by helping customers meet their compliance and security requirements. Log Analytics, a recent feature addition to Cloud Logging, brings new capabilities to search, aggregate and transform logs at query time using the power of SQL. Together with predefined queries …

AI is having a transformative moment and causing profound shifts in what’s possible with technology. It has the power to unlock the potential of communities, companies, and countries around the world, bringing meaningful and positive change that could improve billions of peoples’ lives. Similarly, as these technologies advance …

As cloud environments scale and evolve based on changing business priorities, security teams may struggle to understand where their biggest risks are and where to focus their security controls. Some cloud security products have begun to incorporate attack path analysis to address this prioritization problem. Attack path analysis is …

To help organizations confidently move their sensitive data to the cloud, Google Cloud works diligently to earn and maintain customer trust. Our Trusted Cloud is committed to giving you a secure foundation that you can verify and independently control. Discovery and protection of sensitive data are integral parts of …

Digital sovereignty continues to be a top priority for organizations working to advance or begin their digital transformation efforts. Over the past few years, Google Cloud has worked extensively with customers, partners, policy makers and governments around the world to understand evolving sovereignty requirements. In Europe, this has resulted …

Over the past few years, Google has observed that distributed denial-of-service (DDoS) attacks are increasing in frequency and growing exponentially in size. Google Cloud customers have been using Cloud Armor and leveraging the scale and capacity of Google’s network edge to protect their environment from some of the …