Two themes have been resonating for me across the security industry over the last month. The first is a topic from my personal blog that I wrote more than two years ago: Resilience is about Capabilities not Plans. Collectively, organizations have proven their ability to be resilient in light …
Prior to joining Google Cloud, I spent 20 years in the public sector serving in various security roles, most recently as the head of the cybersecurity division at the newly established Cybersecurity and Infrastructure Security Agency (CISA). I was responsible for delivering services and capabilities to about 100 civilian …
We’re excited to announce an enhancement of our preview of Certificate Manager which allows Google Cloud customers to acquire public certificates for their workloads that terminate TLS directly or for their cross-cloud and on-premise workloads. This is accomplished via the Automatic Certificate Management Environment ( ACME ) protocol which is …
Last week, the European Commission and U.S. Government agreed on a new E.U.-U.S. data transfer framework. Earlier today, Google shared that it welcomes these efforts by the U.S. government to enhance privacy protections for E.U. data and facilitate trusted transatlantic data flows. For …
When technology just works, it's easy to trust. But too often, we place our trust in technology that doesn’t deserve it. When we do this with technology to provide healthcare, we put the safety of patients and the security and reliability of our global healthcare system at risk …
At the end of 2021, we announced the ability for Google Cloud Certificate Authority (CA) Service to issue certificates for workloads reflecting their federated identities, even if the workloads are hosted on-premises or in other clouds. We are excited to announce this capability is now generally available, advancing our …
We recently held our first Google Cloud Security Talks event of 2022. The event focused on all things security operations (SecOps) across on-premises, cloud and hybrid environments. We shared product updates across the portfolio and talked about how threat detection, investigation and response fits into our invisible security vision …
With today’s rapidly escalating threat landscape, it is important that our customers have access to relevant context across their entire IT stack, whether it’s in the cloud, on-premise, or a combination of both, while responding to malicious threats. An alert in isolation does not provide sufficient information …
As more organizations embrace the principles of Autonomic Security Operations, we continue to research and develop new initiatives that can simplify the adoption of a continuous detection and continuous response (CD/CR) workflow for Security Operations teams. To this end, we’re excited to announce Community Security Analytics (CSA …
reCAPTCHA Enterprise is Google’s online fraud detection service that leverages over a decade of experience defending the internet. reCAPTCHA Enterprise can be used to prevent fraud and attacks perpetrated by scripts, bot software, or humans. When installed on a web page at the point of action, such as …
We launched our Autonomic Security Operations solution with a mission to accelerate the world's adoption of more modern threat management strategies. Ultimately, the goal is to shift the industry away from a product-centric approach to detection and response to a more principled approach focused on modernizing your Security Operations …
As organizations accelerate adoption of cloud services to deliver innovative solutions and experiences for their customers, risk and compliance teams are adjusting their due diligence programs to better understand and manage the risks associated with outsourcing of business critical workloads. At the core of these efforts is protecting sensitive …
As the tragic Russian invasion of Ukraine continues, we want to provide customers and partners with an update on how Google Cloud is providing resources for organizations, protecting against potential cyberattacks, and delivering network resiliency. We continue to work closely with U.S. and international officials in our approach …
As the war in Ukraine continues to unfold, I want to update you on how we’re supporting our customers and partners during this time. Google is taking a number of actions. Our security teams are actively monitoring developments, and we offer a host of security products and services …
Learn about everything related to threat detection, investigation and response in our Q1 2022 Google Cloud Security Talks Join us for our first Google Cloud Security Talks of 2022, a live online event on March 9th, where we’ll focus on all things SecOps, and threat detection, investigation and …
With the release of OpenSSH 8.2 almost two years ago, native support for FIDO authentication became an option in SSH. This meant that you could have your SSH private key protected in a purpose-built security key, rather than storing the key locally on a disk where it may …
If you are responsible for administering Cloud SQL instances, securing your databases is one of your top priorities. However, as the number of users using your Cloud SQL instances grows, you may find yourself challenged to keep access locked down. More Cloud SQL users means more work ensuring that …
We are excited to announce Traffic Director’s general availability of client authorization by proxyless gRPC services. This release, in conjunction with Traffic Director’s capability for managing mutual TLS (mTLS) credentials for Google Kubernetes Engine (GKE), enables customers to centrally manage access between workloads using Traffic Director. With …
With all the crises that have buffeted the healthcare and life sciences industries the past two years, one that often gets overlooked is the unceasing wave of cyberattacks aimed at medical, research, educational, and public health organizations. These attacks have shut down critical systems, attempted to steal vaccines and …
As we discussed in “Achieving Autonomic Security Operations: Reducing toil”, your Security Operations Center (SOC) can learn lessons from Site Reliability Engineering (SRE) This means that applying software engineering practices to security operations challenges can radically improve an organization’s security. In this post, we discuss how you can …
As organizations move to the cloud, VM-based architectures continue to make up a significant portion of compute-centric workloads. To help ensure strong protection for these deployments, we are thrilled to announce a public preview of our newest layer of threat detection in Security Command Center (SCC): Virtual Machine Threat …
European organizations, both public and private, are migrating their operations and data to the cloud in increasing numbers. In doing so, they need confidence they can meet their unique needs for security, privacy, and digital sovereignty. Key requirements include the ability to store data within a European geographic region …
I’m excited to share our first Cloud CISO Perspectives post of 2022. It's already shaping up to be an eventful year for our industry and we’re only in month one. There’s a lot to recap in this post, including the U.S. government’s recent efforts …
We’re excited to announce the public preview of Certificate Manager and its integration with External HTTPS Load Balancing. Certificate Manager enables you to use External HTTPS Load Balancing with as many certificates or domains as you need. You can bring your own TLS certificates and keys if you …
We are pleased to announce the general availability of Customer Managed Encryption Keys (CMEK) integration for Cloud Data Fusion. CMEK enables encryption of both user data and metadata at rest with a key that you can control through Cloud Key Management Service (KMS). This capability will help meet the …