As cyber threats and risks continue to evolve, robust security is more than just an IT issue — it is imperative for business success and continuity. To help you better understand the current cybersecurity landscape, including guidance on regulatory changes and the latest threat intelligence, we bring you the first …
Creating and managing the security of Kubernetes clusters is a lot like building or renovating a house. Both require making concessions across many areas when trying to find a balance between security, usability and maintainability. For homeowners, these choices include utility and aesthetic options, such as installing floors, fixtures …
Welcome to the second Cloud CISO Perspectives for February 2024. Today, Charley Snyder, a Google expert on the intersection of security and public policy, talks about our announcements at February’s Munich Security Conference — and why the conference plays a vital role in public policy conversations. As with all …
Cybercriminals often use lateral movement techniques when exploring a compromised network to slide sideways, from devices to applications, as they hunt for vulnerabilities, escalate access privileges, and seek to reach their ultimate target. Research published today by Palo Alto Networks highlights several techniques that exploit misconfigurations which could allow …
As developers use Vertex AI, Google Cloud’s end-to-end AI platform that includes intuitive tooling to build the next generation of AI applications, IT teams are called on to bolster cloud infrastructure security. Aligned with the Secure AI Framework (SAIF) we introduced last year, we want to share approaches …
Securing cloud credentials has emerged as a challenge on the scale of Moby Dick: It presents an enormous problem, and simple solutions remain elusive. Credential security problems are also widespread: More than 69% of cloud compromises were caused by credential issues, including weak passwords, no passwords, and exposed APIs …
From the front lines of cyber investigations, the Mandiant Managed Defense team observes how cybercriminals find ways to avoid defenses, exploit weaknesses, and stay under the radar. We work around the clock to develop new techniques to identify attacks and stop breaches for our clients. Our aim is to …
Monitoring microservices in the cloud has become an increasingly cumbersome exercise for teams struggling to keep pace with developers’ rapid application release velocity. One way to make things easier for overloaded security teams is to use the open-source runtime security platform Falco to quickly identify suspicious behavior in Linux …
Welcome to the first Cloud CISO Perspectives for February 2024. Today I’ll be looking at our latest Threat Horizons report, which provides a forward-thinking view of cloud security with intelligence on emerging threats and actionable recommendations from Google's security experts. As with all Cloud CISO Perspectives, the contents …
In Germany, public procurement can be a highly complex and time-consuming process. More than 30,000 procurement entities vie for contracts across a fragmented regulatory landscape, with different rules applying at the federal, state, and municipal levels. Since public procurement procedures are often time-consuming, particularly for large or high-value …
In Germany, public procurement can be a highly complex and time-consuming process. More than 30,000 procurement entities vie for contracts across a fragmented regulatory landscape, with different rules applying at the federal, state, and municipal levels. Since public procurement procedures are often time-consuming, particularly for large or high-value …
With less than one year to prepare for the EU Digital Operational Resilience Act (Regulation (EU) 2022/2554 - ‘DORA’) coming into force, today we are sharing more information about how Google Cloud plans to support financial entities with their DORA compliance. As an organization, we are committed to DORA …
Editor’s note : The post is part of a series showcasing partner solutions that are Built with BigQuery. Today, it’s data that powers the enterprise, helping to provide competitive advantage, inform business decisions, and drive innovation. However, accessing high-quality data can be costly and time-consuming, and using it …
Welcome to the second Cloud CISO Perspectives for January 2024. In this edition, I’m turning the mic over to Yousif Hussin, who as a member of Google’s Vulnerability Coordination Center led our response to the recent serious zero-day CPU vulnerability Reptar. He talks about what important lessons …
Google Cloud’s Organization Policy Service can help you control resource configurations and establish guardrails in your cloud environment. And with custom organization policies, a powerful new extension to Organization (Org) Policy Service, you can now create granular resource policies to help address your cloud governance requirements. This new …
How effective is security technology at keeping your organization safe? While quantifying the investment return on security technology can be tricky, understanding the ROI of security products is crucial information for organizations to make informed decisions about resource allocation, strategy adjustments, and to get buy-in from financial approvers. With …
Welcome to the first Cloud CISO Perspectives of the year, and the first of our two newsletters for January. Today I’ll be discussing some of the important changes to the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules as outlined by the U.S. Securities and Exchange …
Welcome to the second Cloud CISO Perspectives for December 2023. To close out the year, I’m sharing what attracted the most interest from our security updates this year, and Nick Godfrey from our Office of the CISO presents a selection of forward-looking insights from the Office of the …
Storing credentials in plaintext can make your organization less secure. Risks include exposing your credentials to unauthorized users, including threat actors. Improperly secured credentials can also be collected, propagated, and further exposed in various systems, such as logs or inventory systems. We recommend organizations protect their stored credentials with …
European organizations continue to embrace cloud-based solutions to support their ongoing digital transformation. But the adoption of breakthrough technologies like generative AI and data analytics to drive new innovations will only accelerate if organizations are confident that when they use cloud services their data will remain secure, private, and …
Headline-grabbing security incidents in 2023 have shown that cybersecurity continues to be challenging for organizations around the world, even those with skilled practitioners and state-of-the-art tools. To help prepare you for 2024, we are offering the final installment of this year’s Google Cloud Security Talks on Dec. 19 …
Welcome to the first Cloud CISO Perspectives for December 2023. Today I’ll be providing an update to our cloud security megatrends blog. First published in January 2022, the premise of cloud security megatrends is that there were eight “megatrends” that drive technological innovation. It’s become clear that …
At Google Cloud, we are infusing the power of AI throughout our products and solutions to build AI services that can help all of our users. Duet AI in Google Cloud provides you with AI-powered collaborators to boost your productivity, gain competitive insights, and improve your bottom line. Today …
Managing and auditing data access can be very complex at scale, in particular, for a fleet of databases with a myriad of users. Today, we are introducing IAM group authentication for Cloud SQL. With this launch, you can take advantage of better security, simplify user management and database authentication …
Google Cloud Armor provides our customers with advanced DDoS defense and Web Application Firewall (WAF) capabilities. Today, we’re excited to announce the general availability of Cloud Armor for Regional External Application Load Balancers, which can help create regionally-scoped Cloud Armor security policies. In these policies, rules are evaluated …