Organizations rely on data-driven insights to power their business, but maximizing the potential of data comes with the responsibility to handle it securely. This can be a challenge when data growth can easily outpace the ability to manually inspect it, and data sprawl can lead to sensitive data appearing …

Welcome to the second Cloud CISO Perspectives for June 2024. In this update, Taylor Lehmann, director, Office of the CISO, shares remarks he made to the National Security Council this month on the steps Google is taking to help rural healthcare networks become more secure and resilient against cyberattacks …

Encryption is a fundamental control for data security, sovereignty, and privacy in the cloud. While Google Cloud provides default encryption for customer data at rest, many organizations want greater control over their encryption keys that control access to their data. Customer-Managed Encryption Keys (CMEK) can help you by providing …

Welcome to the first Cloud CISO Perspectives for June 2024. In this update, I’m reviewing three of the more promising use cases for AI in cybersecurity. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading …

As artificial intelligence and machine learning workloads become more popular, it's important to secure them with specialized data security measures. Confidential Computing can help protect sensitive data used in ML training to maintain the privacy of user prompts and AI/ML models during inference and enable secure collaboration during …

Identifying and securing internet-facing resources is an essential part of cloud security risk management. Google Cloud offers tools to help you understand risks and add strong access controls to your organization and projects where they are needed. These tools and controls can help mitigate the risks such as the …

As AI continues to change the way we work, security professionals are thinking about how to apply generative AI to help them in their jobs, and how to safeguard the AI systems their organizations are beginning to use. They’re also envisioning new ways to use threat intelligence, sharpen …

Today, we’re pleased to share that Google was named a Leader in The Forrester WaveTM: Cybersecurity Incident Response Services Report, Q2 2024. Forrester identified 14 top vendors in the cybersecurity incident response services space, assessing them on their current offerings, strategy, and market presence. Mandiant, part of Google …

We are continually enhancing Google Cloud’s Identity and Access Management (IAM) capabilities to help our customers strengthen their security posture. To help mitigate the risks associated with excessive privileges and misuses of elevated access, we are excited to announce Google Cloud’s built-in Privileged Access Manager (PAM). Now …

Google Cloud recently achieved a major U.S. government compliance milestone with more than 130 services, including 12 additional Cloud Networking services, approved for FedRAMP High authorization — the strictest standard for protecting the most sensitive unclassified data. To help our customers securely deploy a network architecture that aligns with …

Organizations collect vast amounts of data to create innovative solutions, perform ground breaking research, or optimize their designs. With this comes the responsibility to ensure data is adequately protected to meet regulatory, compliance, contractual or internal security requirements. For organizations that want to move their data warehouses from on-premises …

At Google, we have always believed in the power of choice in how we build and make our technology available to our customers. The power of choice becomes even more critical for organizations to meet constantly evolving digital sovereignty requirements while accelerating and optimizing their move to the cloud …

Welcome to the second Cloud CISO Perspectives for May 2024. In this update, Mandiant founder and outgoing CEO Kevin Mandia shares the highlights from his keynote address at the RSA Conference earlier this month. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the …

At Google Cloud, we've long demonstrated our commitment to responsible AI development and transparency in our work to support safer and more accountable products, earn and keep our customers’ trust, and foster a culture of responsible innovation. We understand that AI comes with complexities and risks, and to ensure …

Google Cloud's commitment to empower federal agencies with advanced technology reached a significant milestone this week with the addition of more than 100 new FedRAMP High authorized cloud services. Customers in the U.S. government and commercial organizations supplying the U.S. government can now use popular Google Cloud …

A Google Cloud incident earlier this month impacted our customer, UniSuper, in Australia. While our first priority was to work with our customer to get them fully operational, soon after the incident started, we publicly acknowledged the incident in a joint statement with the customer. With our customer’s …

The security of the software supply chain is a complex undertaking for modern enterprises. Securing the software supply chain, particularly build artifacts like container images, is a crucial step in enhancing overall security. To provide built-in, centralized visibility into your applications, we are introducing software supply chain security insights …

Welcome to the first Cloud CISO Perspectives for May 2024. In this update, I’ll review my RSA Conference fireside chat with Mandiant CEO Kevin Mandia. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this …

At Google, we’re always evolving our security capabilities and practices to make our cloud the most trusted cloud. As part of this continued effort, Google Cloud’s Identity and Access Management (IAM) recently released even stronger security defaults that can help you bolster the baseline security and control …

We’re excited to share that Gartner has recognized Google as a Visionary in the 2024 Gartner® Magic QuadrantTM for Security Information and Event Management (SIEM). Participating for the first time in the Magic Quadrant for SIEM, we have been positioned as a Visionary because of our powerful search …

The advent of generative AI has unlocked new opportunities to empower defenders and security professionals. We have already seen how AI can transform malware analysis at scale as we work to deliver better outcomes for defenders. In fact, using Gemini 1.5 Pro, we were recently able to reverse …

The modern workplace relies on web-based applications and cloud services, making browsers and their sensitive data a primary target for attackers. While the risks are significant, Chrome Enterprise can help organizations simplify and strengthen their endpoint security with secure enterprise browsing. Following our recent Chrome Enterprise Premium launch, today …

In the generative AI-era, security teams are looking for a fully-operational, high-performing security operations solution that can drive productivity while empowering defenders to detect and mitigate new threats. Today at the RSA Conference in San Francisco, we’re announcing AI innovations across the Google Cloud Security portfolio, including Google …

For decades, threat intelligence solutions have had two main challenges: They lack a comprehensive view of the threat landscape, and to get value from intelligence, organizations have to spend excess time, energy, and money trying to collect and operationalize the data. Today at the RSA Conference in San Francisco …

Welcome to the second Cloud CISO Perspectives for April 2024. In this update, my colleague Sunil Potti gives a leaders’ tour of Security Command Center Enterprise — and how it can help security teams better manage risk across their growing cloud deployments. As with all Cloud CISO Perspectives, the contents …