Google Cloud Next, our global exhibition of inspiration, innovation, and education, is coming to the Mandalay Bay Convention Center in Las Vegas starting Tuesday, April 9. We’re featuring a packed Security Professionals track, including more than 40 breakout sessions, demos, and lightning talks where you can discover new …
Welcome to the second Cloud CISO Perspectives for March 2024. Today, Brian Roddy, vice president of security product management, Google Cloud, talks about some of the important cybersecurity hot topics that will be driving our announcements at Google Cloud Next in April. As with all Cloud CISO Perspectives, the …
Organizations rely on data-driven insights to power their business, but unlocking the full potential of data comes with the responsibility to handle it securely. This can be a significant challenge when data growth can easily outpace the ability to manually inspect it, and data sprawl can lead to sensitive …
Open-source software is used throughout the technology industry to help developers build software tools, apps, and services. While developers building with open-source software can (and often do) benefit greatly from the work of others, they should also conduct appropriate due diligence to protect against software supply chain attacks. With …
When developers are innovating quickly, security can be an afterthought. That’s even true for AI/ML workloads, where the stakes are high for organizations trying to protect valuable models and data. When you deploy an AI workload on Google Kubernetes Engine (GKE), you can benefit from the many …
Google Cloud’s VPC Service Controls (VPC-SC) can help enterprises keep their sensitive data secure while using built-in storage and data processing capabilities. Since its inception, VPC-SC has been deployed as a foundational security control by many Google Cloud customers. As an integral part of a defense-in-depth solution, VPC-SC …
Google Cloud strives to make good security outcomes easier for customers to achieve. As part of this continued effort, we are releasing an updated and stronger set of security defaults that are automatically implemented for new customers. Google Cloud customers with a verified domain receive an organization resource, which …
Editor’s note : NetRise, a cybersecurity company, has developed a platform to address software supply chain vulnerabilities, especially within the Extended Internet of Things (XIoT) and Cyber Physical Systems (CPS). Its latest solution, Trace, utilizes large language models and Cloud SQL for PostgreSQL for efficient vulnerability detection and code-origin …
In recent years, we've been seeing an exponential surge in the number, volume, and complexity of distributed denial-of-service (DDoS) attacks. In September 2023, we saw the largest DDoS attack to date, which peaked at 398 million requests per second. As the threat landscape evolves, enterprises face a pressing need …
Assured Workloads is a modern cloud solution that allows companies to more easily run regulated workloads in many of Google Cloud’s global regions. Assured Workloads can help you ensure comprehensive data protection and regulatory compliance across your Google Cloud Organization. It allows you to apply specific security and …
Welcome to the first Cloud CISO Perspectives for March 2024. Today I’ll be highlighting a section from our newest Perspectives on Security for the Board report, focusing on the importance of developing psychological resilience in cybersecurity leadership. As with all Cloud CISO Perspectives, the contents of this newsletter …
The stakes have never been higher for managing cloud risks. With organizations of every size and in every industry pursuing cloud-first strategies, the cloud is now home to their most critical applications and data. Adversaries have picked up on this ongoing shift, too: APT groups known for regularly targeting …
As cyber threats and risks continue to evolve, robust security is more than just an IT issue — it is imperative for business success and continuity. To help you better understand the current cybersecurity landscape, including guidance on regulatory changes and the latest threat intelligence, we bring you the first …
Creating and managing the security of Kubernetes clusters is a lot like building or renovating a house. Both require making concessions across many areas when trying to find a balance between security, usability and maintainability. For homeowners, these choices include utility and aesthetic options, such as installing floors, fixtures …
Welcome to the second Cloud CISO Perspectives for February 2024. Today, Charley Snyder, a Google expert on the intersection of security and public policy, talks about our announcements at February’s Munich Security Conference — and why the conference plays a vital role in public policy conversations. As with all …
Cybercriminals often use lateral movement techniques when exploring a compromised network to slide sideways, from devices to applications, as they hunt for vulnerabilities, escalate access privileges, and seek to reach their ultimate target. Research published today by Palo Alto Networks highlights several techniques that exploit misconfigurations which could allow …
As developers use Vertex AI, Google Cloud’s end-to-end AI platform that includes intuitive tooling to build the next generation of AI applications, IT teams are called on to bolster cloud infrastructure security. Aligned with the Secure AI Framework (SAIF) we introduced last year, we want to share approaches …
Securing cloud credentials has emerged as a challenge on the scale of Moby Dick: It presents an enormous problem, and simple solutions remain elusive. Credential security problems are also widespread: More than 69% of cloud compromises were caused by credential issues, including weak passwords, no passwords, and exposed APIs …
From the front lines of cyber investigations, the Mandiant Managed Defense team observes how cybercriminals find ways to avoid defenses, exploit weaknesses, and stay under the radar. We work around the clock to develop new techniques to identify attacks and stop breaches for our clients. Our aim is to …
Monitoring microservices in the cloud has become an increasingly cumbersome exercise for teams struggling to keep pace with developers’ rapid application release velocity. One way to make things easier for overloaded security teams is to use the open-source runtime security platform Falco to quickly identify suspicious behavior in Linux …
Welcome to the first Cloud CISO Perspectives for February 2024. Today I’ll be looking at our latest Threat Horizons report, which provides a forward-thinking view of cloud security with intelligence on emerging threats and actionable recommendations from Google's security experts. As with all Cloud CISO Perspectives, the contents …
In Germany, public procurement can be a highly complex and time-consuming process. More than 30,000 procurement entities vie for contracts across a fragmented regulatory landscape, with different rules applying at the federal, state, and municipal levels. Since public procurement procedures are often time-consuming, particularly for large or high-value …
In Germany, public procurement can be a highly complex and time-consuming process. More than 30,000 procurement entities vie for contracts across a fragmented regulatory landscape, with different rules applying at the federal, state, and municipal levels. Since public procurement procedures are often time-consuming, particularly for large or high-value …
With less than one year to prepare for the EU Digital Operational Resilience Act (Regulation (EU) 2022/2554 - ‘DORA’) coming into force, today we are sharing more information about how Google Cloud plans to support financial entities with their DORA compliance. As an organization, we are committed to DORA …
Editor’s note : The post is part of a series showcasing partner solutions that are Built with BigQuery. Today, it’s data that powers the enterprise, helping to provide competitive advantage, inform business decisions, and drive innovation. However, accessing high-quality data can be costly and time-consuming, and using it …