Welcome to the first Cloud CISO Perspectives for July 2023. Today, I’ll be asking my colleague Royal Hansen, vice president of Privacy, Safety, and Security Engineering at Google, about AI, security, and risk topics. This year has been a banner year for artificial intelligence (AI), and especially for …
Risk managers know there is one assessment type that’s foundational for every risk management program: the vendor risk assessment. Understanding the risk posture of your vendors and third parties, including your cloud providers, is an important part of an effective risk management program. While collecting and analyzing information …
Join us as we build on the concept and use cases of Workload Identity Federation, showcasing the security benefits of "keyless authentication.” We will dive into how Workload Identity Federation can be used in the context of CI/CD pipelines and tools that are commonly found in enterprise environments …
Macy’s is well known for its high-end fashion worldwide. What is not as well known are the strong measures it takes to ensure its customers’ data remains secure. When Macy’s decided to move its infrastructure from on-premises to Google Cloud, it required the move be done without …
Editor's note : This post was originally published on the Google Workspace blog. At Google, we are committed to the privacy and security of our customers and to fostering trust in our cloud technologies. We regularly engage with customers, privacy regulators, and policymakers around the globe to understand evolving expectations …
Welcome to the second Cloud CISO Perspectives for June 2023. In my previous newsletter, I discussed the growing, important role that accurate threat intelligence can play in helping keep organizations secure, and how we centered that at our Security Summit. Today’s cybersecurity threats can pose dangerous risks to …
In today's business landscape, data availability and integrity are paramount. Disasters, whether natural or man-made, can disrupt operations and pose a significant risk to critical information. To address this, today we are introducing Persistent Disk Asynchronous Replication, which enables disaster recovery for Compute Engine workloads by replicating data between …
We are excited to announce that the Google Kubernetes Engine (GKE) Security Posture dashboard is now generally available. The interface is designed to streamline the security management of your GKE clusters, and now includes a range of powerful features such as misconfiguration detection and vulnerability scanning to help ensure …
As enterprises accelerate adoption of cloud-based services and products, they face a common challenge: How can they effectively secure and govern rapidly expanding volumes of their most sensitive data in new environments? Today, Google Cloud released an architectural whitepaper and accompanying source code for a solution which successfully completed …
To maximize the benefits of digital transformation, organizations need to be comfortable bringing sensitive and regulated workloads to the cloud. Assured Workloads is a modern cloud solution that allows our customers to run regulated workloads in many of Google Cloud's global regions. Core to our strategy for Assured Workloads …
Welcome to the first Cloud CISO Perspectives for June 2023. Earlier this week, we held our annual Google Cloud Security Summit, an online gathering where we discuss the latest technologies and strategies that can help protect your business, your customers, and your cloud transformation from emerging threats. If you …
We are excited to announce the Preview of front-end mutual TLS (mTLS) support, allowing you to offload client certificate authentication using External HTTPS Load Balancing. With TLS offload the load balancer presents a certificate on behalf of the server that the client uses to verify the server’s identity …
Snap Inc., creators of Snapchat, is a technology company that believes “the camera presents the greatest opportunity to improve the way people live and communicate.” Born in the cloud, Snap delivers its modern social media framework using Google Cloud. In 2023, Google Cloud and Snap announced an expanded relationship …
Organizations large and small are realizing that digital transformation requires a ground-up approach to modernize security. However, that digital transformation is being threatened by increasingly disruptive cyber risks and threats. At our annual Google Cloud Security Summit today, we’re sharing the latest insights into how the threat landscape …
To help secure increasingly complex and dynamic cloud environments, many security teams are turning to attack path analysis tools. These tools can enable them to better prioritize security findings and discover pathways that adversaries can exploit to access and compromise cloud assets such as virtual machines, databases, and storage …
Google Cloud provides multiple layers of security to help customers stay ahead of evolving threats and keep their cloud workloads safe. Today at our annual Security Summit, we are excited to announce the general availability of Secure Web Proxy, a new cloud-first network security offering that provides web egress …
As cloud adoption continues to grow, so too does the number of cloud-born security threats. However, cloud environments can present significant opportunities to improve security with the right tools and processes in place. When it comes to effective threat detection, investigation and response (TDIR) in the cloud, modern solutions …
Learning to use the public cloud for your first project can feel like hunting for treasure in deep, hidden dungeons, or battling fire-breathing dragons. There's jargon to learn, cryptic formulas to unravel, and countless ways to get yourself into trouble. Despite charting a course across an unfamiliar landscape, at …
Today, Google Cloud is proud to announce that we have successfully submitted the complete OSCAL package for Department of Defense (DoD) Impact Level 5 (IL5) to eMASS. This is a major milestone for us, as it represents our step forward supporting scalable compliance for Google Cloud and its customers …
Google Cloud Firewall is a fully distributed, stateful inspection firewall engine that is built into our software-defined networking fabric and enforced at each workload. With Cloud Firewall, you can enhance and simplify security posture, and implement Zero Trust networking for cloud workloads. Previously, we announced several enhancements and expansions …
Today, Google Cloud is proud to announce that we have successfully submitted the complete OSCAL package. This is a major milestone for us, as it represents our step forward supporting scalable compliance for Google Cloud and its customers. Open Security Control Assessment Language (OSCAL) OSCAL (Open Security Control Assessment …
Cryptomining is a pervasive and costly threat to cloud environments. A single attack can result in unauthorized compute costs of hundreds of thousands of dollars in just days. Further, the Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report revealed that 65% of compromised cloud accounts experienced cryptocurrency …
Firewalls are a critical component of your security architecture. With the increased migration of workloads to cloud environments, more companies are turning to cloud-first solutions for their network security needs. Google Cloud Firewall is a scalable, cloud-first service with advanced protection capabilities that helps enhance and simplify your network …
Our annual Google Cloud Security Summit is coming next week, and we have an exciting agenda with keynotes, demos, and breakout sessions. This year, we’re featuring two tracks: Frontline Intelligence and Cloud Innovation. When you attend the summit, you will be the first to learn about the latest …
After decades of managing and securing identities in data centers, security and IT operations teams face new challenges when detecting identity compromise in their public cloud environments. Protecting cloud service accounts against leaked keys, privilege escalation in complex authorization systems, and insider threats are vital tasks when considering the …