Today is the start of the two year implementation period for the EU Digital Operational Resilience Act (DORA). Financial entities in the European Union (EU) and their critical ICT providers must be ready to comply with DORA by January 17, 2025. At Google Cloud, we firmly believe that DORA …
Editor’s note : To kick off the new year and in preparation for NRF The Big Show, we invited partners from across our retail ecosystem to share stories, best practices, and tips and tricks on how they are helping retailers transform during a time that continues to see tremendous …
It is an exciting time at Google Cloud as we integrate Mandiant’s intelligence and expertise into our enterprise offerings. Today, I am pleased to announce a new offering, Threat Ready with Mandiant. This new solution can help enterprises protect what matters most to their business, and can help …
Part of being a security leader whose organization is taking on a digital transformation is preparing for hard questions – and complex answers – on how to implement a transformation strategy. In our previous CISO Survival Guide blog, we discussed how financial services organizations can more securely move to the cloud …
With the rapid growth in the quantity of healthcare data available, organizations are able to unlock deeper insights, advance innovation, and increase experimentation. The sector is now in a position to take advantage of cloud technology to accelerate clinical trials, expand research and development, and optimize supply chains. However …
While cloud security skeptics might believe that data in the cloud is just one access configuration mistake away from a breach, the reality is that a well-designed set of defense in depth controls can help minimize the risk of configuration mistakes and other security issues. Our Virtual Private Cloud …
Welcome to December’s Cloud CISO Perspectives. This month, we’re going to look back at the most important security lessons of 2022 with my colleagues in our Office of the CISO and on the Google Cybersecurity Action Team. As with all Cloud CISO Perspectives, the contents of this …
Security operations teams are facing a “perfect storm” of challenges from nation-state actors turning their attention to financial crime, to rising uncertainty and potential complexities because of rapidly advancing cloud migration and IoT adoption, to the long-lamented skills shortage. Now imagine having to face this trifecta without visibility into …
Our quarterly Security Talks series brings together experts from Google Cloud Security teams and the industry to share information on our latest security products, innovations and best practices. Below is an introduction to Mandiant’s Security Talks presentation on Dec. 7, Mandiant Tales from the Front Lines: Activate Cyber …
We’re pleased to announce that Confidential Space, our new solution that allows you to control access to your sensitive data and securely collaborate in ways not previously possible, is now available in public Preview. First announced at Google Cloud Next, Confidential Space can offer many benefits to securely …
Savvy leaders at organizations around the world know that digital transformations can create a virtuous flywheel of more and faster innovation, driven by the power of software integration. APIs can facilitate the necessary software integration and communication, and that requires serious consideration of the organization’s API security posture …
Editor's note : This post is part of an ongoing series on IT predictions from Google Cloud experts. Check out the full list of our predictions on how IT will change in the coming years. Prediction: By 2025, 90% of security operations workflows will be automated and managed as code …
Today, we published a new Google research report on software supply chain security because we’ve seen a sharp rise in software supply chain attacks across almost every sector —and expect these trends to continue for the foreseeable future. We urge all organizations to act now to improve their …
Every day, teams across Google Cloud come together to help address complex and pressing compliance, risk, and privacy requirements that enable customers to accelerate their digital transformation and innovate faster. Let’s take a look at some of our top trust and compliance-related efforts from the last few months …
Our quarterly Security Talks series brings together experts from Google Cloud security teams and the industry to share information on our latest security products, innovations and best practices. Below is the keynote address for our Security Talks on Dec. 7, 2022, presented by MK Palmore, director, Office of the …
Google Cloud is committed to serving public sector customers around the world, and has made significant progress in building products and services designed specifically to meet your needs. Today, Google Cloud is proud to announce Department of Defense Impact Level 5 (IL5) provisional authorization (PA) — another important milestone that …
Even before the recent mass shift to remote and hybrid work models, the web browser had begun to evolve from the primary web access point to a crucial security layer. Securing enterprise web browsing is vital to the security posture and requirements of many organizations. Google Chrome, which is …
Unattended Project Recommender makes identifying idle cloud projects easy, and helps you mitigate associated security issues, reduce unnecessary spend and environmental impact. In order to implement a scalable and repeatable resource lifecycle management process, it’s important to have the right tools for the job. Today, we’re announcing …
Overcoming blockades and potholes that threaten to derail organizational change is key to any IT or security transformation initiative. Many security and risk leaders have made it a priority to adopt Zero Trust access models so they can deliver better user experiences and strengthen security. Yet before they can …
Welcome to November’s Cloud CISO Perspectives. I’d like to celebrate the first year of the Google Cybersecurity Action Team (GCAT) and look ahead to the team’s goals for 2023. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud …
Editor's note : The ISE Crypto PQC working group is comprised of Google Senior Cryptography Engineers Stefan Kölbl, Rafael Misoczki, and Sophie Schmieg. When you visit a website and the URL starts with HTTPS, you’re relying on a secure public key cryptographic protocol to shield the information you share …
As we help our customers evolve their security approaches for the cloud era, two key objectives based on Google’s experience defending our own infrastructure and systems, emerge: trust nothing and detect everything. These can seem like daunting tasks for even the most capable security teams, especially in today …
At Google Cloud Next in October, we announced the Preview release of advanced rule tuning for Cloud Armor which can provide customers more granular control over how they apply our pre-configured Web Application Firewall (WAF) rules. We also announced the Preview of our auto-deploy option for proposed mitigating rules …
Cobalt Strike, the popular tool used by red teams to test the resilience of their cyber defenses, has seen many iterations and improvements over the last decade. First released in 2012, it was originally the commercial spinoff of the open-source Armitage project that added a graphical user interface (GUI …
At Google Cloud, we’re focused on making it easy for organizations to build solutions quickly and securely. Identity and Access Management (IAM) is the core security control for establishing who has access to which cloud resources and making sure access permissions are aligned to your company’s business …