When I first started at Google 15 years ago, I was brought on as a “ hired hacker ” on Google’s security team. I hunted for software vulnerabilities and helped product teams fix and mitigate them. Over the years, I’ve worked on initiatives to ensure security is built-in by …
Welcome to September’s Cloud CISO Perspectives. This month, we're focusing on Google Cloud’s acquisition of Mandiant and what it means for us and the broader cybersecurity community. Mandiant has long been recognized as a leader in dynamic cyber defense, threat intelligence, and incident response services. As I …
At Google Cloud, we’re focused on giving customers new ways to strengthen their security posture. Managing identities and authorization is a core security control that underpins interactions inside and collaboration outside the organization. To address fraud, identity theft, and other security challenges associated with the proliferation of online …
Editor's note : Google Cloud’s Office of the Chief Information Security Officer (OCISO) is an expert team of cybersecurity leaders, including established industry CISOs, initially formed in 2019. Together they have more than 500 years of combined cybersecurity experience and leadership across industries including global healthcare, finance, telecommunications and …
The canvas of cloud resources is vast, ready for an ambitious organization to craft their digital masterpiece (or perhaps just their business.) Yet before the first brush of paint is applied, a painter in the cloud needs to think about their frame: What shape should it take, what material …
The network security that firewalls provide is one of the basic building blocks for a secure cloud infrastructure. We are excited to announce that three new Google Cloud Firewall features are now generally available: Global Network Firewall Policies, Regional Network Firewall Policies, and IAM-governed Tags. With these enhancements, Cloud …
Compliance officers and platform engineering teams often find it challenging to ensure security, manage consistency, and oversee governance across multiple products, environments, and teams. Google Cloud's Organization Policy Service can help tackle this challenge with a policy-based approach that simplifies policy administration across Google Cloud resources and projects. We …
At Google, we are constantly looking to improve our products, services, and contracts so that we can better serve our customers. To this end, we are pleased to announce that we have updated and merged our data processing terms for Google Cloud, Google Workspace (including Workspace for Education), and …
As part of our efforts to democratize Zero Trust, Google Cloud has designed our BeyondCorp Enterprise solution to be an extensible platform where customers can choose to integrate signals from other technology vendors and incorporate these into their Zero Trust access policies. Following our integrations announcements earlier this year …
Over the past two decades, Google has innovated to build some of the largest and most secure computing systems in the world. This scale requires us to deliver pioneering approaches to cloud security, which we pass on to our Google Cloud customers. We are committed to solving hard security …
If you work in compliance, privacy, or risk, you know that regulatory developments have continued to accelerate this year. As part of our commitment to be the most trusted cloud, we continue to pursue global industry standards, frameworks, and codes of conduct that tackle our customers’ foundational need for …
BigQuery is a leading data warehouse solution in the market today, and is valued by customers who need to gather insights and advanced analytics on their data. Many common BigQuery use cases involve the storage and processing of Personal Identifiable Information (PII)—data that needs to be protected within …
Integrating your ArgoCD deployment with Connect Gateway and Workload Identity provides a seamless path to deploy to Kubernetes on many platforms. ArgoCD can easily be configured to centrally manage various cluster platforms including GKE clusters, Anthos clusters, and many more. This promotes consistency across your fleet, saves time in …
Data governance includes people, processes, and technology. Together, these principles enable organizations to validate and manage across dimensions such as: Data management, including data and pipelines lifecycle management and master data management. Data protection, spanning data access management, data masking and encryption, along with audit and compliance. Data discoverability …
Google is committed to be the best possible place for sustainable digital transformation for European organizations. Our Cloud on Europe’s terms initiative works to meet regional requirements for security, privacy, and digital sovereignty, without compromising on functionality or innovation. In support of this initiative, we are making our …
Welcome to this month’s Cloud CISO Perspectives. This month, we're focusing on the importance of vulnerability reward programs, also known as bug bounties. These programs for rewarding independent security researchers for reporting zero-day vulnerabilities to the software vendor first started appearing around 1995, and have since evolved into …
While the digitization of government services and operations has helped enhance the constituent experience, it has also increased the cyber threat surface for governments of all sizes. In 2020, 79 ransomware attacks hit government organizations, amounting to nearly $19 billion in downtime and recovery costs 1. Other research indicates …
Managed Service for Microsoft Active Directory (Managed Microsoft AD) is a Google Cloud service that offers highly available, hardened Microsoft Active Directory running on Windows virtual machines. We recently added on-demand backup and schema extension capabilities that can help Google Cloud users more easily and effectively manage AD tasks …
Security is often seen as a zero-sum game between “go fast” or “stay secure.” We would like to challenge this school of thought and introduce a framework to change that paradigm to a “win-win game,” so you can do both—“go fast” and “stay secure.” Historically, application security tools …
Today we are delighted to announce that our unique, first-to-market detection capability with Virtual Machine Threat Detection (VMTD) in Security Command Center is now generally available for all Google Cloud customers. We launched this service six months ago in public preview and have seen a lot of enthusiasm from …
Today we are pleased to announce that Cloud Certificate Manager is now in general availability. Cloud Certificate Manager enables our users to acquire, manage, and deploy public Transport Layer Security (TLS) certificates at scale for use with your Google Cloud workloads. TLS certificates are required to secure browser connections …
Many security leaders head into the cloud armed mostly with tools, practices, skills and ultimately the mental models for how security works that were developed on premise. This leads to cost and efficiency problems that can be solved by mapping their existing mental models to those of the cloud …
Why are so many companies moving to the cloud? One reason we hear quite often is cost reduction. The elasticity of cloud services, or its ability to scale up or down as needed, means paying only for what you use. Right up there on the list of reasons is …
Over the past few years, Google has observed that distributed denial-of-service (DDoS) attacks are increasing in frequency and growing in size exponentially. Today’s internet-facing workloads are at constant risk of attack with impacts ranging from degraded performance and user experience for legitimate users, to increased operating and hosting …
Every student and educator deserves access to learning tools that are private and secure. Google Workspace for Education and Chromebooks have positively transformed teaching and learning, while creating safe learning environments for more than 170 million students and educators around the world. Our education products are built with data …