Unpatched software vulnerabilities can have serious consequences. At Google Cloud, we want developers to reduce the risks they face by focusing on developing code that is secure by design and secure by default. While secure development can be time-consuming, generative AI can be used responsibly to help make that …
To help customers implement defense in depth strategies, Google Cloud offers multiple layers of centralized resource governance controls that can help organizations securely scale their Google Cloud adoption across thousands of projects, APIs, and developers. These controls can help administrators strengthen security and support compliance across their entire org …
Compliance efforts can feel like a challenging endeavor in most organizations. Engineering teams routinely don’t understand how often-confusing requirements will actually make the organization more secure. Sometimes, even the words that define compliance requirements can be hard to comprehend. The entire exercise can feel overwhelming, like being on …
As your organization works to strengthen your security program, two complementary initiatives can help make a major impact: taking advantage of secure cloud platforms, and integrating dynamic intelligence and security operations. We’re emphasizing both of these in the dual-track agenda at our annual Google Cloud Security Summit on …
The cybersecurity landscape is constantly evolving, and staying ahead of the curve requires the power of collective intelligence. mWISE Conference 2024 is your chance to immerse yourself in the latest threat intelligence, cutting-edge tools, and engage with the strategic minds that are shaping the future of cybersecurity. Now in …
Welcome to the second Cloud CISO Perspectives for July 2024. Today, guest columnist Sandra Joyce discusses the complex response needed to secure drinking water systems from cybersecurity risks. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re …
Managing and auditing data access can be very complex at scale, in particular, for a fleet of databases with a myriad of users. Today, we’re launching Identity and Access Management (IAM) group authentication in Cloud SQL for PostgreSQL and Cloud SQL for MySQL, simplifying user management and database …
Google Cloud’s VPC Service Controls can help organizations mitigate the risk of data exfiltration from their Google Cloud managed services. VPC Service Controls (VPC-SC) creates isolation perimeters around cloud resources and networks in Google Cloud, helping you limit access to your sensitive data. Today, we are excited to …
Spanner is Google’s fully managed, globally distributed database with high throughput and virtually unlimited scale. Spanner processes over 4 billion queries per second at peak. With features such as automatic sharding, zero downtime, and strong consistency, Spanner powers demanding, global workloads — not only across customers in financial services …
At Google, we believe the approach to cloud infrastructure should be informed, in part, by understanding the relative “health” of the Internet. Defining and measuring these vital statistics can help proactively and systemically identify and address conditions that make the internet unhealthy, unsafe and insecure. Crucially, they can be …
Generative AI agents introduce immense potential to transform enterprise workspaces. Enterprises from almost every industry are exploring the possibilities of generative AI, adopting AI agents for purposes ranging from internal productivity to customer-facing support. However, while these AI agents can efficiently interact with data already in your databases to …
Security practitioners constantly need to rethink and refine their approaches to defending their organization. Staying ahead requires innovation, continuous improvement, and a mindset shift away from siloed operations into building end-to-end solutions against threats. Today, Google Cloud is excited to announce the launch of the Modern SecOps (MSO) course …
Public sector and government organizations require cloud solutions that can drive innovation and also adhere to strict sovereignty and security requirements. For years, security experts have warned of the risks of government overreliance on singular security controls. To help address public sector and government requirements, we offer Google Distributed …
Welcome to the first Cloud CISO Perspectives for July 2024. Today I’m addressing the important and complex issue of budgets for security teams, a topic I’ve tackled on my personal blog that I’m presenting here for the first time. As with all Cloud CISO Perspectives, the …
Governance of AI has reached a critical milestone in the European Union: The AI Act has been published in the EU’s Official Journal, and will enter into force on August 1. The AI Act is a legal framework that establishes obligations for AI systems based on their potential …
Identity and access management (IAM) can seem like a gentle hill at first. It’s not too difficult to manage, assigning logins and passwords, and granting access control based on a person’s job in an organization. However, that gentle hill can shift as you start to configure IAM …
Organizations rely on data-driven insights to power their business, but maximizing the potential of data comes with the responsibility to handle it securely. This can be a challenge when data growth can easily outpace the ability to manually inspect it, and data sprawl can lead to sensitive data appearing …
Welcome to the second Cloud CISO Perspectives for June 2024. In this update, Taylor Lehmann, director, Office of the CISO, shares remarks he made to the National Security Council this month on the steps Google is taking to help rural healthcare networks become more secure and resilient against cyberattacks …
Encryption is a fundamental control for data security, sovereignty, and privacy in the cloud. While Google Cloud provides default encryption for customer data at rest, many organizations want greater control over their encryption keys that control access to their data. Customer-Managed Encryption Keys (CMEK) can help you by providing …
Welcome to the first Cloud CISO Perspectives for June 2024. In this update, I’m reviewing three of the more promising use cases for AI in cybersecurity. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading …
As artificial intelligence and machine learning workloads become more popular, it's important to secure them with specialized data security measures. Confidential Computing can help protect sensitive data used in ML training to maintain the privacy of user prompts and AI/ML models during inference and enable secure collaboration during …
Identifying and securing internet-facing resources is an essential part of cloud security risk management. Google Cloud offers tools to help you understand risks and add strong access controls to your organization and projects where they are needed. These tools and controls can help mitigate the risks such as the …
As AI continues to change the way we work, security professionals are thinking about how to apply generative AI to help them in their jobs, and how to safeguard the AI systems their organizations are beginning to use. They’re also envisioning new ways to use threat intelligence, sharpen …
Today, we’re pleased to share that Google was named a Leader in The Forrester WaveTM: Cybersecurity Incident Response Services Report, Q2 2024. Forrester identified 14 top vendors in the cybersecurity incident response services space, assessing them on their current offerings, strategy, and market presence. Mandiant, part of Google …
We are continually enhancing Google Cloud’s Identity and Access Management (IAM) capabilities to help our customers strengthen their security posture. To help mitigate the risks associated with excessive privileges and misuses of elevated access, we are excited to announce Google Cloud’s built-in Privileged Access Manager (PAM). Now …