Security practitioners constantly need to rethink and refine their approaches to defending their organization. Staying ahead requires innovation, continuous improvement, and a mindset shift away from siloed operations into building end-to-end solutions against threats. Today, Google Cloud is excited to announce the launch of the Modern SecOps (MSO) course …
Public sector and government organizations require cloud solutions that can drive innovation and also adhere to strict sovereignty and security requirements. For years, security experts have warned of the risks of government overreliance on singular security controls. To help address public sector and government requirements, we offer Google Distributed …
Welcome to the first Cloud CISO Perspectives for July 2024. Today I’m addressing the important and complex issue of budgets for security teams, a topic I’ve tackled on my personal blog that I’m presenting here for the first time. As with all Cloud CISO Perspectives, the …
Governance of AI has reached a critical milestone in the European Union: The AI Act has been published in the EU’s Official Journal, and will enter into force on August 1. The AI Act is a legal framework that establishes obligations for AI systems based on their potential …
Identity and access management (IAM) can seem like a gentle hill at first. It’s not too difficult to manage, assigning logins and passwords, and granting access control based on a person’s job in an organization. However, that gentle hill can shift as you start to configure IAM …
Organizations rely on data-driven insights to power their business, but maximizing the potential of data comes with the responsibility to handle it securely. This can be a challenge when data growth can easily outpace the ability to manually inspect it, and data sprawl can lead to sensitive data appearing …
Welcome to the second Cloud CISO Perspectives for June 2024. In this update, Taylor Lehmann, director, Office of the CISO, shares remarks he made to the National Security Council this month on the steps Google is taking to help rural healthcare networks become more secure and resilient against cyberattacks …
Encryption is a fundamental control for data security, sovereignty, and privacy in the cloud. While Google Cloud provides default encryption for customer data at rest, many organizations want greater control over their encryption keys that control access to their data. Customer-Managed Encryption Keys (CMEK) can help you by providing …
Welcome to the first Cloud CISO Perspectives for June 2024. In this update, I’m reviewing three of the more promising use cases for AI in cybersecurity. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading …
As artificial intelligence and machine learning workloads become more popular, it's important to secure them with specialized data security measures. Confidential Computing can help protect sensitive data used in ML training to maintain the privacy of user prompts and AI/ML models during inference and enable secure collaboration during …
Identifying and securing internet-facing resources is an essential part of cloud security risk management. Google Cloud offers tools to help you understand risks and add strong access controls to your organization and projects where they are needed. These tools and controls can help mitigate the risks such as the …
As AI continues to change the way we work, security professionals are thinking about how to apply generative AI to help them in their jobs, and how to safeguard the AI systems their organizations are beginning to use. They’re also envisioning new ways to use threat intelligence, sharpen …
Today, we’re pleased to share that Google was named a Leader in The Forrester WaveTM: Cybersecurity Incident Response Services Report, Q2 2024. Forrester identified 14 top vendors in the cybersecurity incident response services space, assessing them on their current offerings, strategy, and market presence. Mandiant, part of Google …
We are continually enhancing Google Cloud’s Identity and Access Management (IAM) capabilities to help our customers strengthen their security posture. To help mitigate the risks associated with excessive privileges and misuses of elevated access, we are excited to announce Google Cloud’s built-in Privileged Access Manager (PAM). Now …
Google Cloud recently achieved a major U.S. government compliance milestone with more than 130 services, including 12 additional Cloud Networking services, approved for FedRAMP High authorization — the strictest standard for protecting the most sensitive unclassified data. To help our customers securely deploy a network architecture that aligns with …
Organizations collect vast amounts of data to create innovative solutions, perform ground breaking research, or optimize their designs. With this comes the responsibility to ensure data is adequately protected to meet regulatory, compliance, contractual or internal security requirements. For organizations that want to move their data warehouses from on-premises …
At Google, we have always believed in the power of choice in how we build and make our technology available to our customers. The power of choice becomes even more critical for organizations to meet constantly evolving digital sovereignty requirements while accelerating and optimizing their move to the cloud …
Welcome to the second Cloud CISO Perspectives for May 2024. In this update, Mandiant founder and outgoing CEO Kevin Mandia shares the highlights from his keynote address at the RSA Conference earlier this month. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the …
At Google Cloud, we've long demonstrated our commitment to responsible AI development and transparency in our work to support safer and more accountable products, earn and keep our customers’ trust, and foster a culture of responsible innovation. We understand that AI comes with complexities and risks, and to ensure …
Google Cloud's commitment to empower federal agencies with advanced technology reached a significant milestone this week with the addition of more than 100 new FedRAMP High authorized cloud services. Customers in the U.S. government and commercial organizations supplying the U.S. government can now use popular Google Cloud …
A Google Cloud incident earlier this month impacted our customer, UniSuper, in Australia. While our first priority was to work with our customer to get them fully operational, soon after the incident started, we publicly acknowledged the incident in a joint statement with the customer. With our customer’s …
The security of the software supply chain is a complex undertaking for modern enterprises. Securing the software supply chain, particularly build artifacts like container images, is a crucial step in enhancing overall security. To provide built-in, centralized visibility into your applications, we are introducing software supply chain security insights …
Welcome to the first Cloud CISO Perspectives for May 2024. In this update, I’ll review my RSA Conference fireside chat with Mandiant CEO Kevin Mandia. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this …
At Google, we’re always evolving our security capabilities and practices to make our cloud the most trusted cloud. As part of this continued effort, Google Cloud’s Identity and Access Management (IAM) recently released even stronger security defaults that can help you bolster the baseline security and control …
We’re excited to share that Gartner has recognized Google as a Visionary in the 2024 Gartner® Magic QuadrantTM for Security Information and Event Management (SIEM). Participating for the first time in the Magic Quadrant for SIEM, we have been positioned as a Visionary because of our powerful search …