How effective is security technology at keeping your organization safe? While quantifying the investment return on security technology can be tricky, understanding the ROI of security products is crucial information for organizations to make informed decisions about resource allocation, strategy adjustments, and to get buy-in from financial approvers. With …

Welcome to the first Cloud CISO Perspectives of the year, and the first of our two newsletters for January. Today I’ll be discussing some of the important changes to the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules as outlined by the U.S. Securities and Exchange …

Welcome to the second Cloud CISO Perspectives for December 2023. To close out the year, I’m sharing what attracted the most interest from our security updates this year, and Nick Godfrey from our Office of the CISO presents a selection of forward-looking insights from the Office of the …

Storing credentials in plaintext can make your organization less secure. Risks include exposing your credentials to unauthorized users, including threat actors. Improperly secured credentials can also be collected, propagated, and further exposed in various systems, such as logs or inventory systems. We recommend organizations protect their stored credentials with …

European organizations continue to embrace cloud-based solutions to support their ongoing digital transformation. But the adoption of breakthrough technologies like generative AI and data analytics to drive new innovations will only accelerate if organizations are confident that when they use cloud services their data will remain secure, private, and …

Headline-grabbing security incidents in 2023 have shown that cybersecurity continues to be challenging for organizations around the world, even those with skilled practitioners and state-of-the-art tools. To help prepare you for 2024, we are offering the final installment of this year’s Google Cloud Security Talks on Dec. 19 …

Welcome to the first Cloud CISO Perspectives for December 2023. Today I’ll be providing an update to our cloud security megatrends blog. First published in January 2022, the premise of cloud security megatrends is that there were eight “megatrends” that drive technological innovation. It’s become clear that …

At Google Cloud, we are infusing the power of AI throughout our products and solutions to build AI services that can help all of our users. Duet AI in Google Cloud provides you with AI-powered collaborators to boost your productivity, gain competitive insights, and improve your bottom line. Today …

Managing and auditing data access can be very complex at scale, in particular, for a fleet of databases with a myriad of users. Today, we are introducing IAM group authentication for Cloud SQL. With this launch, you can take advantage of better security, simplify user management and database authentication …

Google Cloud Armor provides our customers with advanced DDoS defense and Web Application Firewall (WAF) capabilities. Today, we’re excited to announce the general availability of Cloud Armor for Regional External Application Load Balancers, which can help create regionally-scoped Cloud Armor security policies. In these policies, rules are evaluated …

Welcome to the second Cloud CISO Perspectives for November 2023. This month, Mandiant Consulting’s Earl Matthews discusses Security Validation, a vital tool that can give CISOs better information for making security decisions, and can help organizations understand their true security posture and risk profile. As with all Cloud …

Welcome to the first Cloud CISO Perspectives for November 2023. Google Cloud has announced multiple collaborations with sector-specific information sharing and analysis centers over the past 18 months, and in my column today I’ll be discussing why these ISACs are valuable partners for Google Cloud and our industry …

Assured Workloads is Google Cloud’s solution that allows our customers to run regulated workloads in many of our global regions without the need for sector-focused isolated regions or infrastructure. It can help our customers address their security and compliance requirements, without compromising on cloud innovations and security capabilities …

This year, Google has seen an increase in the number of vulnerabilities impacting central processing units (CPU) across hardware systems. Two of the most notable of these vulnerabilities were disclosed in August, when Google researchers discovered Downfall ( CVE-2022-40982 ) and Zenbleed ( CVE-2023-20593 ), affecting Intel and AMD CPUs, respectively. This trend …

As remote work remains the norm for many people, organizations continue to seek out solutions to protect corporate data regardless of where employees are located and which devices they use. In particular, monitoring for potential data exposures can be a challenging task when employees or contractors use unmanaged devices …

Google Cloud has a longstanding commitment to partnering with the U.S. government, helping agencies modernize technology systems, and shaping new frontiers in service delivery and mission success. Since establishing Google Public Sector last year, we've witnessed an ever-growing demand for cloud services as agencies leverage AI for critical …

Over the past four years, I’ve traveled the world meeting with current and potential Google Cloud customers and listening to their thoughts about the cloud and its future. It’s my team’s job to turn those thoughts into reality. What I have consistently heard is that while …

Generative artificial intelligence has emerged as a disruptive technology that presents tremendous potential to revolutionize and transform the way we do business. It has the power to unlock opportunities for communities, companies, and countries around the world, bringing meaningful change that could improve billions of lives. The challenge is …

With a growing number of internet users and ever-more services moving online, the security, scam, and fraud landscape is rapidly changing. Governments and the private sector are investing to provide protection for their employees and the end-users of their services. The Government Technology Agency of Singapore and Google Cloud …

The bioeconomy, according to the Congressional Research Service, is “the share of the economy based on products, services, and processes derived from biological resources.” This sector is composed of a complex network of biomedical, bioindustrial, and agricultural domains. Work in this space ranges from biological research, to production and …

Changing the network security perspective In a data center, network security engineers tend to spend the bulk of their time managing individual devices: creating strong passwords and hardening configurations for networking devices and creating firewall rules for each endpoint. Since nothing is physical in the cloud networking world, the …

Software designed to cause harm has been described as a “virus” since the 1970s, and some have described hackers as the “ internet’s immune system.” While analogies framing cybersecurity in healthcare terminology have limits, we have seen over the decades an important and growing connection between cybersecurity and healthcare …

Today, we are thrilled to announce that GKE Enterprise, the premium edition of GKE, will be generally available on November 15, 2023. With GKE Enterprise, companies can increase development and deployment velocity across multiple teams, easily and securely run their most important business-critical workloads, and reduce total cost of …

Organizations within regulated industries must balance cloud benefits with potential security and regulatory concerns. These include strict requirements to audit and control the cloud provider, especially when it comes to accessing the organization’s data and workloads. At Google Cloud, we're focused on providing our customers many ways to …

The threat landscape is rapidly evolving, with data destruction attacks increasingly pervasive and more sophisticated than in years past. Today’s threat actors are constantly identifying new pathways to target data and to limit organizations’ ability to recover from attacks. Backups have long been the solution to rapid recovery …