Two themes have been resonating for me across the security industry over the last month. The first is a topic from my personal blog that I wrote more than two years ago: Resilience is about Capabilities not Plans. Collectively, organizations have proven their ability to be resilient in light of many disruptive events like a pandemic, natural disasters, and cyber conflicts. Our resilience will only continue to be tested in existing or new ways into the future. Organizations that prioritize testing and re-testing capabilities across their people, process and technology vs. plans alone will continue to be the most resilient.
The next theme is focusing on building secure products, not just security products. As an industry, we can be doing more in this area as recent weaknesses in security products have demonstrated. Security is the cornerstone of Google’s product strategy. We build secure solutions and products that strive to make security easier as well as secure-by-default choices that lead to the security outcomes we want our customers, users and employees to achieve.
Below, I’ll recap the latest updates from the Google Cybersecurity Action Team, industry highlights and upcoming events.
McKinsey Webinar on Security as Code: Next week, I’ll join the McKinsey team for a webinar on Security as Code to break down how the cloud can help make organizations more secure. Ensuring the safe adoption of cloud computing is becoming an increasing priority across the industry, reflecting the benefits that an organization can achieve from digital transformation. Increasingly, the cloud is viewed not as a risk to manage, but a means of managing risk in new, innovative and more substantial ways, while also improving an organization’s security posture. We’ll cover this and more during the webinar. Register here.
Cloud Security Talks: Threat Detection & Response Edition: Earlier this month, we hosted our first Cloud Security Talks of 2022. The sessions covered all things security operations (SecOps) across on-premises, cloud and hybrid environments, highlighted product innovations and updates, and talked about how threat detection, investigation and response fits into our invisible security vision. Check out the on-demand sessions to learn more.
Google Cybersecurity Action Team Highlights
Here are the latest updates, products, services and resources from our cloud security teams this month:
Federated workload identity with Certificate Authority Service (CA Service): To help support our customers’ implementation of zero trust strategies across all their IT environments, we announced that Google Cloud Certificate Authority (CA) Service can issue certificates for workloads reflecting their federated identities, even if the workloads are hosted on-premises or in other clouds. There’s a session in our Q4 2021 Zero Trust Security Talks on this topic that’s available on demand as well.
New threat detection capabilities in Google Chronicle: The Chronicle team released the public preview of context-aware detections designed to create efficiencies for customers’ detection and response journey. Customers can use this contextualization to write better detections, prioritize existing alerts, and drive faster investigations.
Community Security Analytics: As part of our efforts to help customers move toward Autonomic Security Operations, the Google Cybersecurity Action Team announced Community Security Analytics, a set of open-sourced queries and rules designed to help detect common cloud-based threats.
Account Defender in reCAPTCHA Enterprise: Enterprises need tools to help fight online fraud targeting their user accounts and payments. To help, the reCAPTCHA Enterprise team introduced account defender, a new feature built into reCAPTCHA Enterprise that helps businesses determine if an action aligns or deviates from the account owner’s typical behavior.
Chrome’s ongoing efforts to keep enterprises safe: For a long time Chrome has been the first line of defense to protect our employees and users against malicious URLs and content on the web. The security capabilities built into Chrome can help IT administrators strengthen their organization’s posture. Also of note, the new Chrome 2.1 CIS Benchmark covers independent recommendations on which Chrome policies to configure to help support organizations’ security and compliance needs.
Introducing Automatic Certificate Management Environment: We introduced an enhancement of Certificate Manager (in preview) which allows Google Cloud customers to acquire public certificates for their workloads that terminate TLS directly or for their cross-cloud and on-premise workloads. This provides Cloud Customers with a common certificate lifecycle management capability based on ACME without a single point of failure.
In our later healthcare security series post, Taylor Lehmann and Seth Rosenblatt from Google’s Cybersecurity Action Team discuss the value of sustainable visibility mechanisms for cybersecurity teams working in global healthcare organizations to help secure and preserve patient care and safety.
U.S. Public Sector:
Accelerating U.S. government security and compliance implementations: To help accelerate cloud adoption of cloud services, Google Cloud’s Public Sector Professional Services Organization (PSO) offers specialized consulting engagements. These engagements include helping customers on their journey to achieve Agency ATOs for the cloud products and services they use and developing zero trust strategies and architectures to help organizations meet requirements under the Executive Order on Improving the Nation’s Cybersecurity.
Modernizing the U.S. Federal Government’s Approach to Cyber Threat Management with Autonomic Security Operations: The Google Cybersecurity Action Team released its latest whitepaper that details how Google Cloud can help drive federal agencies’ ability to meet the White House cybersecurity analytics requirements of EO 14028 and OMB M-21-31.
Scaling and securing the cloud for defense applications: Read our latest blog post on how our secure cloud access solution built in partnership with Palo Alto Networks is helping Defense Innovation Unit (DIU) users access services in any commercial cloud environment, while performing the required security actions of logging, threat analysis, and session control.
Fortifying Federal Networks: Google Workspace provides security based on zero trust concepts that support the business and operations of government, easy collaboration across teams regardless of location, and seamless access from any endpoint. To help federal agencies navigate implementations, our Work Safer program is available through many partners like Carahsoft.
Cloud and the future of financial markets: Cloud Googlers participated in a fireside chat at FIA Boca 2022 to discuss the future of markets and policy, the new technologies that are already paving the way for greater speed and transparency, and how cloud can help promote greater resiliency, performance, and security in financial markets. The team also published a detailed paper on this topic.
Cloud vendor due diligence services: One way we help our customers scale and accelerate their cloud assessments is by collaborating with third party risk management (TPRM) providers to provide independent due diligence services and platforms to help automate vendor risk management based on the data they collect and provide. By enabling our TPRM assessors to examine the controls present in our infrastructure and operations, they can develop independent and unbiased audit reports that can be shared directly with our customers. We currently work with industry-leading TPRM providers such as CyberGRX, TruSight, and KY3P to deliver high-quality risk assessments for our customers globally. Learn more in this blog post.
Data governance in the cloud: Along with a corporate governance policy and a dedicated team of people, implementing a successful data governance program requires tooling. Google Cloud offers a comprehensive set of tools that enable organizations to manage their data securely, ensure governance, and drive data democratization.
To have our Cloud CISO Perspectives post delivered every month to your inbox, sign-up for our newsletter. We’ll be back next month with more security-related updates.
Cloud BlogRead More