In every industry, in every part of the world, cybersecurity concerns continue to grow in the wake of attacks on critical infrastructure and the software supply chain. Governments and businesses of all sizes recognize that they must do more to protect their employees, customers and citizens.
But doing more of the same, like putting security band-aids on legacy infrastructure, is no longer helpful or productive. We need an enduring commitment, in products, people and monetary terms, to drive meaningful improvements in our collective security posture. Google recently announced a $10 billion investment to advance the security of governments around the world, and by extension, help enterprises and organizations to do the same.
Over the past year, Google Cloud has been delivering on our vision of Invisible Security for our customers, where capabilities are continuously engineered into both our trusted cloud platform and market-leading products to bring the best of Google’s security to wherever your IT assets are. But being a provider of best-in-class technology is not enough. We want to share our expertise to help organizations with their security transformation and offer even more ways to accelerate these essential improvements. This week, at Google Cloud Next ‘21, we’re sharing the first of what will be many more steps in advancing these efforts.
Introducing our Cybersecurity Action Team
While access to the latest, most advanced security technology is important, the expertise of what it will take to become resilient in the face of today’s risk and threat environment is foundational.
Today, we’re announcing the formation of the Google Cybersecurity Action Team. The Google Cybersecurity Action Team marshals experts from across Google to form what we believe will be the world’s premier security advisory team. It has a singular mission to support the security and digital transformation of governments, critical infrastructure, enterprises and small businesses.
Building on existing security solutions engineering efforts, today the Google Cybersecurity Action Team announced a security and resilience framework that delivers a roadmap for a comprehensive security management program aligned with the National Institute of Standards and Technology’s Cybersecurity Framework using cloud technologies from Google Cloud and our partners.
“Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers’ sensitive and proprietary data with modern frameworks like zero trust and secure-by-default products like Google Workspace,” said Alvaro Garrido, Chief Security Officer at BBVA. “We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation.”
Learn more about the Cybersecurity Action Team here.
Announcing a safer way to work
Bringing you the expertise and hands-on guidance to help with your security transformation is just one valuable step. We recognize that too many organizations can’t wait any longer to begin their modernization efforts – they need a new baseline, and they need it now.
That’s why today, we’re announcing the launch of our Google Work Safer offering, designed to help organizations, their employees, and partners collaborate and communicate securely and privately in today’s hybrid work environment. Work Safer provides companies with access to best-in-class security for email, meetings, messages, documents, and more. It uniquely brings together the cloud-native, zero-trust solutions of Google Workspace with BeyondCorp Enterprise for secure access with integrated threat and data protection. For customers who want secure devices, Work Safer includes Pixel phones managed with Android Enterprise, Chrome Enterprise Upgrade, and HP Chromebooks. Customers can also leverage Google’s Titan Security Keys for account protection, reCAPTCHA Enterprise for website fraud prevention, Chronicle for security analytics, and a variety of migration services for a seamless transition.
The program is designed to meet the needs of all organizations, including small businesses, enterprises and public sector institutions, many of which are reliant on legacy technology and often lack expertise to fully address rising security challenges associated with hybrid work. To learn more, visit our Work Safer homepage.
Advancing our trusted cloud with new security capabilities
Above all, security has been and continues to be the cornerstone of our product strategy. There are three critical areas where Google Cloud’s capabilities can make a meaningful difference for any business’ or government’s digital security transformation:
At Next’ 21, we’re introducing new security products and partnerships that will enable you to:
- Protect your employees with new zero trust access capabilities: We’re delivering new features that expand the surface area for our zero trust access solution, BeyondCorp Enterprise, to cover all your apps – both modern and legacy. The new client connector, now in preview, enables identity and context-aware access to non-web applications running in Google Cloud and non-Google Cloud environments. We are also making it easier for admins to diagnose access failure, triage events, and unblock users with the new Policy Troubleshooter feature. You can learn more about both of these new enhancements in the live BeyondCorp Enterprise demo on October 13.
- Improve your detection and response capabilities: We announced a new collaboration with Cybereason for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. The combination of these capabilities delivers a cloud-native XDR solution, Cybereason XDR powered by Chronicle, that automates prevention for common attacks, guides analysts through security operations and incident response, and enables threat hunting with precision at a pace never before achieved. We are also deepening the integration between Chronicle and Security Command Center (SCC) on GCP. New integrations in preview centralize alerts and investigative workflows across the two platforms, and enable threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities.
- Automate and bolster protection of your sensitive data: Automatic DLP, now in preview, is a prime example of how we are making Invisible Security a reality. It’s a game-changing capability that discovers and classifies sensitive data for all the BigQuery projects across your entire organization without you needing to do a single thing. We’re also introducing Ubiquitous Data Encryption, a solution which combines our generally available Confidential Computing, External Key Management, and Cloud Storage products to seamlessly encrypt data as it’s sent to the cloud. Using your External Key Management solution, data can now only be decrypted and run in a confidential VM environment, greatly limiting potential exposure.
- Protect your IP and implement a zero trust software supply chain: Today, we’re building on our zero trust software supply chain with new launches. Cloud Build is SLSA Level -1 compliant by default, with scripted builds and available provenance. With the new Build Integrity feature, Cloud Build automatically generates a verifiable build manifest that includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. Additionally, Binary Authorization’s integration with Cloud Build makes it easy to set up deploy-time constraints. You can also now easily pair Binary Authorization with Cloud Run to ensure only trusted images make it to production. These integrations are now generally available.
- Protect your users and brand: We recently announced the preview of Cloud Armor Bot Management, which integrates Cloud Armor and reCAPTCHA Enterprise. You can enable protection without any server-side changes to your applications, and because detection and enforcement happens in-line, at the edge of Google’s network, you can mitigate threats before they have a chance to impact your applications, whether they run on GCP, on premise, or in a hybrid or multicloud deployment.
- Ensure secure collaboration: Today, Google Workspace is also introducing new security features. Client-side encryption for Google Meet, in beta, gives customers direct control of encryption keys and the identity service used to access keys. Data Loss Prevention (DLP) for Google Chat, in beta, helps prevent sensitive information from leaking outside of your organization. Check out the blog post from Google Workspace to learn more.
As we head into three days of great content and engagements from our security and technology teams across Google Cloud at Next ‘21, we want to leave you with this: You are not alone on your security journey. Our goal is to ensure that every day, you are making your organization safer because you have partnered with us. Please make sure to watch our security experts, customers, and partners in our track sessions to go deep on the topics and products that matter most to you.
By: Phil Venables (VP/CISO, Google Cloud) and Sunil Potti (VP/GM, Google Cloud Security)
Source: Google Cloud Blog