June 17, 2024


Welcome to September’s Cloud CISO Views. This month, we’re specializing in Google Cloud’s acquisition of Mandiant and what it means for us and the broader cybersecurity group. Mandiant has lengthy been acknowledged as a frontrunner in dynamic cyber protection, menace intelligence, and incident response providers. As I clarify under, integrating their know-how and intelligence with Google Cloud’s will assist enhance our potential to cease threats and to modernize the general state of safety operations quicker than ever earlier than. 

As with all Cloud CISO Views, the contents of this article will proceed to be posted to the Google Cloud weblog. In the event you’re studying this on the web site and also you’d prefer to obtain the e-mail model, you’ll be able to subscribe right here.

Why Mandiant issues

Cybersecurity is shifting by way of a tumultuous interval of development, change, and modernization as small organizations, world enterprises, and full industries transfer to the cloud. Their digital transformations are a chance to do safety higher and extra effectively than earlier than. 

At Google Cloud, we imagine that our trade ought to evolve past protection methods and incident response strategies that, in some instances, predate the extensive availability of broadband Web. Our acquisition of Mandiant solely underscores how essential this perception is to how we work with our clients, placing their safety first.   

Mandiant has been a frontrunner in incident response and menace intelligence for nicely over a decade. In my expertise, they have been on the forefront in coping with all main developments of threats, menace actors, and landmark occasions within the trade. We have now no intention of fixing this – their experience and capabilities will likely be much more amplified inside Google Cloud. 

Actually, we see this as a terrific alternative to mix what we’re each good at in the case of safety operations. Google Cloud already has wonderful SIEM and SOAR capabilities with Chronicle and Siemplify. With Mandiant, we’re in a position to present extra menace intelligence and incident response capabilities than ever earlier than. On the finish of the day, this can be a pure and complementary mixture of services.

We hope to guide the trade in the direction of a democratization of safety operations that focuses on “workflows, personnel, and underlying applied sciences to realize an autonomic state of existence,” as Google Cloud CEO Thomas Kurian mentioned. And as Mandiant CEO and founder Kevin Mandia wrote, defending good folks from unhealthy is what that is all about. “We may also help organizations discover and validate potential safety points earlier than they develop into an incident,” he mentioned.

Mandiant additionally embraces our shared destiny imaginative and prescient, the place we’re actively concerned within the outcomes of our clients. We need to work with clients the place they’re, and assist them obtain higher outcomes at each part of their safety lifecycle. From constructing safe infrastructure, to understanding and defending towards new threats, to reacting to safety incidents, we need to be there for our clients – and so does Mandiant.

Mandiant is the biggest acquisition ever at Google Cloud, and the second-largest in Google historical past. As cybercriminals proceed to use new and outdated vulnerabilities — see final month’s column for extra on that — bringing Mandiant on as a part of Google Cloud solely underscores how essential efficient cybersecurity has develop into. 

Coming in October: Google Cloud Subsequent and Mandiant Mwise

Our huge annual person convention Google Cloud Subsequent ‘22 is simply across the nook, and it’s going to be an unbelievable three days of reports, conversations, and hopefully greater than just a little inspiration. For present cloud clients and people amongst you who’re cloud-curious, safety is a foundational component in the whole lot we do at Google Cloud and will likely be ever-present at Subsequent.

From October 11 – 13, you’ll have the ability to dive into the most recent cloud tech improvements, hear from Google specialists and leaders, study what your friends are as much as, and even strive new expertise out within the lab classes. You possibly can learn extra in regards to the classes for additional particulars, and enroll right here

The next week, Mandiant hosts its inaugural mWISE convention from October 18 – 20. This vendor-neutral convention is a should for SecOps leaders and safety analysts, which is able to carry collectively cybersecurity leaders to remodel information into collective motion within the struggle towards persistent and evolving cyber threats. You possibly can learn extra in regards to the classes for additional particulars, and enroll right here

Google Cybersecurity Motion Staff highlights

Listed below are the most recent updates, merchandise, providers and assets from our safety groups this month: 


  • Finest Saved Safety Secrets and techniques: Group Coverage Service: Our Group Coverage Service is a highly-configurable set of platform guardrails for safety groups to set broad but unbendable limits for engineers earlier than they begin working. Study extra

  • Customized Group Coverage involves GKE: Generally, predefined insurance policies aren’t a precise match for what a company needs to perform. Now in Preview, the Customized Group Coverage for GKE can outline and tailor insurance policies to their group’s distinctive wants. Learn extra.

  • What makes our safety particular: Our reflections 1 yr after becoming a member of OCISO: Google Cloud’s Workplace of the CISO Taylor Lehmann and David Stone replicate on their first yr serving to clients be safer at Google Cloud. Learn extra.

  • Easy methods to use Google Cloud to search out and shield PII: Google Skilled Companies has developed an answer utilizing Google Cloud Information Loss Prevention to examine and classify delicate information, after which apply these insights to robotically tag and shield information in BigQuery tables. Learn extra.

  • Introducing Workforce Identification Federation, a brand new solution to handle Google Cloud entry: This new Google Cloud Identification and Entry Administration (IAM) function can quickly onboard workforce person identities from exterior id suppliers and supply direct safe entry to Google Cloud providers and assets. Study extra.

  • Three new options come to Google Cloud Firewall: Firewalls present one of many primary constructing blocks for a safe cloud infrastructure, and three new options are actually usually obtainable: World Community Firewall Insurance policies, Regional Community Firewall Insurance policies, and IAM-governed Tags. Right here’s what they do

  • New methods BeyondCorp Enterprise can shield company functions: Following our announcement with Jamf Professional for MacOS earlier this yr, we’re excited to announce a brand new BeyondCorp Enterprise integration: Microsoft Intune, now obtainable in Preview. Learn extra.

  • Join Gateway and ArgoCD: Integrating your ArgoCD deployment with Join Gateway and Workload Identification supplies a seamless path to deploy to Kubernetes on many platforms. ArgoCD can simply be configured to centrally handle varied cluster platforms together with GKE clusters, Anthos clusters, and lots of extra. Learn extra

  • Architecting for database encryption on Google Cloud: Study safety design issues and the way to speed up your resolution making when migrating or constructing databases with the assorted encryption choices supported on Google Cloud. Learn extra.

  • Introducing fine-grained entry management for Cloud Spanner: As Google Cloud’s absolutely managed relational database, Cloud Spanner powers functions of all sizes. Now in Preview, Spanner will get fine-grained entry management for extra nuanced IAM choices. Learn extra.

  • Constructing a safe CI/CD pipeline utilizing Google Cloud built-in providers: On this submit, we present the way to create a safe software program supply pipeline that builds a pattern Node.js software as a container picture and deploys it on GKE clusters. Learn extra.

  • Introducing deployment verification to Google Cloud Deploy: Deployment verification may also help builders and operators orchestrate and execute post-deployment testing with out having to undertake a extra intensive testing integration, reminiscent of with Cloud Deploy notifications or manually testing. Learn extra.

Business updates

  • The 2022 Speed up State of DevOps Report: Our eighth annual deep dive into the state of DevOps finds broad adoption of rising safety practices, particularly amongst high-trust, low-blame cultures centered on efficiency. Learn the complete report.

Compliance & Controls

  • Evolving our information processing commitments for Google Cloud and Google Workspace: We’re happy to announce that now we have up to date and merged our information processing phrases for Google Cloud, Google Workspace, and Cloud Identification into one mixed Cloud Information Processing Addendum. Learn extra.

  • Information governance constructing blocks for monetary providers: How does information governance for monetary providers correspond to Google Cloud providers and past? Right here we suggest an structure able to supporting all the information lifecycle, primarily based on our expertise implementing information governance options with world-class monetary providers organizations. Learn extra.

  • Replace on regulatory developments and Google Cloud: As a part of our dedication to be essentially the most trusted cloud, we proceed to pursue world trade requirements, frameworks, and codes of conduct that sort out our clients’ foundational want for a documented baseline of addressable necessities. Right here’s a abstract of our efforts over the previous a number of months. Learn extra.

Google Cloud Safety Podcasts

We launched a brand new weekly podcast specializing in Cloud Safety in February 2021. Hosts Anton Chuvakin and Timothy Peacock chat with cybersecurity specialists about crucial and difficult subjects dealing with the trade in the present day. This month, they mentioned:

  • All the pieces you wished to learn about securing AI (however had been afraid to ask): What threats does synthetic intelligence face? What are one of the best methods to strategy these threats? What do we all know thus far about what works to safe AI? Hear solutions to those questions and extra with Alex Polyakov, CEO of Adversa.ai. Hear right here.

  • Inside reCAPTCHA’s magic: Extra than simply “click on on buses,” right here’s how reCAPTCHA truly protects folks, with Badr Salmi, product supervisor for reCAPTCHA. Hear right here

  • SRE explains the way to deploy safety at scale: The artwork of Web site Reliability Engineering has loads to show safety groups about protected and speedy deployment, with our personal Steve McGhee, reliability advocate at Google Cloud. Hear right here.

  • An XDR skeptic discusses all issues XDR with Dimitri McKay, principal safety strategist at Splunk. Hear right here.

To have our Cloud CISO Views submit delivered each month to your inbox, join our publication. We’ll be again subsequent month with extra security-related updates.


Source link