Search the Community

Welcome to the first Cloud CISO Perspectives for April 2024. In this update, we'll give a list of some of the major announcements of security products and security enhancements to Google Cloud. There's an even longer list here. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here. --Phil Venables, VP, TI Security & CISO, Google Cloud aside_block <ListValue: [StructValue([('title', 'Get vital CISO Insights with Google Cloud'), ('body', <wagtail.rich_text.RichText object at 0x3e18d75ffac0>), ('btn_text', 'Visit the hub'), ('href', 'https://cloud.google.com/solutions/security/leaders'), ('image', <GAEImage: GCAT-replacement-logo-A>)])]> 20 major security announcements from Next ‘24By Phil Venables, VP, TI Security & CISO, Google Cloud We held our annual Google Cloud Next conference earlier this month, and from the start of our opening keynote we highlighted how AI is transforming the way that companies work, our incredible customer momentum, and of course our exciting product news — 218 announcements in total. You can check out a recap of the keynote here. We made significant announcements in powering Google Cloud with Gemini and powering the next generation of AI startups with Google Cloud; and improvements to database management, workload-optimized infrastructure, and application development. Phil Venables, VP, TI Security & CISO, Google Cloud We also focused heavily on our work to advance secure products and security products, by making Google part of your security team anywhere you operate, with defenses supercharged by AI. As we said at Next ‘24, what organizations need are security essentials that can “bring simplicity, streamline operations, and enhance efficiency and effectiveness.” At Google Cloud, we’d of course like for all organizations to choose us as their security provider, but we are far more comprehensive than just what we bring to market. We recognize that 92% of organizations that use at least one cloud provider actually employ a multicloud approach. Our solution is to focus on securing Google Cloud customers — and their entire environment. I’ve split the list of 20 of our major security announcements from Next ‘24 into those focused on Gemini for Security, which further empowers defenders to identify and mitigate risk. Gemini in Security Operations, a new assisted investigation feature, generally available at the end of this month, that guides analysts through their workflow in Chronicle Enterprise and Chronicle Enterprise Plus. You now can ask Gemini for the latest threat intelligence from Mandiant directly in-line — including any indicators of compromise found in their environment.Gemini in Threat Intelligence, in public preview, allows you to tap into Mandiant’s frontline threat intelligence using conversational search. Further, VirusTotal now automatically ingests OSINT reports, which Gemini summarizes directly in the platform; generally available now.Gemini in Security Command Center, which now lets security teams search for threats and other security events using natural language in preview, and provides summaries of critical- and high-priority misconfiguration and vulnerability alerts, and summarizes attack paths.Gemini Cloud Assist also helps with security tasks with IAM Recommendations, which can provide straightforward, contextual recommendations to remove roles from over-permissioned users or service accounts; Key Insights, which can help during encryption key creation based on its understanding of your data, your encryption preferences, and your compliance needs; and Confidential Computing Insights, which can recommend options for adding confidential computing protection to sensitive workloads based on your data and your compute usage. We recognize that 92% of organizations that use at least one cloud provider actually employ a multicloud approach. Our solution is to focus on securing Google Cloud customers — and their entire environment. Additional security announcements include: The new Chrome Enterprise Premium, now generally available, combines the popular browser with Google threat and data protection, Zero Trust access controls, enterprise policy controls, and security insights and reporting.Applied threat intelligence in Google Security Operations, now generally available, automatically applies global threat visibility and applies it to each customer’s unique environment.Security Command Center Enterprise is now generally available and includes Mandiant Hunt, now in preview.Introducing Isolator: Enabling secure multi-party collaboration with healthcare data.Confidential Computing, a vital solution for data security and confidentiality, now offers Confidential Accelerators for AI workloads, as well as an expanded portfolio of hardware options, support for data migrations, and additional partnerships.Identity and Access Management Privileged Access Manager (PAM), now available in preview, provides just-in-time, time-bound, and approval-based access elevations.Identity and Access Management Principal Access Boundary (PAB) is a new, identity-centered control now in preview that enforces restrictions on IAM principals.Cloud Next-Gen Firewall (NGFW) Enterprise is now generally available, including threat protection from Palo Alto Networks.Cloud Armor Enterprise is now generally available and offers a pay-as-you-go model that includes advanced network DDoS protection, web application firewall capabilities, network edge policy, adaptive protection, and threat intelligence.Sensitive Data Protection integration with Cloud SQL is now generally available, and is deeply integrated into the Security Command Center Enterprise risk engine.Key management with Autokey is now in preview, simplifying the creation and management of customer encryption keys (CMEK).Bare metal HSM deployments in PCI-compliant facilities are now available in more regions.Regional Controls for Assured Workloads is now in preview and is available in 32 cloud regions in 14 countries.Audit Manager automates control verification with proof of compliance for workloads and data on Google Cloud, and is in preview.Advanced API Security, part of Apigee API Management, now offers shadow API detection in preview.We expanded data residency guarantees for data stored at-rest for Gemini, Imagen, and Embeddings APIs on Vertex AI to 11 new countries: Australia, Brazil, Finland, Hong Kong, India, Israel, Italy, Poland, Spain, Switzerland, and Taiwan.To learn more about how your organization can benefit from our announcements at Next ‘24, you can contact us at Ask Office of the CISO and stay tuned for our announcements next month at RSA Conference in San Francisco. aside_block <ListValue: [StructValue([('title', 'Join the Google Cloud CISO Community'), ('body', <wagtail.rich_text.RichText object at 0x3e18d75ffb20>), ('btn_text', 'Learn more'), ('href', 'https://rsvp.withgoogle.com/events/ciso-community-interest?utm_source=cgc-blog&utm_medium=blog&utm_campaign=2024-cloud-ciso-newsletter-events-ref&utm_content=-&utm_term=-'), ('image', <GAEImage: GCAT-replacement-logo-A>)])]> In case you missed itHere are the latest updates, products, services, and resources from our security teams so far this month: Trends on zero days exploited in the wild in 2023: The first joint zero-day report from Mandiant and Google’s Threat Analysis Group shows that 97 zero-day vulnerabilities were exploited in 2023, a big increase over the 62 zero-day vulnerabilities identified in 2022 but still fewer than 2021's peak of 106 zero days. Read more.Boosting data cyber-resilience for your Cloud Storage data with object retention lock: The new object retention lock for Cloud Storage makes it easier to meet regulatory standards, strengthen security, and improve data protection. Read more.Google Cloud offers new cybersecurity training to unlock job opportunities: Google Cloud is on a mission to help everyone build the skills they need for in-demand cloud jobs. We're excited to announce new learning opportunities that will help you gain these in-demand skills through new courses and certificates in AI, data analytics, and cybersecurity. Read more.Google Public DNS’s approach to fight against cache poisoning attacks: We look at DNS cache poisoning attacks, and how Google Public DNS addresses the risks associated with them. Read more.Please visit the Google Cloud blog for more security stories published this month. Threat Intelligence newsCyber threats linked to Russian businessman Prigozhin persist after his death: Mandiant has tracked and reported on covert information operations and threat activity linked to Prigozhin for years. We examine a sample of Prigozhin-linked campaigns to better understand their outcomes so far, and provide an overview of what can be expected from these activity sets in the future. Read more.Ivanti Connect Secure VPN post-exploitation lateral movement case studies: Our investigations into widespread Ivanti zero-day exploitation have continued. In this post, we catalog some of the different types of activity that Mandiant has observed on vulnerable Ivanti Connect Secure appliances. Read more.SeeSeeYouExec: Windows session hijacking via CcmExec: The security community has witnessed an uptick in System Center Configuration Manager (SCCM)-related attacks. Mandiant's Red Team has utilized SCCM technology to perform novel attacks against mature clients, and released a tool to facilitate the technique. Read more.Apache XML Security for C++ Library allows for server-side request forgery: We identified a default configuration in an Apache library that could lead to server-side request forgery, which is being actively exploited, and provided recommendations and a patch to help defend against it. Read more. Now hear this: Google Cloud Security and Mandiant podcastsHow SecLM enhances security and what teams can do with it: Take a trip around Google Cloud’s security-trained model SecLM as Cloud Security podcast hosts Anton Chuvakin and Tim Peacock hear all about it from Google Cloud Security’s Umesh Shankar, distinguished engineer and chief technologist, and Scott Coull, head of data science research. Listen here.How Google Cloud defends against abuse: From stolen credit cards to fake accounts, Maria Riaz, Google Cloud’s counter-abuse engineering lead, discusses with Anton and Tim what “counter-abuse” is, how Google Cloud stops abuse, and the skill set needed to do so. Listen here.What’s so spiffy about SPIFFE: Modern cloud tech has made IAM, Zero Trust, and security (relatively) easy. Evan Gilman and Eli Nesterov, co-founders of Spirl, tell Anton and Tim why workload identity is important to cloud security, and how it differs from network micro-segmentation. Listen here.To have our Cloud CISO Perspectives post delivered twice a month to your inbox, sign up for our newsletter. We’ll be back in two weeks with more security-related updates from Google Cloud. View the full article

Welcome to February’s Cloud CISO Perspectives. This month, we’re going to take a look at one of the most important issues our industry faces right now: securing the software supply chain. At Google Cloud, we’ve been heavily invested in creating a layered approach to software supply chain security, which I talk about in my column below. But first, I want to acknowledge that it has been one year since Russia invaded Ukraine. In addition to the immeasurable impact on the lives across the region, this also marks the first time that cyber operations have played such a prominent role in a world conflict. There were more cyberattacks against Ukraine from January to April than there had been in the entire eight years preceding the invasion. We’ve reflected on this further in “The Fog of War,” a new report by Google’s Threat Analysis Group (TAG) and Mandiant. It was also a primary topic of discussion at the Munich Cyber Security Conference, where policymakers, business leaders, and technology experts discussed how the role of transformational technologies can help build more resilient cyber defenses. We’re continuing to provide support for the Ukrainian government and aid organizations before, during, and after security events. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here. SBOM+SLSA = Safer software As the complexity of today’s software has increased, and the role it plays in businesses become even more vital than before, so too has securing the software supply chain grown more important. Google has pledged $10 billion to advancing cybersecurity, and we are committed to protect key open source components that are vital to our public infrastructure and organizations around the world. While high-profile security incidents such as SolarWinds and Log4j have helped convince government and business leaders of the importance of securing the software supply chain, there is still much work to be done. aside_block [StructValue([(u'title', u'Hear monthly from our Cloud CISO in your inbox'), (u'body', <wagtail.wagtailcore.rich_text.RichText object at 0x3eb9adabcc50>), (u'btn_text', u'Subscribe today'), (u'href', u'https://go.chronicle.security/cloudciso-newsletter-signup?utm_source=cgc-blog&utm_medium=blog&utm_campaign=FY23-Cloud-CISO-Perspectives-newsletter-blog-embed-CTA&utm_content=-&utm_term=-'), (u'image', <GAEImage: gcat small.jpg>)])] Securing the software we depend on is a key priority for defenders and something Google is committed to helping organizations do. At Google Cloud, we strongly believe that using a software bill of materials (SBOM) in conjunction with our open-source Supply chain Levels for Software Artifacts (SLSA) framework can create a more secure and more resilient software supply chain ecosystem. An SBOM will tell you what’s in the software, and if there are any publicly-disclosed vulnerabilities that you need to update. Those are important, but that still leaves the supply chain at risk of exploitation: An SBOM won’t tell you if the software was produced with security and integrity in mind. In the case of SolarWinds, having an SBOM wouldn’t have helped stop the attack or detect the breach earlier because the attack vector relied on rogue software implanted through a software build system compromise. To know that you can trust the software, you also need to understand how the organization that produced the software is controlled. Nearly a decade in development, the SLSA framework can help you analyze end-to-end software supply chain risk. It creates a set of incremental, enforceable security guidelines that automatically create auditable metadata. It’s a verifiable way to assure consumers that the software they use hasn’t been tampered with. Organizations need to know what is in the software and have the ability to assess the integrity of how the software is built. Combining SBOM and SLSA creates the framework needed to answer this. As public cloud providers apply SBOM and SLSA to their own software supply chains, their customers will automatically benefit from the improved security. We have also been working on products so organizations can utilize these frameworks in their software development processes. Our Software Delivery Shield solution, announced at Google Cloud Next in October 2022, is a fully-managed software supply chain security solution with a modular set of capabilities to help developers, DevOps, and security teams build secure applications. It supports organizations at different stages of software development maturity, so they can tailor the solution to their specific needs and security priorities. We also have our Assured Open Source Software (OSS) service that can help development teams incorporate the same OSS packages that Google uses into their developer workflows. The software curated by the Assured OSS service is regularly scanned for vulnerabilities, updated, and tested by Google, is verifiably signed by Google, and is SLSA compliant. I’ve spoken at length about how at Google Cloud we believe in a shared fate approach to security. While that’s true for identifying security responsibilities with our customers, it’s also true for how we approach industry-wide problems such as securing the software supply chain. Software developers and security leaders can come together to make software more resilient against cyberattacks to continue to build global trust in technology. In case you missed it Here are the latest updates, products, services, and resources from our security teams this month: Join our quarterly Security Talks on March 22: Our quarterly digital event Google Cloud Security Talks explores the latest security products, trends, and innovations coming from our cybersecurity leaders and practitioners. In our first session of the year, we combine several short discussions on topics including modernizing your security operations and building security into your cloud transformation journey with a deep dive on the latest threat intel trends from our Mandiant research teams. Register now. Security takeaways from our report on Russian cyber operations against Ukraine: As a new Google report demonstrates, organizations are at risk from the types of attacker activities that Russia has been using against Ukraine. Executive leaders who understand these threats are better positioned to help their organization reduce risk. Here's why. Security Leaders Survival Guide: How to tell if your team is on the right path: Digital transformations can be a difficult exercise, with concerns or requirements for data compatibility, sovereignty, resiliency, and security all playing a role. For the third blog in this series, we offer cloud security advice for financial services security leaders. Read more. Health-ISAC and Google Cloud partner to build more resilient healthcare: Working with the Health-ISAC Threat Operations Center, Google Cloud security engineers have connected the Health-ISAC Indicator Threat Sharing (HITS) feed directly to our Chronicle Security Operations information and event management. HITS allows Health-ISAC members to easily connect and quickly share threat intelligence through machine-to-machine automation. Read more. Black History Month: Celebrating the success of Black founders with Google Cloud: F8th: Vivene Salmon Gagné, co-founder and chief legal officer for cybersecurity startup F8th, talks about how Google Cloud helped F8th grow and develop its behavioral biometric algorithms. Read more. Vroom! Google Cloud joins Catena-X to help car makers build a sovereign data ecosystem: Google Cloud brings to the Catena-X Automotive Network Association secure and sovereign data management, data analytics, cloud-first integration of advanced AI technologies, and open source efforts to help create a shared service ecosystem. Read more. How Google Cloud Armor helps Broadcom block DDoS Attacks: As Broadcom migrated its enterprise security solution infrastructure from Amazon Web Services to Google Cloud, defending the environment’s network security infrastructure remained a top priority. Here’s how we helped Broadcom protect against DDoS attacks. Read more. Three steps to protect your software supply chain today: A new paper from Google Cloud analyzes recent high-profile software supply chain attacks and recommends three actions your organization can take to better protect your software supply chain. Read more. The top five global data and AI trends in 2023: Global organizations have increased customer trust and productivity by improving how they discover, classify, and manage their structured and unstructured data. Our 2023 Data and AI Trends report can help security leaders and teams learn more about why knowing your data is vital to your organization. Read more. Google Cloud security tips, tricks, and updates Mandiant now supports Attack Surface Management for Google Cloud: How do adversaries see your network? You can see what they see with Mandiant Attack Surface Management for Google Cloud, which can enable customers to centralize visibility into cloud-hosted external assets. Read more. Confidential GKE Nodes now available on Compute Optimized C2D VMs: Organizations which rely on Google Kubernetes Engine can enhance the security of GKE clusters or node pools, which includes keeping data encrypted in memory with dedicated keys generated and managed by the processor. Read more. Harden Kubernetes clusters, monitor workload compliance at scale: Evaluate your new and existing applications for PCI DSS compliance with Google Cloud’s Policy Controller, which enables the enforcement of fully programmable policies for your clusters. Read more. New Google Cloud Firewall capabilities now available: Our unique, fully-distributed architectural approach to firewalls is a scalable, built-in service with advanced protection capabilities that can help strengthen and simplify your security posture, and implement Zero Trust networking, for cloud workloads. Here's how to get started. How to integrate Cloud SQL for PostgreSQL or MySQL in your authentication flow: Hardening a complex application is a challenge, especially for applications that include multiple layers with different authentication schemes. With our new Integrated IAM authentication capability, customers can leverage end-to-end authentication for their applications and while applying our robust auditing capabilities. Read more. How to secure Cloud Run deployments with least privilege access: With Cloud Run, developers can quickly deploy production web apps and APIs on a serverless environment running on top of Google Cloud. Here’s how to improve Cloud Run security by applying the principle of least privilege to inbound and outbound scenarios. Read more. How to use Anthos to improve governance and security for platforms and apps: Anthos is our secure container application platform that runs on premises and in the cloud, with integrated and easy-to-operationalize security features connected to a centralized control plane in the Google Cloud. It can be used to implement security policies across distributed platforms and applications. Learn how. Document AI Workbench can train document extraction models for production use cases: AI for security is not just about anomaly and malware detection: It can have huge benefits for workflow and productivity enhancements. Read more. Compliance and Controls How Google Cloud is preparing for NIS2 and supporting a stronger European cyber ecosystem: To help combat the threat of online data theft, the EU passed the Network and Information Security Directive 2.0 (NIS2), which outlines new security requirements for companies operating in critical sectors. Google Cloud is committed to ensuring that our cloud platform and security tools support the highest standard of compliance. Read more. Introducing Google Workspace security guidance to address Canadian data security requirements: New security guidance can help Canadian government agencies introduce Google Workspace tools while adhering to Canadian government compliance standards. Read more. Google Cloud Security Podcasts We launched a weekly podcast focusing on Cloud Security in February 2021. Hosts Anton Chuvakin and Timothy Peacock chat with cybersecurity experts about the most important and challenging topics facing the industry today. This month, they discussed: How Google does vulnerability management: Vulnerability prioritization, impact assessment, vulnerability management processes unique to Google, and the vital metrics it all gets measured by are the hot topics discussed with Ana Oprea, the European lead for our Vulnerability Coordination Center. Listen here. Hunting in the clouds: Threat hunting lessons, learned the hard way: From defining what it means to hunt threats online to what threat detection specialists can learn from threat hunters, we dive deep into this often-misunderstood world with John Stoner, principal security strategist, Google Cloud. Listen here. How Google Cloud secures its usage at massive scale: Security team, secure thyself. How does Google Cloud secure its own massive, diverse use of its own resources? Karan Dwivedi, security engineering manager for enterprise infrastructure protection explains how we do what we do for you, for ourselves. Listen here. High-velocity detection, high-complexity response: Tim and Anton argue a lot about what kind of detection is best: fully bespoke and homemade or scalable off-the-shelf. David Seidman, head of detection and response at Robinhood, helps them settle that debate and others including: What matters more, detection skills or cloud skills? What’s most effective to focus on when building a team? And what are your favorite telemetry data sources for detection in the cloud? Listen here. To have our Cloud CISO Perspectives post delivered every month to your inbox, sign up for our newsletter. We’ll be back next month with more security-related updates.

Welcome to December’s Cloud CISO Perspectives. This month, we’re going to look back at the most important security lessons of 2022 with my colleagues in our Office of the CISO and on the Google Cybersecurity Action Team. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here. How lessons from 2022 can guide us in the new year Like a puzzle whose pieces kept changing shape, 2022 was the year that cloud security sharply reflected the increasing sophistication of the cloud ecosystem. While I talked at the beginning of the year about eight security megatrends that are creating a flywheel of innovation and development, we also spent the year working through some of the opportunities that come with those vital megatrends – such as the integration of multicloud and hybrid cloud, the nuanced and layered challenges of supply chain security, and the heterogeneous landscape of organizations taking on cloud transformations. aside_block [StructValue([(u'title', u'Hear monthly from our Cloud CISO in your inbox'), (u'body', <wagtail.wagtailcore.rich_text.RichText object at 0x3edb511e20d0>), (u'btn_text', u'Subscribe today'), (u'href', u'https://go.chronicle.security/cloudciso-newsletter-signup'), (u'image', None)])] I'd like to share takeaways from seven of our Office of the CISO experts at Google Cloud on their 2022 lessons learned that will inform their decisions in the months ahead. DEI is a must-have, not a nice-to-have Nick Godfrey, senior director Godfrey focused on several important issues, including that diversity, equality, and inclusion is vital to solving the talent shortage and improving the overall efficacy of cybersecurity technology. “Multicloud security is not a sideshow, but actually the main event. All large businesses are having to deal with this and it is proving challenging for many organizations,” he said. “Technology is not the problem, but rather organization and operations… [and] diversity is critical. [The focus should be on] organization, operation, and technology (OOT) not technology, operation, and organization (TOO) if you want to transform security.” Raising awareness about risk Alicja Cade, financial services director Cade said that the financial services industry (FSI) also worries about how to fill empty cybersecurity roles, but the education and awareness of cloud needs to happen across the business to enable digital transformation. “Financial services institutions need to better understand their risk landscape,” she said. “Not surprisingly, they are very concerned about developing a more nuanced model of the risks of cloud technology. They need to recognize the relevant scenarios they face and they need to be fluent in playbooks on cloud service provider-related operational incidents.” Quality and security are the new power couple Taylor Lehmann, healthcare and life sciences director Lehmann said that security outcomes have an increasingly important and direct impact on safety, quality, and reliability of systems. “Forward-thinking security leaders are beginning to see a more clear linkage between product quality and the impact security plays. Quality and security are increasingly viewed as synonymous, and ensuring that quality management processes integrate security are crucial, especially in healthcare and manufacturing, to ensure outcomes meet regulations and keep customers safe.” Two areas that Lehmann said need additional attention are supply chains and Zero Trust. Supply chain security, he said, is “one of the most important business disciplines” to focus on. “We've seen issues in this space for a while, but 'solving' for supply chain security requires cooperation across engineering, procurement, compliance, and security to be successful. This isn’t just a security problem, and it isn’t something for the CISO alone to fix.” Meanwhile, he believes that achieving a Zero Trust posture is getting easier, “but we're still working to help customers understand that this is a journey, not solved overnight and certainly not something you can simply just go buy and be done with. Start now, insist new initiatives start with a ‘Zero Trust first’ model for granting access, and get a plan in place to migrate over the next few years.” Know your customer (and their needs) Anton Chuvakin, senior staff security consultant Chuvakin pointed to ongoing efforts to meet customers “where they are” to help them grow more. “We learned that many organizations are still learning the cloud, and think of cloud security in very on-premise ways.” For Chuvakin, part of that transformational thinking means solving thorny, inscrutable problems such as data security modernization and Security Operations Center automation. “Organizations love our Autonomic Security Operations vision for SOCs, yet they are not confident they can get there on their own. We need to guide them more gently and with more detailed guidance.” Successful security teams help successful transformations David Stone, solutions consultant Stone said that the most successful business transformations are at organizations which go all-in on security best practices. “Forward-thinking leaders who adopt a cloud-first strategy with their partners are often positioned to better manage the risks. These are the teams that are seeing the greatest benefits in 10x their security departments, as indicated by this year’s DORA report,” he said. “The top need in 2023 is to continue fostering a great security team and look after your security talent to ensure a successful transformation.” Leaning into open source Bill Reid, solutions consultant Reid agreed that securing the software supply chain is “a concern,” rooted in the basics of writing secure software, from threat modeling to hardened build processes. Security professionals need to work more with developers to help transform the way that software is built, and Google Cloud has an important role to play in that regard. “The work we are doing with the open-source software community and Assured Open Source Software, Software Bill of Materials and the Supply-chain Levels for Software Artifacts (SLSA) framework, and Software Delivery Shield is unlike what I have seen elsewhere,” Reid said. There is a better way Bob Mechler, telecommunications, media, and entertainment director Mechler highlighted that many organizations are still struggling with risk management. “Some customers still see cloud as yet ‘another risk to be managed’ as opposed to ‘a better way to manage risk’,” he said. This underscores the importance of the need for better communication from cloud service providers about how organizations should pursue their digital transformations. In case you missed it Here are the latest updates, products, services, and resources from our security teams this month: Why diversity is a cybersecurity imperative for GCAT: Diverse threats call for diverse teams, says MK Palmore, director at Google Cloud’s Office of the CISO, and a more diverse, equitable, and inclusive cybersecurity workforce will be better able to solve security’s toughest problems. Read more. How SolarWinds still affects supply chain threats, two years later: Mandiant experts detail the lessons that the SolarWinds supply chain security incident continues to teach security teams and leaders. Read more. Report: 5 steps to help make your software supply chain more secure: We need a more holistic approach to strengthen defenses against software supply chain attacks, and frameworks such as SLSA are helpful in securing the software supply chain, concludes a new Google Cloud report. These findings come with 5 recommended actions for security teams to take. Read more. Security Talks on today’s toughest SOC challenges — and more: If you missed December’s Google Cloud Security Talks, you can still catch up with the conversation. How to modernize your SOC, how to deploy secure code without trust, and fighting mobile fraud were all part of the discussions. Read more. Overcoming objections and unblocking the road to Zero Trust: Tim Knudsen, director of Zero Trust for Google Cloud Security, talks with Jess Burn, senior analyst at Forrester, about common challenges CISOs face when planning their Zero Trust journeys. Read more. Google’s virtual desktop of the future: Did you know that most Google employees rely on virtual desktops to get their work done? Learn the history of virtual desktops and the security benefits Google has seen from their implementation. Read more. Build your API security strategy on these 4 pillars: A new Google Cloud report explores API security insights and trends, and offers recommendations on how to create an effective API security strategy. Read more. IT predictions from Google Cloud experts: As part of an ongoing series, we present three Google Cloud expert takes on what’s coming for cloud security in the next few years. Take a look at what we see in the crystal ball for open-source software curation, why multicloud is an important phase for cloud providers, and why the majority of SecOps workloads will be automated by 2025. How Google’s secure enterprise browsing can help your organization: Securing enterprise web browsing is vital to the security posture and requirements of many organizations. Google Chrome, which is used by billions of people, is at the forefront of that evolution. Here’s four ways we can help you. Read more. Google Chrome’s year in review: 2022 was a busy year for the Chrome team, and they added and expanded a robust list of security and usability capabilities to help organizations stay even more secure in the browser. Read more. Google Cloud security tips, tricks, and updates Google Cloud Trust Update: December 2022: As part of our commitment to be the most trusted cloud, we continue to pursue global industry standards, frameworks, and codes of conduct that tackle our customers’ foundational need for a documented baseline of addressable requirements. Here’s a summary of our efforts over the past several months: Read more. How we validated the security controls of Confidential Space: Confidential Space, our new solution that allows you to control access to your sensitive data and securely collaborate in ways not previously possible, is now available in Preview. Here’s some of its security properties. Read more. Everything you wanted to know about building reliable infrastructure (and now you don’t have to ask): Reliable infrastructure is a critical requirement for workloads in the cloud, and this guide on building reliable infrastructure with Google Cloud has the answers you need, from the nitty-gritty on zones and regions to helping you conduct broad reliability assessments. Read more. Low-latency fraud detection with Cloud Bigtable: Learn how to build a low-latency, real-time fraud detection system that scales seamlessly by using Bigtable for user attributes, transaction history and machine learning features. Read more. Audit GKE Clusters across your organization: Keeping an eye on cluster configuration is an important task. Here’s how to run GKE Policy Automation in a serverless way. Read more. Implementing IAM access control as code with HashiCorp Terraform: Digital transformation requires security transformation, and Identity and Access Management (IAM) can be used as the first line of defense in your Google Cloud security strategy. Here’s how to use it with HashiCorp Terraform. Read more. 4 new Active Assist features can help automate idle resource management: Several new capabilities that can help you make idle project remediation a part of your company’s day-to-day operations and culture land in Unattended Project Recommender. Here’s what you need to know. Read more. Protect your educational institution with Security Command Center: Academic institutions are becoming more susceptible to security breaches in the ever-expanding ecosystem of IT services. Here’s how our Security Command Center can help. Read more. How to reduce microservices complexity: Learn how you can use Apigee and Anthos Service Mesh to help standardize and secure your microservices. Read more. Compliance & Controls Announcing support for Impact Level 5 (IL5) workloads: Google Cloud is proud to announce our Department of Defense Impact Level 5 (IL5) provisional authorization (PA) for several Google Cloud services — an important milestone that enables us to support additional workloads for U.S. public sector customers. Read more. ANZ Bank turns to Apigee to execute a secure and compliant API strategy: One of Australia’s top four banks and the largest bank in New Zealand by market capitalization, ANZ Bank chooses Google Cloud Apigee to deliver mission-critical compliance requirements, as well as strong ease of use, feature-completeness, and support for multiple coding languages. Read more. Reporting Google Cloud logs to CISA’s National Cybersecurity Protection System: Here’s our guidance for how agencies can collect, enrich, and report logs to CISA in alignment with the telemetry cycles described in the NCPS Cloud Interface Reference Architecture program documentation. Read more. Google Cloud Security Podcasts We launched a weekly podcast focusing on Cloud Security in February 2021. Hosts Anton Chuvakin and Timothy Peacock chat with cybersecurity experts about the most important and challenging topics facing the industry today. This month, they discussed: Sunil Potti on building cloud security at Google: Sunil Potti, general manager and vice president of security at Google Cloud, goes deep on the mindset shift from building security because we think security is good to building security as a business. We talk about invisible security, and the debate between secure products and security products. Listen here. Cloud threat detection lessons from a CISO: Jim Higgins, CISO at Snap and formerly the CISO at Square, discusses how he prioritizes between on-premise resources and cloud resources, how he scales teams, processes, and technology for Snap’s cloud footprint, and his views on detecting threats in the cloud. Listen here. Accelerate State of DevOps Report and software supply chain security: How security, developers, and DevOps should come together to respond quickly to new vulnerabilities, and what we learned from this year’s DORA report, with John Speed Meyers, security data scientist at Chainguard, and Google’s Todd Kulesza, user experience researcher. Listen here. To have our Cloud CISO Perspectives post delivered every month to your inbox, sign up for our newsletter. We’ll be back next month with more security-related updates.