Google has announced a dedicated cyber security advisory unit made up of experts drawn from across the company, tasked with supporting government bodies, critical national infrastructure (CNI) owners and operators, and other enterprises both large and small in matters of security strategy and digital transformation.
Announced at the firm’s Google Cloud Next event, and dubbed the Google Cybersecurity Action Team, the unit will offer strategic advisory services, including workshops and training content; trust and compliance services to map Google’s global compliance certifications to industry control frameworks; security customer and solutions engineering to deliver and deploy Google Cloud products safely and in line with regulatory requirements; and threat intelligence and incident response services.
Google said the team’s vision was to “guide customers through the cycle of security transformation”, from soup to nuts, beginning with laying out transformation roadmaps and implementation, through increasing cyber resilience preparedness and engineering new solutions as security requirements evolve.
Its efforts will begin in the Google Cloud ecosystem, building on Google’s established partnerships, and the organisation hopes it will evolve to bring Google security to more users as time goes by.
“Cyber security is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware and other attacks,” said Thomas Kurian, CEO of Google Cloud.
“To address these unprecedented security challenges facing organisations in every industry today, we are announcing the creation of the Google Cybersecurity Action Team,” he said.
“The Google Cybersecurity Action Team is part of our ongoing commitment to be the best partner for our enterprise and government customers along their security transformation journey.”
Protecting customer data
Google customer Alvaro Garrido, chief information security officer of BBVA, a financial services provider, said: “Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers’ sensitive and proprietary data with modern frameworks like zero-trust and secure-by-default products like Google Workspace.
“We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation,” he said.
With high-profile cyber attacks becoming too frequent to count, and governments increasingly taking action when victims include government agencies and CNI operators, Google has already committed a $10bn tranche of funding to various cyber initiatives, including building zero-trust programmes, securing the software supply chain and enhancing security skills. Its latest initiative has already attracted the interest of government security agencies.
“The Cybersecurity and Infrastructure Security Agency (CISA) recently established the Joint Cyber Defense Collaborative (JCDC). This initiative will unite government and private sector entities to enhance efforts to prevent and respond to malicious cyber activity against the nation’s critical infrastructure,” said Jen Easterly, director of CISA, the US government’s equivalent to the UK’s own National Cyber Security Centre.
“It’s great to see a large company like Google Cloud orient itself to support the cyber security of all organisations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort,” she said.
At the same time, Google has announced a new Work Safer offering, which it says will help organisations, their employees and partners collaborate and communicate securely in hybrid work environments. The service marries cloud-native, zero-trust solutions from Google Workspace with cyber input from across Google and security supplier partners CrowdStrike and Palo Alto Networks.
The CrowdStrike partnership also sees Google Cloud sign up to a new CrowdStrike extended detection and response (XDR) alliance that brings together multiple partners, including Extrahop, Mimecast, Okta, Proofpoint and Zscaler among others.
“Through our strategic partnership and integration of Google Chronicle with the CrowdStrike Falcon platform, we deliver customers defence-in-depth security, comprehensive visibility and workload protection at scale across hybrid cloud environments,” said Sunil Potti, vice-president and general manager of Google Cloud Security.
“We are excited to join the CrowdXDR Alliance today to expand on this partnership and bring joint customers an enriched XDR experience that combines a scalable cloud-based analytics solution in Chronicle with the leader in endpoint protection.”