Posts in tag

Security


At Google, we follow a security-first philosophy to make safeguarding our clients’ and users’ data easier and more scalable, with strong security principles built into multiple layers of Google Cloud. In line with this philosophy, we want to make sure that our Container-Optimized OS adheres to industry-standard security best practices. To this end, we released …

Project Thoth pulls together many open source tools to automate program builds with security checks as part of the resolution process. Most cyberattacks take advantage of publicly known vulnerabilities. Many programmers can automate builds using Continuous Integration/Continuous Deployment (CI/CD) or DevOps techniques. But how can we automate the checks for security flaws that turn up …

With Elon Musk purchasing controlling interest in Twitter for $44 billion, the big question now remains, “what is he going to do with it?” Musk already says he wants to take the company private and promote “free speech.” But what does that mean? There is considerable legitimate concern over having one man—and especially one as …

This month marks one year of our Cloud CISO Perspectives Series! Over the past year, we’ve discussed many milestones and challenges across our industry. I’m most proud of the work our collective security teams at Google Cloud are doing everyday to help improve security for our customers and society at large through the cloud. Below, …

Elon Musk has been warned he must protect Twitter users from harmful content after he struck a $44bn deal to buy the social media giant. The billionaire vowed to relax content restrictions, sparking fears from human rights groups it could lead to a rise in bullying and misinformation. “Regardless of ownership, all social media platforms …

The Canadian government’s security guidance for cloud environments outlines a standardized set of security controls to protect data and workloads in the cloud. The security guidance, known as the Security Control Profile for Cloud-based GC Services, also outlines security controls and profiles from a different publication, the IT Security Risk Management: A Lifecycle Approach (ITSG-33). …

Earning the role as our customers’ most trusted cloud requires commitment to ongoing transparency, collaboration and assurance. Our products regularly undergo independent verification, achieving certifications or attestations of compliance against global regulatory requirements, frameworks, and guidelines. At Google Cloud we work closely with our customers, their regulators, and appointed independent auditors who want to verify …

Managed Security Service Providers (MSSPs) can deliver high-value security services for customers, helping to drive efficiencies in security operations across people, product, and processes. In an environment where the threat landscape continues to be challenging, MSSPs can allow customers to scale their security teams driving improved security outcomes. At the same time, MSSPs operating their …

  We published another episode of “VM End to End,” which is a series of curated conversations between a “VM skeptic” and a “VM enthusiast”. Every episode, join Brian, Carter, and a special guest as they explore why VMs are some of Google’s most trusted and reliable offerings, and how VMs benefit companies operating at …

Prior to joining Google Cloud, I spent 20 years in the public sector serving in various security roles, most recently as the head of the cybersecurity division at the newly established Cybersecurity and Infrastructure Security Agency (CISA). I was responsible for delivering services and capabilities to about 100 civilian agencies, as well as our critical …