Cloud data breaches in the enterprise have skyrocketed in the last year — a worrying trend that’s led to the emergence of a host of new tools and services to help better secure that environment; as well as a major mobilization among cloud service providers to launch more specific tech to address the gap. Today comes the latest development on that front: Google Cloud is announcing a wide slate of security products and services, covering areas like supply chains; digital sovereignty; secure collaboration environments in the cloud; and a new security operations product. Announced at the company’s Google Cloud Next event, above all Google’s aim is to win over business by putting cybersecurity front and center for end users that are prioitizing it, too, and using it to guide their procurement strategies.
Below is a walk through the bigger announcements:
Software Delivery Shield is a new product Google Cloud is launching specifically to address supply chain security — ensuring that you are not picking up or passing on malware or other potentially harmful data as work is processed through a series of partners that do not normally work within the same computing environment. This is an emerging area that I’d say has definitely been on the rise with the arrival of “digital transformation” and an increasing number of organizations doing business in the cloud. Google presents this as a fully managed solution aimed at developers, DevOps and security teams that works within GKE, Cloud Code, Cloud Build, Cloud Deploy, Artifact Registry and Binary Authorization. It’s an area that has been covered also by a number of startups, including Endor, Chainguard, Phylum, Valence and many others. One point these will continue to have over Google is the fact that they have the scope (and potentially trust) to do an adequate job in hybrid and multi-cloud environments from multiple vendors.
While the supply-chain security product appears to have been built in house, Google Cloud is taking a different approach with another security launch, this one focused on digital sovereignty. Here it is working with more than 20 different software companies to build out a new “Sovereign Solutions” initiative: Aiven, Broadcom (Symantec), Cloud Software Group (Citrix), Climate Engine, Commvault, Confluent, Datadog, DataIKU, Dell Technologies, Elastic, Fortinet, Gitlab, Iron Mountain, LumApps, MongoDB, NetApp, OpenText, Palo Alto Networks, Pega Systems, Siemens, SUSE, Thales, Thought Machine, Veeam, and VMware are among them. It’s also adding integrations with companies like ForgeRock, JumpCloud, Okta, and Ping Identity to improve sign-on flows.
The idea here is that a number of Google’s existing and potential customers are already using one or a combination of these companies, and so this is about integrating those solutions more deeply into Google’s cloud platform so that these companies can work more seamlessly (and of course adopt more Google Cloud products, now knowing that they can be used with their existing identity management and other protocols). The push to work with multiple providers is practical on another level: these are the apps that are used by companies to let them localize operations better for specific regions and use cases and users, so Google has to accommodate that to work with them on the bigger prize of winning more business overall.
Confidential space, meanwhile, is a new product that Google is launching as part of its Confidential Computing initiative, a push to build and provide more secure environments for those collaborating in the cloud and exchanging data as part of that process, by letting them keep that data constantly encrypted and secure.
This has been a very interesting area and aspect of the cybersecurity market in the last several years, raising lots of questions about how anonymized data can be in, for example, machine learning models that are trained specifically to figure out and shape identities out of sparse amounts of information. Approaches using cutting-edge algorithms and concepts like homomorphic encryption aim to bypass that issue by treating the data itself as salient, wrapped packages, and this is, not in so many words, what Google Cloud is also has been attempting to build here, starting with Confidential Virtual Machines (VMs) back in 2020, which kept data encrypted even while it was being processed. Today, this may be a priority only for a small segment of organizations that handle especially sensitive information; but judging by the evolution of data privacy and data protection, it is increasingly, and likely, going to become a more prominent aspect of the data protection regulatory environment, and therefore for a wider range of companies, too.
The last of the big security announcements at Google Cloud Next focuses on SecOps, specifically the expansion of its Chronicle Security Operations software suite, a cloud-native platform for cyber teams to monitor, detect, investigate and respond to cyberthreats “with the speed, scale, and intelligence of Google.” It’s another well-worn cybersecurity area that a number of startups have identified and built solutions to address over the years, and indeed that is precisely what Google tapped to build this product: Mandiant, which it acquired earlier this year for a whopping $5.4 billion, forms a cornerstone of Chronicle; as does Siemplify, another acquisition from earlier this year. Chronicle existed prior to today’s news; now Google’s bringing these different products together under that brand to strengthen the product and positioning of it.