Google Cloud, a distant third-place player in the public cloud market, is trying to become a one-stop shop for security with potential market-shifting acquisitions and internal product development.
For Sunil Potti, Google Cloud VP and GM, these efforts will invigorate its standing among enterprises facing serious security threats, from software supply chain attacks to enterprising new threat actors.
Google’s security push also garners new points of comparison with its largest cloud competitors, Microsoft and Amazon Web Services (AWS). Microsoft in particular has inked close ties with the security community with a layered set of tools for specific needs and its instrumental role in helping companies respond and recover from major attacks.
Security is an enabler and differentiator for Google Cloud, Potti said during a press briefing last week preceding the Google Cloud Security Summit. Google’s January 2022 acquisition of Siemplify for security orchestration, automation and response (SOAR), and its $5.4 billion agreement to acquire Mandiant for incident response are “about ensuring that customers can leverage Google as a standalone security brand,” he said.
Google has stressed the importance of security for years but its capabilities have been limited and not enterprise ready in some critical areas such as telemetry and the offerings it's adding via acquisition, said Forrester Analyst Allie Mellen. The company’s making some big improvements to change that, she said.
The agreement to acquire Mandiant is a “big deal for the security talent they’re going to have in house,” Mellen said. “That is a major, major acquisition for them that could have a huge effect on the way that they build security products for the future and the way that they approach the market.”
Philip Bues, research manager for cloud security at IDC, echoed the major opportunity that Mandiant presents to Google. “If Google can pair Mandiant’s threat intelligence with its current artificial intelligence capabilities, the combination could and should be a game changer for proactive threat defenses,” he wrote in an email.
The company’s acquisitions paired with innovations in workload protection and the formation of the Google Cybersecurity Action Team create an environment wherein “Google can be referred to as a standalone security vendor,” Bues said.
Google is not alone or a market leader in that effort.
Microsoft remains “a powerhouse in the security space” with products and resources that are having a big impact on the market, Mellen said. The company has strong, broad-based offerings and a large enterprise footprint, which it uses in aggressive licensing schemes to encourage IT professionals to adopt its security technology alongside core business products, she added.
Google will “undoubtedly have a more comprehensive offering than they had before. The question is whether or not it's going to be able to directly compete with what we're seeing from Microsoft,” Mellen said.
Google steers resources to boost security
The influx of adversaries committing cybercrime on multiple fronts and nation states imposing stricter regulatory requirements and data sovereignty standards presents Google with a unique opportunity to step up its game, according to Potti.
To that end, Google is institutionalizing zero-trust architectures, striving to get ahead of problems in the digital supply chain and seeking out solutions for the talent vacuum, he added.
Efforts to secure the open source software supply chain have reached prominence at the highest levels of the technology industry and government. Major companies, including Amazon, Google and Microsoft earlier this month pledged to invest an initial $30 million to make open source software more secure.
Google followed that up by unveiling the Assured Open Source Software (OSS) service, which packages the same workflows its developers rely on to strengthen and validate the open source software supply chain.
This summer, as a preview for enterprises and government agencies, the company will make available continuous testing, remediation and a deeper level of standard-code analysis.
Google said it also continuously applies fuzzing, a form of automated software testing, to 550 of the most commonly-used open source projects, a process that has resulted in the discovery of at least 36,000 vulnerabilities as of January 2022.
Google claims to be the first company to release open source software security as a product, but there are specialized tools spanning the market targeting different components of open source software.
Google also introduced BeyondCorp Enterprise Essentials to help organizations implement zero-trust architecture in third-party clouds, client applications and the Chrome browser. This includes an app connector that extends capabilities to other cloud platforms such as AWS and Microsoft Azure, and a client connector that brings zero-trust access to client apps hosted on premises or in other clouds.
In the footsteps of Microsoft
Google isn’t the first or only major cloud company vying to become a ringleader in security by, in part, releasing services to support the other cloud giants. Microsoft recently extended its Defender for Cloud security solution to Google Cloud, making the cloud-agnostic solution natively support workloads, devices and digital identities, whether a customer uses Azure or not.
Bues backs up Google’s position as an early leader in zero trust networking environments and notes the company has made significant contributions in open source, including the 2014 release of Kubernetes.
“Understanding the challenges of vetting, updating and maintaining open source, the continued innovation in [open source security] with Assured OSS is a continuation of the longstanding commitment Google has had to open source and the developer community,” Bues said.
Google will also integrate data-loss prevention, malware and phishing protection and URL filtering in the Chrome browser as part of its zero-trust architecture push.
Google also introduced Security Foundation, a service that provides blueprints and guidance followed by the Google Cloud Cybersecurity Action Team to help organizations validate configurations and overcome some challenges presented by the cybersecurity talent shortage.
“Cybersecurity has become every organization's singular biggest risk today, as well as possibly going forward,” Potti said.
Security remains a top challenge for every organization and the risk is growing, he added. Software supply chain attacks, according to Google, surged 650% and at least 600 threat actors and hundreds of new malware families have emerged during the last year.