DATA SECURITY

Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations

Cybersecurity Action Team | October 13, 2021

Google Announces Cybersecurity Action Team to Support the Security Transformations of Public and Private Sector Organizations
Google announced the Google Cybersecurity Action Team. Made up of experts from across the company, the Google Cybersecurity Action Team will be the world's premier security advisory team with the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises and small businesses.

To deliver on this mission, the Google Cybersecurity Action Team will provide:

  • Strategic advisory services for customers' security strategies, including transformation workshops and educational content. This function will advise customers on the structure of their digital security transformation and provide program management and professional services support.
  • Trust and compliance services that map our global compliance certifications to industry control frameworks, enabling customers to simplify their compliance journey.
  • Security customer and solutions engineering that deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements, as well as comprehensive solutions for autonomic security operations, cyber resilience and more.
  • Threat intelligence and incident response services, which include threat briefings, preparedness drills, incident support and rapid response engagements to stay on top of the evolving security landscape.

The vision of this team is to guide customers through the cycle of security transformation - from their first transformation roadmap and implementation, through increasing their cyber-resilience preparedness for potential events and incidents, and engineering new solutions as requirements change. This effort will begin within Google Cloud, building on our close partnerships with organizations of all sizes, and will evolve to bring Google security to more organizations as it progresses.

"Cybersecurity is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware, and other attacks. To address these unprecedented security challenges facing organizations in every industry today, we are announcing the creation of the Google Cybersecurity Action Team," said Thomas Kurian, CEO of Google Cloud. "The Google Cybersecurity Action Team is part of our ongoing commitment to be the best partner for our enterprise and government customers along their security transformation journey."

Recent attacks like USAID, Colonial Pipeline, and Solarwinds all speak to a major shift in the needs of threat protection. In August, Google dedicated $10 billion over the next five years to strengthen cybersecurity, including expanding zero trust programs, securing software supply chain frameworks, enhancing open-source security and strengthening the digital security skills of the American workforce. The Google Cybersecurity Action team is one of our efforts under these commitments.

"The Cybersecurity and Infrastructure Security Agency (CISA) recently established the Joint Cyber Defense Collaborative (JCDC). This initiative will unite government and private sector entities to enhance efforts to prevent and respond to malicious cyber activity against the nation's critical infrastructure," said CISA Director Jen Easterly. "It's great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort."

"Google Cloud has been a critical partner in the BBVA security journey, helping us protect our customers' sensitive and proprietary data with modern frameworks like zero trust and secure-by-default products like Google Workspace," said Alvaro Garrido, Chief Security Officer at BBVA. "We look forward to the strategic services and guidance the Google Cybersecurity Action Team will deliver as we continue on our security transformation."

Under the Google Cybersecurity Action Team, Google Cloud will deliver full spectrum security and customer engineering solutions that will help organizations address business and security challenges. These will build on existing offerings like Autonomic Security Operations, which helps businesses transform their organization's Security Operations Center (SOC) and Web App and API Protection, which provides customers a comprehensive solution for protecting against modern internet threats.

Today, Google Cloud announced a new security and resiliency framework that delivers customers a comprehensive security management program with cloud technologies that are aligned to the National Institute of Standards and Technology's Cybersecurity Framework. Additionally, Google also announced its new Work Safer offering, designed to help organizations, their employees, and partners collaborate and communicate securely and privately in today's hybrid work environment. It uniquely brings together the cloud-native, zero-trust solutions of Google Workspace with industry-leading solutions from across Google and its cybersecurity partners, CrowdStrike and Palo Alto Networks.

Customers need a consistent approach to preparing for and defending against cybersecurity  threats,Our comprehensive suite of security solutions delivered through our platform and amplified by the Google Cybersecurity Action Team will help protect organizations against adverse cyber events with capabilities that address industry frameworks and standards.

Phil Venables, Vice President and Chief Information Security Officer at Google Cloud and founder of the Google Cybersecurity Action Team

About Google Cloud
Google Cloud accelerates organizations' ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Spotlight

Arecont Vision leads the way in megapixel video. We are a U.S. corporation with headquarters, R&D, and manufacturing in the Los Angeles, California area. A major area of concern for our customers today is often around cybersecurity.

Spotlight

Arecont Vision leads the way in megapixel video. We are a U.S. corporation with headquarters, R&D, and manufacturing in the Los Angeles, California area. A major area of concern for our customers today is often around cybersecurity.

Related News

Redscan Warns of an Influx of Cyberattacks When Businesses Return to the Office

Redscan | May 27, 2020

Cyber-criminals could be poised to trigger a wave of attacks on businesses when workers return to offices and reconnect to corporate networks. Redscan provided other recommendations to companies to tackle this type of threat, including updating anti-virus signatures, connecting all devices. The cybersecurity firm said organizations need to take action to defend themselves against potential hackers lying dormant on employee devices. Cyber-criminals could be poised to trigger a wave of attacks on businesses when workers return to offices and reconnect to corporate networks, Redscan has warned. As many countries such as the UK prepare to ease COVID-19 lockdown restrictions and allow more people to return to physical workplaces, the cybersecurity firm said organizations need to take action to defend themselves against potential hackers lying dormant on employee devices. There has been a substantial rise in threat activity over recent months, with cyber-criminals looking to exploit the sudden rise in remote working during the pandemic and the resultant lack of protection. In this period, Redscan has observed a surge in activity such as malspam, external scanning attempts to identify weaknesses in the use of remote access tools and account login attempts from unknown locations. It therefore believes there could be an influx of attacks when staff reconnect to company networks after returning to their workplaces, with attackers ready to launch attacks including ransomware across a company network. In order to prevent this situation occurring, Redscan said firms should sanitize all endpoints on the return to the office as well as closely monitor networks for evidence of compromises. Redscan provided other recommendations to companies to tackle this type of threat, including updating anti-virus signatures, connecting all devices to remote networks and educating staff about the latest risks. Learn more: LEVERAGING GREATER SOCIAL ENGAGEMENT FOR IMPROVED CYBER HYGIENE . “During the COVID-19 pandemic there has been a steady stream of organizations reporting cyber-attacks. However, this is only likely to be the tip of the iceberg. Many more organizations are certain to have been targeted without their knowledge.” ~ George Glass, head of threat intelligence Redscan Cybercriminals are taking advantage of the difficult situation at hand. There’s been roughly 6,000 coronavirus or COVID-19 themed domains registered over the past few weeks. These domains are 50% MORE likely to be malicious than other domains. Essentially, cybercriminals register these domains and trick unsuspecting victims into visiting them to download malicious software. People are afraid and uncertain now more than ever, which means they’re easier to trick into downloading information, updates or relief packages. “As employees return to work post-lockdown and connect directly to corporate networks, organizations need to be alert to the possibility that criminals could be lying dormant on employee devices. ” Here are some of the most common ways cybercriminals are leveraging the COVID-19 pandemic to wreak havoc and drain bank accounts: Phishing attacks containing alerts about the virus, information about cases in your area, or details to sign up for local financial benefits – often claiming to be from the CDC, WHO, or other governmental agencies. Phony domains set up to appear as video conferencing software websites, governmental agency websites, and other news and/or information websites offering downloads that contain malware. Alerts via email or text claiming to be purchase orders for masks, sanitizer, and other safety materials and products that have been ordered by the organization the victim works for – requesting a wire transfer for payment. People are working from home with minimal time to prepare in terms of cybersecurity measures to stay safe. People are adopting remote access and cloud-based technologies at an incredible rate around the world. There is currently a whole business around RDP on the underground market and the current situation has amplified this behavior. To stay protected, it is essential to follow best security practices, starting with the basics, such as using strong passwords and patching vulnerabilities. RDP ports are a vital means for many businesses to enable their employees to work from home, as they allow communication with a remote system. RDP ports are often exposed to the internet, which provides opportunities for attackers. With the sudden requirement to have large proportions of their staff working from home, McAfee believes it is likely that many organizations brought these systems online quickly with minimal security checks in place. This led to a growth in attacks against RDP ports as well as an increase in the volume of RDP credentials sold on underground markets. Learn more: NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES .

Read More

NCSC Publishes Diversity in the Cybersecurity report to Improve the Experience and Opportunity in the Industry

Security Magazine | July 30, 2020

The National Cyber Security Centre (NCSC) – a part of GCHQ – and KPMG UK have jointly published the first annual Decrypting Diversity: Diversity and Inclusion in Cyber Security report, which aims to set a benchmark for improving the experiences and opportunities for existing and future staff working in the industry.The report provided a mixed picture, revealing that in some areas minority representation was above average for the country but also highlighting discrimination and a lack of inclusivity across gender, sexual orientation, social mobility and ethnicity. It found that there is more to be done by the industry and in addition to accepting all of the report’s recommendations the NCSC has today committed to publishing specific actions to improve diversity and inclusion within the organisation before the end of the year.

Read More

DATA SECURITY

Elisity to Close $26-Million Round for Cognitive Trust CyberSecurity Platform

Elisity | June 17, 2021

The new platform for behavior and identity-based enterprise cybersecurity, Elisity, Inc., the pioneer of Cognitive Trust™, has announced a Series A funding round totaling $26 million. It is co-led by AllegisCyber Capital and Two Bear Capital. Atlantic Bridge, the previous seed investor, is participating. The present subsidizing will scale Elisity to satisfy customer needs for its cloud-delivered cybersecurity stage that can investigate the identity and context of individuals, applications, and gadgets—including IoT and OT—any place they're working. The platform can comprehend, engage and progressively adjust security from the edge to the cloud by learning conduct to review hazards, consequently and constantly streamline security assurance. Elisity is the principal organization to offer a solitary online protection stage that is adequately astute to see how resources and individuals associate past corporate edges and powerfully adjust security for each client, gadget, information, and application from the edge to the cloud. Elisity's Cognitive Trust stage wires character and AI-driven social insight to ceaselessly evaluate hazard and quickly upgrade access, availability, and security arrangements that follow resources and individuals any place they go. Elisity helps endeavor class associations, everything being equal, and ventures get through the present siloed systems administration and-security bunch difficulties by incorporating resource the board, availability, and security. Three co-founders began Elisity: Burjiz Pithawala, chief product officer; Sundher Narayan, chief architect; and Srinivas Sardar, vice president of engineering, who all previously held leadership roles product development, engineering, and architecture at Cisco. The chief group is driven by James Winebrenner, CEO, who drove the go-to-market procedure for Viptela from pre-dispatch through the deal to Cisco in 2017, having additionally held influential leader positions at Cisco, Aviatrix, and Checkpoint Software. Strategic advisors include security and networking leaders such as Greg Akers (former SVP Advanced Security Research and Governments at Cisco), Khalid Raza (co-founder of Viptela and CEO and founder of Graphient), Brian Long (co-founder and managing partner at Atlantic Bridge and on Elisity's Board of Directors), and Jeff Tantsura (Internet Architecture Board). Spencer Tall and Mike Goguen will join Brian Long on the Elisity board due to today's transaction. About Elisity Elisity understands behaviors and identity to simplify connectivity, asset and user access, and security from the initiative edge to the cloud. Elisity invented the AI-powered Cognitive Trust platform to learn behavior, measure risk enthusiastically, and promptly adapt apparent access policies for people, devices, data, and applications. Elisity is based in San Jose. The company is backed by AllegisCyber Capital, Two Bear Capital, and Atlantic Bridge.

Read More