Tag: CISO

CISO Official Blog May 5, 2025

Cloud CISO Perspectives: Data-driven insights into AI and cybersecurity - The article discusses the current state of AI in cybersecurity, focusing on both its use by attackers and defenders. It highlights that while attackers are using AI for productivity gains in existing attack phases, they haven't yet developed fundamentally new AI-driven attacks. On the defense side, AI is enabling increased efficiency in areas like malware analysis, vulnerability research, and incident response, leading to improved security outcomes.

CISO Official Blog Security April 21, 2025

Cloud CISO Perspectives: 27 security announcements at Next ‘25 - A recap of security updates from Next ‘25.

CISO Official Blog April 7, 2025

Cloud CISO Perspectives: How digital sovereignty builds better borders for the future - This article explains three pillars on Google Cloud's approach to digital sovereignty: data sovereignty, operational sovereignty, and software sovereignty.

CISO Official Blog March 24, 2025

Cloud CISO Perspectives: 5 tips for secure AI success - Google Cloud CISO Phil Venables and Royal Hansen, VP of Engineering for Privacy, Safety, and Security, discuss how new AI Protection capabilities in Security Command Center fit in with Google Cloud's overall approach to securing AI. They offer five tips to help organizations ensure secure AI success: implement strong AI governance, use good data, control access, address inherited vulnerabilities, and mitigate internal AI tool risks.

CISO Official Blog Security Feb. 24, 2025

Cloud CISO Perspectives: New AI, cybercrime reports underscore need for security best practices - Stephanie Kiel, head of cloud security policy, discusses the misuse of AI and cybercrime, emphasizing the need for organizations to prioritize security best practices. The newsletter also highlights two new research reports on adversarial misuse of Gemini and AI capabilities, as well as recommendations for policymakers on confronting financially-motivated cybercrime.

CISO Official Blog Feb. 3, 2025

Cloud CISO Perspectives: How cloud security can adapt to today’s ransomware threats - Cloud security strategies in 2025 should prioritize protecting against data exfiltration and identity access abuse. Threat actors have made stealing data and exploiting weaknesses in identity security top targets. Google’s Threat Horizons Report provides cloud security professionals with a deeper understanding of the threats they face and actionable risk mitigations.

CISO Official Blog Jan. 20, 2025

Cloud CISO Perspectives: Talk cyber in business terms to win allies - How to communicate cyber security to C-suite and boardrooms.

CISO Official Blog Dec. 30, 2024

Cloud CISO Perspectives: From gen AI to threat intelligence: 2024 in review - Google Cloud CISO Phil Venables shares the top security updates from 2024, including advancements in AI, threat intelligence, and security operations.

CISO Official Blog Dec. 16, 2024

Cloud CISO Perspectives: Our 2025 Cybersecurity Forecast report - Google Cloud’s Cloud CISO Perspectives report for 2025 predicts that AI will continue to evolve rapidly, with attackers increasingly using it for sophisticated phishing, vishing, and social engineering attacks. Cyber-espionage and cybercrime actors will use deepfakes for identity theft, fraud, and bypassing know-your-customer (KYC) security requirements. Generative AI will also be used by defenders to bolster security operations, with AI tools supporting human awareness and ingenuity.

CISO Official Blog Dec. 2, 2024

Cloud CISO Perspectives: To end ransomware scourge, start with more reporting — not blocking cyber-insurance - In this month's Cloud CISO Perspectives, Monica Shokrai and Kimberly Goody discuss the role of cyber-insurance in combating ransomware. They argue that mandatory reporting of ransomware payments could be more effective than banning cyber-insurance coverage for ransomware. They also highlight the importance of adopting secure by design and default technologies, such as those developed by Google Cloud, to reduce the risk of ransomware attacks.

CISO Official Blog Nov. 18, 2024

Cloud CISO Perspectives: The high security cost of legacy tech - Google Cloud’s CISO and senior director of product management for Google Workspace discuss the high security costs of legacy technology. Legacy tech increases business and security risks, with 81% of organizations experiencing at least one security incident per year. Adopting modern technology can eliminate entire classes of threats and improve business outcomes. Customer examples of Trellix, the city of Dearborn, and Humana illustrate the benefits of modernizing.

CISO Official Blog Security Nov. 4, 2024

Cloud CISO Perspectives: 10 ways to make cyber-physical systems more resilient - The most recent CISO newsltter goes through the list of 10 “leading indicators” presented in the President’s Council of Advisors on Science and Technology (PCAST) report on cyber-physical resilience to better help organizations develop their cyber-physical resilience.

CISO Official Blog Oct. 21, 2024

Cloud CISO Perspectives: AI vendors should share vulnerability research. Here’s why - Google Cloud CISO Phil Venables discusses the importance of AI vendors sharing vulnerability research to enhance security standards and foster collaboration in the AI industry. He emphasizes the need for transparency, open discussions, and collective efforts to address AI vulnerabilities and ensure the security of AI systems and applications. Venables highlights Google's commitment to AI security research and encourages developers to normalize sharing AI security research to collectively work towards a future where AI is secure by default.

CISO Official Blog Sept. 30, 2024

Cloud CISO Perspectives: How CISOs can work with cloud providers to improve incident response - Google Cloud’s Vinod D’Souza and Chris Cornillie discuss the vital role that CISOs play in working with cloud providers to improve their organization’s incident preparedness. They emphasize the importance of shared fate, regular testing of disaster recovery systems and incident response playbooks, understanding service level agreements (SLAs), setting up customer account-recovery processes and out-of-band communication channels, and harnessing threat intelligence for preparedness and response.

CISO Official Blog Sept. 23, 2024

Cloud CISO Perspectives: The high value of cross-industry communication - Taking a look at how GCP initiatives to drive cybersecurity collaboration across industries, regulators and governments, IT consortia, and researchers and universities can help make everyone safer online.

CISO Event Official Blog Sept. 2, 2024

Cloud CISO Perspectives: What you’re missing when you miss out on mWISE Conference - Google Cloud’s VP/GM SecOps, Peter Bailey, discusses the upcoming Mandiant Worldwide Information Security Exchange (mWISE) Conference in Denver, Colorado, on September 18-19. mWISE is an annual cybersecurity and knowledge-sharing conference that brings together security leaders and practitioners to share expertise and best practices.

CISO Official Blog Security Aug. 19, 2024

Cloud CISO Perspectives: Why we need to get ready for PQC - Post-quantum cryptography (PQC) is a cryptographic system that is designed to be secure against attacks from quantum computers. Quantum computers are a new type of computer that uses quantum mechanics to solve complex mathematical problems that can stump today's computers. If powerful enough, quantum computers could potentially crack the codes, or encryption, that protect our online communications and sensitive data.

CISO Official Blog Aug. 5, 2024

Cloud CISO Perspectives: Why water security can’t wait - In this edition of Cloud CISO Perspectives, Sandra Joyce, VP of Google Threat Intelligence, discusses the urgent need to prioritize water security in the face of increasing cybersecurity risks. She highlights recent incidents involving Russian hackers disrupting a water facility in Texas and the targeting of U.S. water and wastewater treatment systems by hackers from China and Iran.

CISO Official Blog July 22, 2024

Cloud CISO Perspectives: How to think about security budgets - In this newsletter, Google Cloud's VP of TI Security and CISO, Phil Venables, discusses the importance of security budgets and how CISOs can partner with their CIOs and CTOs to advocate for a properly-sized budget.

CISO Official Blog Security July 1, 2024

Cloud CISO Perspectives: How Google is helping to improve rural healthcare cybersecurity - Google is committed to improving rural healthcare cybersecurity. They are providing secure-by-design technologies, information sharing on threats, and putting their security tools in the hands of hospitals and healthcare organizations. Additionally, they are investing in cybersecurity education and training to grow the cybersecurity workforce.

CISO Official Blog Security June 24, 2024

Cloud CISO Perspectives: 3 promising AI use cases for cybersecurity - Google Cloud CISO Phil Venables discusses three promising use cases for AI in cybersecurity: malware analysis, boosting security operations (SecOps) teams, and scaling security solutions. AI can automate malware analysis, generate summarized reports, and identify indicators of compromise. It can assist SecOps teams by enabling natural language queries, generating AI-generated summaries, and helping onboard new team members. AI can also improve fuzzing coverage, help patch vulnerabilities, and provide a sequence of stacked benefits to enhance productivity.

CISO Official Blog Security June 3, 2024

Cloud CISO Perspectives: What the past year tells us about our cybersecurity future - The past year in cybersecurity has been marked by several trends, including fewer consequences for threat actors, accelerated offensive innovation by attackers, and the evolution of ransomware from data theft to extortion and potentially even harassment. Boards of directors are also engaging more in cybersecurity, and private enterprises and public organizations are cooperating more to advance security practices. Defenders are detecting attacks sooner, and more organizations are finding attackers on their systems on their own. However, attackers are also innovating, using living-off-the-land techniques, developing custom malware, and targeting consumer and local infrastructure.

CISO Official Blog Security May 20, 2024

Cloud CISO Perspectives: What you missed at Phil and Kevin’s RSA Conference fireside chat

CISO Official Blog Security May 6, 2024

Cloud CISO Perspectives: Tour the new Security Command Center Enterprise

CISO Official Blog Security April 22, 2024

Cloud CISO Perspectives: 20 major security announcements from Next ‘24 - A list of some of the major announcements of security products and security enhancements to Google Cloud.

CISO Official Blog April 1, 2024

Cloud CISO Perspectives: Get ready for Next ‘24: What you need to know

CISO Official Blog Security March 18, 2024

Cloud CISO Perspectives: Easing the psychological burden of leadership

CISO Official Blog Security Feb. 19, 2024

Cloud CISO Perspectives: Guidance from our latest Threat Horizons report - Cloud CISO Perspectives for February 2024.

CISO Official Blog Feb. 5, 2024

Cloud CISO Perspectives: Executive lessons from our response to Reptar

CISO Official Blog Jan. 29, 2024

Cloud CISO Perspectives: How new SEC rules can help business leaders

CISO Official Blog Dec. 18, 2023

Cloud CISO Perspectives: How the AI megatrend can help manage threats, reduce toil, and scale talent

CISO Official Blog Security Dec. 3, 2023

Cloud CISO Perspectives: How security validations can help organizations stay secure - This month, Mandiant Consulting’s Earl Matthews discusses Security Validation, a vital tool that can give CISOs better information for making security decisions, and can help organizations understand their true security posture and risk profile.

CISO Official Blog Nov. 20, 2023

Cloud CISO Perspectives: Why ISACs are valuable security partners - Google Cloud has announced multiple collaborations with sector-specific information sharing and analysis centers over the past 18 months, and it this post it will be discussed why these ISACs are valuable partners for Google Cloud and our industry.

CISO Official Blog Nov. 6, 2023

Cloud CISO Perspectives: It’s a multicloud jungle out there. Here’s how your security can survive — and thrive - A second Cloud CISO Perspectives for October 2023 about what security and business leaders need to know about securing our multicloud present and future.

CISO Official Blog Security Oct. 23, 2023

Cloud CISO Perspectives: How boards can help cyber-crisis communications

CISO Official Blog Security Oct. 2, 2023

Cloud CISO Perspectives: Late September 2023 - Guest columnist Eric Brewer, Google Fellow and VP for infrastructure, explains Google Cloud’s approach to open source and why securing it is one of the most crucial tasks we face.

CISO Official Blog Sept. 18, 2023

Cloud CISO Perspectives: Early September 2023 - Google Cloud CISO Phil Venables talks about this year’s mWISE, and why it’s important to have a vendor-sponsored but vendor-agnostic conference.

CISO Official Blog Sept. 4, 2023

Cloud CISO Perspectives: Late August 2023 - At Next ‘23, guest columnist Sunil Potti explains Google Cloud’s vision for how AI can help achieve stronger security outcomes.

CISO Official Blog Aug. 21, 2023

Cloud CISO Perspectives: Early August 2023 - Cloud CISO Phil Venables explains why he considers himself a short-term pessimist, long-term optimist when it comes to cybersecurity.

CISO Official Blog Aug. 7, 2023

Cloud CISO Perspectives: Late July 2023 - Threat actors know that our health systems and the people they treat are vulnerable to cyber threats. Guest author Taylor Lehmann discusses the existential threat that healthcare faces, and how cloud can help.

CISO Official Blog July 3, 2023

Cloud CISO Perspectives: Late June 2023 - What does the threat landscape look like this summer? Guest author Sandra Joyce discusses for boards and business leaders what their organizations are facing right now.

CISO Official Blog June 19, 2023

Cloud CISO Perspectives: Early June 2023

CISO Official Blog June 5, 2023

Cloud CISO Perspectives: Late May 2023 - Google Cloud CISO Phil Venables discusses the importance and challenges of digital sovereignty.

CISO Official Blog Security May 22, 2023

Cloud CISO Perspectives: Early May 2023 - Guest author MK Palmore talks about Google Cloud’s new Grow with Google Certifications and how they can help organizations close the security talent gap.

CISO Official Blog Security May 1, 2023

Cloud CISO Perspectives: Late April 2023 - For our second newsletter this month, guest author and Mandiant CEO Kevin Mandia discusses the RSA Conference and how external pressures are shaping the current cybersecurity landscape.

CISO Official Blog Security April 17, 2023

Cloud CISO Perspectives: Early April 2023 - Google Cloud CISO Phil Venables discusses our new report on how and why boards of directors should be involved in cybersecurity and risk decisions.

CISO Official Blog Security April 3, 2023

Cloud CISO Perspectives: March 2023 - This month, Google Cloud CISO Phil Venables reviews his thoughts on the Biden Administration’s National Cybersecurity Strategy released earlier in the month.

CISO Official Blog Security April 3, 2023

Helping U.S.-based financial services firms manage third-party due diligence requirements when using Google Cloud - FSI customers are concerned about effectively meeting their public cloud regulatory requirements. Google Cloud understands the compliance requirements and can help FSI customers meet them throughout their cloud journey.

CISO Official Blog March 6, 2023

Cloud CISO Perspectives: February 2023 - This month, Google Cloud CISO Phil Venables looks at one of the most important issues facing the software industry: securing the software supply chain.

CISO Official Blog Feb. 13, 2023

Health-ISAC and Google Cloud partner to build more resilient healthcare, one threat indicator at a time - Google Cloud is open-sourcing a first-in-the-market integration that can help more than 750 healthcare customers to speed up their use of Health-ISAC’s threat intelligence with Chronicle.

CISO Official Blog Security Feb. 6, 2023

Cloud CISO Perspectives: January 2023 - In his January newsletter, Cloud CISO Phil Venables revisits two megatrends: the cloud as a digital immune system and software-defined infrastructure.

CISO Official Blog Security Jan. 16, 2023

CISO Survival Guide: Vital questions to help guide transformation success - Next in our series of CISO survival guide blogs, we discuss which hard questions CISO should be asking business leaders — and themselves.

CISO Official Blog Security Dec. 26, 2022

Cloud CISO Perspectives: December 2022 - Which security lessons of the past year were the most important? We look back at 2022 with members of GCAT and Google Cloud’s Office of the CISO.

CISO Official Blog Security Nov. 14, 2022

For a successful cloud transformation, change your culture first - Lessons from the computing virtualization era can help ease an organization’s cloud transformation. First, start with your culture. Here’s why.

CISO Google Cloud Platform Official Blog Nov. 7, 2022

From the FBI to Google Cloud, meet CISO Director MK Palmore - Office of the CISO Director MK Palmore on his transition from government to private sector, his next big challenge, and diversifying cybersecurity.

CISO Official Blog Security Nov. 7, 2022

Cloud CISO Perspectives: October 2022 - CISO Phil Venables takes a look back at our recent Google Cloud Next conference, and what it means for cloud security.

CISO Official Blog Security Oct. 3, 2022

Cloud CISO Perspectives: September 2022 - CISO Phil Venables shares his thoughts on Google Cloud’s recently-closed acquisition of Mandiant.

CISO Official Blog Security Oct. 3, 2022

What makes Google Cloud security special: Our reflections 1 year after joining OCISO - Google Cloud OCISO members Taylor Lehmann and David Stone reflect on their first year with the team, and what makes Google Cloud security special.

CISO Official Blog Sept. 5, 2022

Cloud CISO Perspectives: August 2022 - Google Cloud CISO Phil Venables shares his thoughts on bug bounties, along with the latest security updates from the Google Cybersecurity Action Team.

CISO Official Blog Security Aug. 22, 2022

How CISOs need to adapt their mental models for cloud security - CISOs: How well do you speak cloud? Here are 6 tips for adapting your mental models of security.

CISO Official Blog Security Aug. 22, 2022

How autonomic data security can help define cloud’s future - Here’s how Autonomic Data Security can help transform old-world security models to the new world of data in the cloud.