Cybersecurity concerns have peaked since last year. If experts are to be believed, the situation is only going to get worse. One recent example is the Colonial Pipeline ransomware attack that shut down gas and oil deliveries, causing significant losses across sectors.
In this direction, Google has announced new products and solution offerings to help organisations in addressing security challenges and deliver a trusted cloud. The company introduces Cloud Intrusion Detection System (Cloud IDS) that provides cloud-native network threat detection. The company also announced multiple integrations and an autonomic security operations stack, all revealed during the company’s Security Summit. Google Cloud has also announced that it is expanding the availability of its Risk Protection Program.
Google Cloud Cloud IDS is built from advanced threat detection technologies from Palo Alto Networking to provide highly efficient security. Its system can detect malicious activities with low false positives. In response to the network threats identified by Cloud IDS, custom workflows can be created in Google Cloud to remediate based on alerts.
According to Muninder Singh Sambi, Senior Vice President of Product Management, Palo Alto Networks, their partnership with Google Cloud will help customers achieve their business objectives as they move to the cloud. Combining simple native cloud controls with Google Cloud security will help their customers maintain a safe network with Cloud IDS. Customers need not compromise between security and simplicity for their most important digital initiatives.
Some benefits of Cloud IDS are :
- easy to deploy and manage network threat detection with UI, CLI, or APIs.
- scales automatically to meet organisational needs
- Backed by industry-leading threat detection capabilities
Regulated industry customers, such as financial services, retail and healthcare, may use Cloud IDS to support compliance requirements that require an IDS to be used.
Sunil Potti, vice president and general manager of Google Cloud Security, wrote in a blog post detailing the new solutions that are part of a larger vision for “invisible security” within its cloud. He explained that the goal is for all security technologies to be engineered into the system, niche security talent to be democratised, and siloes to be eventually eliminated.
BigQuery and Looker
Chronicle is Google’s cloud-native security analytics platform. Along with Cloud IDS, Google has also announced that Chronicle’s capabilities will be further enhanced by integrating analytics platforms Looker and BigQuery. It will help Chronicle perform better in reporting, compliance, visual security workflows, security-driven data science, etc.
Security teams can now access brand new, embedded Looker-driven dashboards in five content categories: Chronicle security overview, data ingestion and health, IOC matches, rule detections, and user sign-in data.
In order to help organisations modernise their security operations programs to defend against modern-day threats, Google announced Automatic Security Operations. It combines products, integrations, technical content, and an accelerator program to enable customers to take advantage of Google’s technology stack built on Chronicle, along with Google’s deep security operations expertise.
Furthermore, from July 28, Google expands the availability of the Risk Protection Program to all Google Cloud customers in public preview.