Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    France’s OVH expands into India amid growing cloud adoption

    March 21, 2023

    Governments request for user data from Apple, Google rises; India ranks no. 1 in Southern Asia: Report

    March 20, 2023

    Govt plans incentive scheme for cloud startups to thwart Microsoft, Amazon, and Google domination

    March 17, 2023
    Facebook Twitter Instagram
    Your Infotech
    • Data

      Governments request for user data from Apple, Google rises; India ranks no. 1 in Southern Asia: Report

      March 20, 2023

      How to back up all your Google account data

      March 15, 2023

      Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

      March 8, 2023

      Google Search Console Bulk Data Export Is Here

      February 24, 2023

      AWS, Azure, and Google Cloud report single-digit YoY growth by annual contract value in Q4CY22

      February 13, 2023
    • Cloud

      France’s OVH expands into India amid growing cloud adoption

      March 21, 2023

      Govt plans incentive scheme for cloud startups to thwart Microsoft, Amazon, and Google domination

      March 17, 2023

      Intellect launches eMACH.ai for banks to use cloud services with embedded AI

      March 14, 2023

      Chinese AI groups use cloud services to evade US chip export controls

      March 9, 2023

      Tech-sponsored study criticizes plan to exclude non-EU cloud vendors

      March 6, 2023
    • Networking

      Amazon’s AWS cozies up to carriers to launch 2 services to build and operate networks in the cloud

      February 22, 2023

      META PLATFORMS SPENT OVER $1 BILLION ON ARISTA NETWORKING IN 2022

      February 17, 2023

      Microsoft Teams and Outlook are down due to a ‘networking issue’

      January 25, 2023

      Warning to those with older phones 3G networks are to be scrapped starting this year

      January 23, 2023

      Will the Broadband Ecosystem Save Telecom in 2023?

      January 19, 2023
    • Virtualization

      Imagination and Telechips drive automotive display diversity with hardware virtualization

      March 16, 2023

      Device virtualization is key to IoT adoption

      March 3, 2023

      Discover how virtualization can transform your business with this online training

      February 7, 2023

      Server Virtualization Software Market Next Big Thing | Major Giants IBM, Oracle, Microsoft

      February 2, 2023

      Global Data Virtualization Market Report 2022: Featuring Oracle, IBM, Cisco, Salesforce, Workday, Alteryx, Domo, Ceros, Cluvio & Qliktech International

      January 26, 2023
    • IT Infrastructure

      TCS+ | The need for speed: Braintree’s Heath Huxtable on modern IT infrastructure

      March 13, 2023

      The race to net zero: Six ways to slash IT infrastructure emissions

      March 10, 2023

      Vertiv and TechAccess partner to boost African IT infrastructure solutions

      February 28, 2023

      It Infrastructure Market Size 2023 Research Report with Technological Factors and Forecast till 2025

      February 21, 2023

      Geojit to build 1.25 lakh sq ft IT infrastructure in Infopark

      February 14, 2023
    Your Infotech
    Home»Cloud»Google Cloud CISO Phil Venables: Zero trust ‘essential’ to protect the cloud
    Cloud

    Google Cloud CISO Phil Venables: Zero trust ‘essential’ to protect the cloud

    yourinfotechBy yourinfotechFebruary 20, 2023Updated:February 20, 2023No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Cybersecurity is a tough game. With a bleak economic outlook for 2023, security teams are under increasing pressure to secure complex cloud environments against financially and politically motivated threat actors looking to capitalize on any small mistake. 

    However, despite economic pressures, Google Cloud CISO Phil Venables suggested in a recent Q&A that investing in new security capabilities is still key to maintaining business transformation in 2023

    Venables also shared his thoughts on how generative AI will impact security teams; what CISOs should be doing to secure the cloud; and why zero trust is “essential” for protecting workloads in the cloud. 

    1. Identity and access management (IAM) and the power of zero trust

      Of all the domains that look different in the cloud, IAM may be the most important to get right.

      With IAM tools, you’re able to grant access to cloud resources at a granular level, creating more access control policies for attributes such as device security status, IP address, resource type and date and time, to better ensure appropriate access controls are in place.

      Implementing a zero-trust framework, where there is zero implicit trust, means that it has to be established via multiple mechanisms and continuously verified. This is essential to protect an organization’s workforce and workloads in the cloud.

      By shifting access controls from the network perimeter to individual processes, devices, and users, zero trust enables employees to work more securely from any location and any device without traditional remote-gateway VPNs.

      Google has applied a zero-trust approach to most aspects of our operations. We believe it is certainly a framework that CISOs should consider when securing their cloud infrastructure.
    2. Threat intelligence

      Successful CISOs keep a close [watch] on incidents that have occurred in other organizations that would signal changes in malicious activity or provide other lessons that could potentially alter an organization’s defensive cloud posture.

      Detecting, investigating, and responding to threats is only part of better cyber-risk management — it’s also critical to understand what an organization looks like from an attacker’s perspective and if an organization’s cybersecurity controls are as effective as expected.

      Likewise, when it comes to securing the cloud, paying attention to threat intelligence trends — and selecting cloud providers that view threat intelligence as a priority — is a must.
    3. Multicloud management

      It’s not uncommon for organizations to have data in multiple clouds, not just one. One of the bigger challenges for CISOs is not just ensuring that each individual service is appropriately secured, but that the collection of those services that make up a business or mission process is secure.

      It’s an even bigger challenge to assure the mitigation of other risks across resilience, compliance, privacy, data governance, and other domains. As a result, CISOs should think comprehensively about their cloud security strategy and look at their cloud architecture as a whole versus in silos.

    VB: Any comments on Google’s role in helping to secure the software supply chain and open-source projects? 

    Venables: Collectively securing open source and the software supply chain remains a priority for the private and public sectors. The supply chain is made up of a variety of different types of vendors — connected services, software providers, outsourced IT, and other types of business process outsourcing. 

    Any reasonably sized organization could have hundreds to thousands of vendors — and some Fortune 100 companies even have tens of thousands.

    Securing the software supply chain is really going to take a combination of three things:

    ADVERTISEMENT

    1. Driving the adoption of best practices 
    2. Building a better software ecosystem
    3. Making long-term investments in digital security

    At Google, we’re working with industry partners, governments, and the open-source community to address these exact goals. Over the past few years, we’ve announced a number of initiatives to address these threats: 

    ADVERTISEMENT

    • Last year, we announced the creation of the new Open Source Security Maintenance Crew, a team of Google engineers who will work closely with upstream maintainers on improving the security of critical open-source projects.
    • We provided opinionated guidance for mitigating software supply chain risks in the first edition of our Perspectives on Security series.
    • We launched Software Delivery Shield, the first fully managed software supply chain security solution that equips developers and security teams with the tools they need to build secure cloud applications.
    • We released new products like OSV-Scanner and Open Source Insights data in BigQuery, which aim to directly support the open-source community as they secure their projects.
    • In collaboration with the Open Source Security Foundation (OpenSSF), Google proposed [a] supply-chain levels for software artifacts (SLSA) framework, which formalizes criteria around software supply chain integrity to help the industry and open-source ecosystem secure the software development lifecycle. 
    Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
    Previous ArticleMETA PLATFORMS SPENT OVER $1 BILLION ON ARISTA NETWORKING IN 2022
    Next Article It Infrastructure Market Size 2023 Research Report with Technological Factors and Forecast till 2025
    yourinfotech
    • Website

    Related Posts

    France’s OVH expands into India amid growing cloud adoption

    March 21, 2023

    Govt plans incentive scheme for cloud startups to thwart Microsoft, Amazon, and Google domination

    March 17, 2023

    Intellect launches eMACH.ai for banks to use cloud services with embedded AI

    March 14, 2023

    Chinese AI groups use cloud services to evade US chip export controls

    March 9, 2023

    Leave A Reply Cancel Reply

    Our Picks

    Subscribe to Updates

    Get the latest creative news from Your Infotech about Information Technology.

    About Us
    About Us

    We provide a wide range of customized, integrated B2B and B2C digital marketing services solutions that are ideal for your business.

    We're accepting new partnerships right now.

    Email Us: info@yourmartech.com
    Contact: +1-530-518-1420

    Our Brands
    • Your Martech
    • Your HR Tech
    • Your Fin Tech
    • Your Revenue
    • Your Bio Tech
    • Your POS Tech
    • Your Health Tech
    SUBSCRIBE NOW
    Loading
    LinkedIn
    • Privacy Policy
    © 2023 Vigarbiz Inc. Designed by Vigarbiz Media.

    Type above and press Enter to search. Press Esc to cancel.