Categories
AI

Google’s future in enterprise hinges on strategic cybersecurity

Gaps in Google’s cybersecurity strategy make banks, financial institutions, and larger enterprises slow to adopt the Google Cloud Platform (GCP), with deals often going to Microsoft Azure and Amazon Web Services instead.

It also doesn’t help that GCP has long had the reputation that it is more aligned with developers and their needs than with enterprise and commercial projects. But Google now has a timely opportunity to open its customer aperture with new security offerings designed to fill many of those gaps.

During last week’s Google Cloud Next virtual conference, Google executives leading the security business units announced an ambitious new series of cybersecurity initiatives precisely for this purpose. The most noteworthy announcements are the formation of the Google Cybersecurity Action Team, new zero-trust solutions for Google Workspace, and extending Work Safer with CrowdStrike and Palo Alto Networks partnerships.

The most valuable new announcements for enterprises are on the BeyondCorp Enterprise platform, however. BeyondCorp Enterprise is Google’s zero-trust platform that allows virtual workforces to access applications in the cloud or on-premises and work from anywhere without a traditional remote-access VPN. Google’s announced Work Safer initiative combines BeyondCorp Enterprise for zero-trust security and their Workspace collaboration platform.

Workspace now has 4.8 billion installations of 5,300 public applications across more than 3 billion users, making it an ideal platform to build and scale cybersecurity partnerships. Workspace also reflects the growing problem chief information security officers (CISOs) and CIOs have with protecting the exponentially increasing number of endpoints that dominate their virtual-first IT infrastructures.

Bringing order to cybersecurity chaos

With the latest series of cybersecurity strategies and product announcements, Google is attempting to sell CISOs on the idea of trusting Google for their complete security and public cloud tech stack. Unfortunately, that doesn’t reflect the reality of how many legacy systems CISOs have lifted and shifted to the cloud for many enterprises.

Missing from the many announcements were new approaches to dealing with just how chaotic, lethal, and uncontrolled breaches and ransomware attacks have become. But Google’s announcement of Work Safer, a program that combines Workspace with Google cybersecurity services and new integrations to CrowdStrike and Palo Alto Networks, is a step in the right direction.

The Google Cybersecurity Action Team claimed in a media advisory it will be “the world’s premier security advisory team with the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises, and small businesses.”  But let’s get real: This is a professional services organization designed to drive high-margin engagement in enterprise accounts. Unfortunately, small and mid-tier enterprises won’t be able to afford engagements with the Cybersecurity Action Team, which means they’ll have to rely on system integrators or their own IT staff.

Why every cloud needs to be a trusted cloud

CISOs and CIOs tell VentureBeat that it’s a cloud-native world now, and that includes closing the security gaps in hybrid cloud configurations. Most enterprise tech stacks grew through mergers, acquisitions, and a decade or more of cybersecurity tech-buying decisions. These are held together with custom integration code written and maintained by outside system integrators in many cases. New digital-first revenue streams are generated from applications running on these tech stacks. This adds to their complexity. In reality, every cloud now needs to be a trusted cloud.

Google’s series of announcements relating to integration and security monitoring and operations are needed, but they are not enough. Historically Google has lagged behind the market when it comes to security monitoring by prioritizing its own data loss prevention (DLP) APIs, given their proven scalability in large enterprises. To Google’s credit, it has created a technology partnership with Cybereason, which will use Google’s cloud security analytics platform Chronicle to improve its extended detection and response (XDR) service and will help security and IT teams identify and prevent attacks using threat hunting and incident response logic.

Google now appears to have the components it previously lacked to offer a much-improved selection of security solutions to its customers. Creating Work Safer by bundling the BeyondCorp Enterprise Platform, Workspace, the suite of Google cybersecurity products, and new integrations with CrowdStrike and Palo Alto Networks will resonate the most with CISOs and CIOs.

Without a doubt, many will want a price break on BeyondCorp maintenance fees at a minimum. While BeyondCorp is generally attractive to large enterprises, it’s not addressing the quickening pace of the arms race between bad actors and enterprises. Google also includes Recapture and Chrome Enterprise for desktop management, both needed by all organizations to scale website protection and browser-level security across all devices.

It’s all about protecting threat surfaces

Enterprises operating in a cloud-native world mostly need to protect threat points. Google announced a new client connector for its BeyondCorp Enterprise platform that can be configured to protect Google-native and also legacy applications — which are very important to older companies. The new connector also supports identity and context-aware access to non-web applications running in both Google Cloud and non-Google Cloud environments. BeyondCorp Enterprise will also have a policy troubleshooter that gives admins greater flexibility to diagnose access failures, triage events, and unblock users.

Throughout Google Cloud Next, cybersecurity executives spoke of embedding security into the DevOps process and creating zero trust supply chains to protect new executable code from being breached. Achieving that ambitious goal for the company’s overall cybersecurity strategy requires zero trust to be embedded in every phase of a build cycle through deployment.

Cloud Build is designed to support builds, tests, and deployments on Google’s serverless CI/CD platform. It’s SLSA Level -1 compliant, with scripted builds and support for available provenance. In addition, Google launched a new build integrity feature as Cloud Build that automatically generates a verifiable build manifest. The manifest includes a signed certificate describing the sources that went into the build, the hashes of artifacts used, and other parameters. In addition, binary authorization is now integrated with Cloud Build to ensure that only trusted images make it to production.

These new announcements will protect software supply chains for large-scale enterprises already running a Google-dominated tech stack. It’s going to be a challenge for mid-tier and smaller organizations to get these systems running on their IT budgets and resources, however.

Bottom line: Cybersecurity strategy needs to work for everybody  

As Google’s cybersecurity strategy goes, so will the sales of the Google Cloud Platform. Convincing enterprise CISOs and CIOs to replace or extend their tech stack and make it Google-centric isn’t the answer. Recognizing how chaotic, diverse, and unpredictable the cybersecurity threatscape is today and building more apps, platforms, and adaptive tools that learn fast and thwart breaches.

Getting integration right is just part of the challenge. The far more challenging aspect is how to close the widening cybersecurity gaps all organizations face — not only large-scale enterprises — without requiring a Google-dominated tech stack to achieve it.

 

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link

Categories
AI

Armis advances its IoT cybersecurity platform with strategic investment

Armis, a Palo Alto-based company developing enterprise security products for internet of things (IoT) devices, today announced that it closed a strategic investment from Brookfield Asset Management and Georgian partners, bringing its total venture capital raised to date from $112 million to over $300 million. Armis, which is valued at $2 billion post-money, twice its 2017 valuation of $1.1 billion, plans to use the new investment to fund a backlog of product development and to expand its marketing and sales teams.

According to IDC, there will be more than 40 billion connected devices by 2025, but many of these devices won’t have security defenses. According to a recent study conducted by the University of Maryland, there’s a hack attempt every 39 seconds on average. The Kelser Corporation estimates that 65% of small and medium-size companies are the target of attacks, and that those attacks might have cost as much as $2 trillion in total by year-end 2019.

Three entrepreneurs — Google veteran Nadir Izrael, Adallom director of security research Tomer Schwartz, and Adallom global business development head Yevgeny Dibrov — founded Armis in 2015 to tackle the growing intrusion threat. Armis, which Insight Partners acquired in February 2020, offers a software-as-a-service solution that runs in an agentless fashion and autonomously identifies devices in wired and wireless networks even before they connect to said networks. Armis analyzes devices’ behavior to identify attacks and calculate a risk score, automatically disconnecting or quarantining suspicious laptops, smartphones, printers, medical devices, and other hardware while respecting existing firewalls, security information and event management, and network access control policies.

Armis isn’t exactly going it alone in the IoT cybersecurity space. Gartner said that cybersecurity spending grew from 8.7% to $124 billion in 2019. Mocana, which develops an end-to-end, on-device software suite for a range of systems, recently raised $15 million. And Israeli startup Axonius in early 2019 raked in $13 million.

But Armis claims to operate at a larger scale than many of its rivals, with over 500 million devices under management globally. Over the past couple of years, revenue grew more than 750% while the number of customers — among them Mondelēz, Sysco, Fresenius, Home Depot, Oracle, and DocuSign — rose over 425%. Armis also expanded its team to over 350 employees in 2021, including the appointment of a chief revenue officer and chief financial officer.

More recently, Armis launched a reseller program designed to create “long-term profitable partner growth.” This came prior to the debut of an asset management offering that Armis claims delivers over 5 times visibility than others solution on the market.

“Brookfield’s footprint spans far and wide, including physical infrastructure and healthcare assets, which are sectors that are increasingly turning to Armis to help them protect the exploitation of blind spots from connected device adoption. Bad actors are taking advantage of the lack of security on these devices … and attacks on these businesses are growing at exponential rates with severe real-life consequences,” Dibrov said in a statement. “In addition, as COVID-19 vaccinations rollout this year, our partnership with Brookfield and its massive real estate footprint of over 500 million square feet in commercial office space provides an opportunity to work with companies to ensure data and information security as they bring employees back to the office with more devices than ever before.”

Existing investors including Insight Partners, Alphabet’s CapitalG, and Georgian participated in the strategic growth investment. Insight Partners will remain the majority owner, and Armis will continue to operate independently, fully managed by Dibrov, Izrael, and the rest of the executive team.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform
  • networking features, and more

Become a member

Repost: Original Source and Author Link