Will Google Cybersecurity Team Engage MSSP Partners?

A new Google cybersecurity team will have the “singular mission” to support the security and digital transformation of governments, critical infrastructure facilities, enterprises and small businesses, the company said.

The Google Cybersecurity Action Team is essentially a cybersecurity advisory crew tasked with providing incident response services, guidance for security plans, and helping customers to securely deploy Google Cloud. The idea is to shepherd customers through the process of elevating their cybersecurity profile, including:

  • A transformation road map and implementation.
  • Boosting cyber resilience to prepare for possible cyber attacks.
  • Engineering new solutions to fit changing requirements.

Google, Technology Heavyweights Discuss Cybersecurity

Google in August 2021 was part of a number of IT heavyweights that pledged money, programs and workforce training to fortify U.S. cybersecurity at the urging of President Biden. The company committed to spend $10 billion over the next five years to expand zero-trust programs, help secure the software supply chain, and enhance open-source security. Google also said it will aid 100,000 Americans earn industry-recognized digital skills certificates to qualify for security-centric jobs. The Google Cybersecurity Action team is part of that commitment.

Thomas Kurean, CEO, Oracle Cloud
Thomas Kurean, CEO, Oracle Cloud

The group will be composed of internal cybersecurity experts plucked from various units throughout the company. Google didn’t say how many people will be part of the effort or when it will begin.

Here’s what Google expects the team to deliver:

  • Strategic advisory services for customers' security strategies, including transformation workshops and educational content.
  • Advise customers on the structure of their digital security transformation and provide program management and professional services support.
  • Trust and compliance services that map Google’s global compliance certifications to industry control frameworks.
  • Security customer and solutions engineering that deliver proven blueprints and architectures for deploying Google Cloud products and services securely and in accordance with regulatory requirements.
  • Comprehensive solutions for autonomic security operations and cyber resilience.
  • Threat intelligence and incident response services, including threat briefings, preparedness drills, incident support and rapid response engagements.

"Cybersecurity is at the top of every C-level and board agenda, given the increasing prominence of software supply chain exploits, ransomware, and other attacks,” said Thomas Kurian, Google Cloud chief executive.

Google, AWS, Microsoft and MSSPs

Of particular note, while Google spoke of internal expertise for its new team, a striking absence from the makeup of its cybersecurity team are MSSPs (managed security service providers). Though Google does work with MSP partners.

By contrast, Google's main rivals have made concerted efforts to involve MSSPs in similar initiatives. For example, in late August 2021 Amazon Web Services (AWS) rolled out the Level 1 MSSP Competency for AWS Partners that provide security and monitoring as a fully managed service. The Level 1 competency helps AWS customers identify AWS Partners, in this case, MSSPs and Managed Detection and Response (MDR) service providers with cloud security expertise and experience. Several Top 250 MSSPs and Top 40 MDRs have earned the competency.

Along those same lines, the Microsoft Intelligent Security Association (MISA) has now grown to include 67 MSSP members that support 165 managed security services offerings, the vendor said as of mid-2021. Microsoft positions MISA as an independent ecosystem of software vendors, MSSPs and MDRs that have integrated their solutions to better defend partners and customers from cyber attacks.

Federal Government Weighs In On Google Security Team

Jen Easterly, director, CISA

In a somewhat unusual choice to comment on a private sector business, Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly touted Google’s cyber group. “It’s great to see a large company like Google Cloud orient itself to support the cybersecurity of all organizations large and small through its Cybersecurity Action Team, and as part of the JCDC and other initiatives, we look forward to partnering with them and other tech companies in this vital effort,” Easterly said in a statement. Google is a member of CISA’s Joint Cyber Defense Collaborative (JCDC) formed to help defend the U.S. against cyber strikes.

Meanwhile, Google unwrapped its new Work Safer program that combines Google Workspace with offerings from Palo Alto Networks and CrowdStrike to help a wide range of organizations implement a safer collaboration and communication solution environment. The program is aimed at small businesses, enterprises and public sector institutions, many of which use legacy technology and struggle to address the security challenges presented by remote work, Google said.

“As daily headlines attest, threats are increasing and vulnerabilities in older communication and collaboration systems continue to be exploited,” said Sunil Potti, vice president and general manager of Google Cloud Security. “Work Safer makes it easier for organizations to adopt a much stronger security posture to defend against phishing, malware, ransomware, and other cyber attacks.”

Google Cloud also rolled out a new security and resiliency framework that features a comprehensive security management program with cloud technologies that maps to the National Institute of Standards and Technology's Cybersecurity Framework.

Google Cloud, Chronicle and Cybereason XDR: Joint Development and Investment?

Amid all those moves, Google wasn't done. In yet another move, Google Cloud apparently invested in Cybereason, an XDR (eXtended Detection and Response) security software company. On a likely related note, the two companies announced Cybereason XDR powered by Google Chronicle. The cloud-native service “automates prevention for common attacks, guides analysts through security operations and incident response, and enables threat hunting with precision at a pace never before achieved,” the two companies assert.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.