Cloud Security, Content

Google Cloud Security Strategy Engages MSSPs


Google Cloud has launched multiple cloud security services, and opened its arms more widely to MSSP (managed security services provider) partners.

In an expansive blog, Google Cloud Security VP and GM Sunil Potti outlined an "invisible security" strategy in which:

  • Security technologies are engineered-in;
  • security operations as a siloed center will eventually disappear;
  • niche security talent gets democratized; and
  • shared responsibility evolves to shared fate.

Google Autonomic Security Operations for MSSPs (And More)

To deliver on that vision, the Google Cloud team announced the following developments and partnerships -- several of which involve MSSPs:

1. Cloud IDS, a cloud-native, managed intrusion detection system built with Palo Alto Networks. Cloud IDS will soon integrate with Google Cloud’s Chronicle and Security Command Center as well.

2. Google Chronicle now integrates with Google analytics platforms Looker and BigQuery. The integrations bolster Chronicle’s capabilities for reporting, compliance, visual security workflows, data exploration, and security-driven data science, Google says.

3. Autonomic Security Operations. This effort, built on Chronicle, is designed to drive more automation for Security Operations Center (SOC) analysts and MSSPs. Early adopters include BT Security, the telecom giant's MSSP business. Additional established partners include Cyderes and SADA Systems.

4. Cyber Insurance: Google will expand the Risk Protection Program as a public preview to all Google Cloud customers starting July 28. The program connects Google Cloud customers with Allianz Global Corporate & Specialty (AGCS) and Munich Re for potential cyber insurance policies.

5. Cloud Security Risk Measurement: A Google Cloud security diagnostic tool called Risk Manager enables customers to "measure and manage their risk on Google Cloud and obtain a report on their security posture," the company says.

Cloud Security: Google vs. Microsoft Azure and AWS

No doubt, Google Cloud is in growth mode and the cloud company is accelerating its cybersecurity efforts.

Still, Microsoft's engagement efforts with MSSPs appear to be further along. For instance, dozens of MSSPs and MDR (managed detection and response) service providers have joined the Microsoft Intelligent Security Association (MISA).

MISA is an independent ecosystem of MSSPs and software vendors that have "integrated their solutions to better defend partners and customers from cyberattacks," Microsoft says. MISA had 133 member organizations as of July 2020, up from 57 in 2019.

Meanwhile, Amazon Web Services (AWS) also continues to bolster its cybersecurity services for software and MSSP partners. Key moves include launching an AWS Network Firewall managed security service backed by such cybersecurity companies as Alert LogicCrowdStrike, Sumo Logic and  Trend Micro.

Also, Amazon has been building an annual cybersecurity conference known as AWS re:Inforce. The 2021 event is scheduled for August in Houston, Texas. The cloud security conference has been known to attract dozens of MSSPs.

Google Chronicle vs. Microsoft Azure Sentinel

Google's battle for the hearts and minds of MSSPs may ultimately come down to a showdown between Google Chronicle vs. Microsoft Azure Sentinel, MSSP Alert believes.

A case in point: Even as BT Security vows to embrace Google Chronicle and Autonomic Security Operations, BT in 2020 launched a fully managed security and advisory service built on Microsoft Azure Sentinel.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.