Google Launches Security Advisory Service, Security to Workspaces

Internet giant aims to help companies use the cloud securely and adds more security features to its productivity workspaces to better compete with Microsoft.

4 Min Read
Google building with logo
Source: wolterke via AdobeStock

Google has launched a new service group — the Google Cybersecurity Action Team — to provide strategic advisory, compliance, threat intelligence, and incident response services aimed at helping government and corporate clients tackle complex cybersecurity efforts, the company announced today at its Next '21 conference.

The Cybersecurity Action Team will also work with clients to engineer a combination of services and systems to meet regulatory and corporate requirements. In addition to its advisory services, Google announced its Work Safer program, which will focus on hybrid work environments with a combination of the company's productivity and security products, along with third parties, such as Palo Alto Networks and CrowdStrike.

The aim is to help organizations create a security strategy and implement that strategy across hybrid environments crossing on-premises, data center, and cloud infrastructure, Phil Venables, CISO of Google Cloud, said in a press briefing.

"This group has a singular mission — supporting the security of digital transformation of government, of critical infrastructure, of enterprises and of small businesses," he said. "Ultimately, this evolves over time to bring even more of Google to more organizations through and beyond cloud."

Google has committed to security in the past few years, pledging to invest $10 billion over the next five years among a number of cybersecurity initiatives, including expanding its zero-trust programs, investing in open source projects as a way to secure the software supply chain, and to expand its Google Career Certificate program to train 100,000 Americans in entry-level technical fields.

"Governments and businesses are at a watershed moment in addressing cybersecurity," Kent Walker, senior vice president of global affairs at Google, stated in a post announcing the $10 billion effort in August. "Cyber attacks are increasingly endangering valuable data and critical infrastructure."

The Google Next '21 announcements show that the company sees security as a both a significant future market and as a differentiator for its own products. Under the auspices of its Invisible Security initiative, the company aims to make security a feature of all of its products, one that customers do not have to add later. As part of the initiative, Google has focused on bringing zero trust to hybrid workforces through its BeyondCorp group, detection and response services through partnerships with Cybereason, and automation of data protection and analytics through its Automatic DLP service, which is currently in preview.

"In many cases, DLP, like many security controls, is built like a power-sucking alien — it is a bolted-on thing. This is one of the first instantiations of a security service that is actually being burned into the consumer experience of the native service," Sunil Potti, vice president and general manager of Google Cloud Security, said during the press briefing. "And that, in my opinion, is the role model of what we mean by Invisible Security."

Work Safer aims to take the Google Workspace and combine it with a number of security technologies, including endpoint security from CrowdStrike, network security from Palo Alto Networks, and security analytics from Google Cloud's Chronicle.

The Work Safer program aims to convince companies to move from Microsoft's offerings, Potti said. Microsoft 365 costs $12.50 per user per month for its standard level of services, including the Office applications, but that price goes up to $20 per user per month for the premium level that includes "advanced cyber threat protection and device management."

Work Safer offers the enterprise tier of Google applications, mobile device management, data loss prevention, and malware sandboxing, among other features.

"The comparison we are offering is the functionality of Google Enterprise Plus and a meaningful cost advantage, including for large enterprises and an investment from Google to seamlessly move from your old environment to your new environment, while also offering a bunch of additional security, because now we are actually burning in some of the CrowdStrike capabilities," Potti said.

Highlighting the security features of their cloud-based productivity suite for hybrid workers is Google's latest attempt to shake up the market, which continues to be dominated by Microsoft. While Microsoft has nearly 90% market share, Google regularly claims 1% to 2% more of the market every year, Chris Roth, research vice president for Gartner, stated in a July blog post.

"The pandemic in 2020 spurred tremendous growth in web conferencing from all providers," Roth wrote. "With less technical debt to worry about, Google has an easier time innovating and reimagining ways of working. Although that technical debt is accumulating and it’s not as easy to make major changes as it used to be."

About the Author(s)

Robert Lemos, Contributing Writer

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights