(By Anton Chuvakin, originally posted at Anton on Security)
Security continues to be a top concern for cloud customers, and therefore continues to be a driver of our business at Google Cloud. However, specific security priorities vary wildly by vertical, by organization size, and by many other factors.
In fact, many “CISO priorities lists” are floating out there online and many people claim to know “what CISOs want.” My analyst years taught me to be skeptical about such claims, if only because there are vast differences between CISOs of different organizations, in terms of security maturity, for example. Specifically, my interactions with CISOs showed me that while one CISO of a large enterprise is expanding his or her threat hunting team, another may be dealing with the more mundane challenge of patching Windows servers in time (BTW, CSO or CISO?).
Naturally, many of us in the Google Cloud Security business speak with customer security teams every day, and they often ask how Google performs certain security operations internally, how we think about certain problems, and how our security offerings will evolve. These conversations often involve Alphabet CISO, Royal Hansen, and we want to have these in-depth conversations as much as possible with our customers.
To make that possible, Google Cloud has created the Office of the CISO. It is made up of senior security executives with experience managing large security organizations across multiple industries. These executives serve as the trusted security and compliance advisors and advocates for customers. Additionally, they leverage their expertise to inform product security and compliance priorities in accordance with industry needs.
Interested in meeting some of these security leaders? We regularly hold Google Cloud Security Talks, and during our next set of talks, on November 18, the Office of the CISO members will participate in a panel discussion on security evolution during cloud migration. You can register for the talk here, and we look forward to having you join us.
Furthermore, Google Cloud Security is putting together hot topics for future CISO discussions. We plan to hit the range of CISO interests and operational maturity levels. Other topics the panel is considering for future events include:
- Applying zero trust access to current and planned systems
- Effectiveness of automation as a solution to security staffing shortages
- Running data security programs in cloud and hybrid environments
- Compliance challenges when operating in the cloud globally
- Performing gap analyses to improve work from home processes
We hope to see you on the 18th to start our journey!