CDSA

Google Exec: Pure Cloud-Native Solution Helps Mitigate Security Risks

[svg-table-content]

A “pure-cloud native” data storage solution can help mitigate the many security risks that companies increasingly face today, according to Reena Nadkarni, head of product management for security & G Suite at Google Cloud.

There are “many different reasons” why a growing number of businesses are moving to the cloud, she said during a presentation on security considerations when migrating your digital workplace to the cloud that was part of the company’s “Work, Reimagined” virtual conference webcast June 19.

But there are some considerations “you have to think about, from a security perspective, as you migrate your digital workplace to the cloud,” she noted.

“First, in the past, it was mostly about optimizing infrastructure costs and achieving scale,” she pointed out. “But more and more, what I’m finding is that customers are using the cloud to be able to do their business better,” she said. “For example, they’re able to use data to get better insights to solve their customers and their partners in new and better ways,” she told participants.

Google Cloud technologies “can fundamentally change the way people work across the globe and across different industries,” providing ways for customers to build new apps and experiences and make teams “more productive with secure devices and G Suite technologies,” she said.

Advantages of using Google Cloud include its “secure and trusted infrastructure” and the fact that the company provides “a very easy toolkit for using machine learning better,” she said.

There is “a huge shortage of strong cybersecurity skills” today and “it is becoming increasingly difficult for IT professionals to really manage and protect these assets,” she pointed out. The average IT organization, after all, must manage more than 1,400 cloud services, she said, calling that a “staggering number.”

There was a 45% increase in data breaches during 2017, and that created “massive revenue loss” and “irreparable reputation damage,” as well as job losses, she said. Therefore, a data breach can be catastrophic to your business, according to Nadkarni.

“Cybersecurity is no longer just an IT problem: It is a problem for the CEO; it is a board problem,” and “patchwork systems are more vulnerable to hackers,” she said.

Thirty percent of data breaches are caused by employees due to a lack of internal controls, she said, adding 91% of attacks start with a phishing email and targeted threats like these are very hard to detect.

Sixty-six percent of malware, meanwhile, were installed via malicious emails and attachments, with 90% of all reported breaches caused by employee negligence, extortion and external threats, she said.

There was a 15X increase in ransomware losses from 2015-2017, and it typically stemmed from accidental and intentional sharing of corporate information via email, according to Nadkarni.

“These attackers are constantly changing their tactics” to defeat small security measures, “so you have to be able to keep up,” she warned, adding: “You want to have enough control on your IT’s data so that you’re able to keep up with what your employees are doing and be able to better protect them,” she said.

Regardless of what security solution one uses, it should be proactive, intelligent, compliant and simple to use, like Google’s, she said, adding: “When it comes to security, scale matters.”

There are now more than 4 million paying businesses that use Google Cloud’s G Suite of cloud-based productivity and collaboration applications, she said.

She provided several other data points. For one thing, 99.9% of business email compromise attacks are stopped in Gmail (part of G Suite) by warning users or moving messages to spam, she said, adding: Every minute within the Google universe, there are 10 million spam messages that are prevented from reaching Gmail users, while 694,000 indexed web pages are scanned for harmful software; 7,000 deceitful URLs, executables and browser extensions that may carry viruses, unwanted content or phishing attempts are spotted and stopped; 6,000 instances of unwanted software and almost 1,000 instances of suspected malware are reported to Google Chrome users; and two phishing sites and one malware site are found and labeled.