Priorities in Cybersecurity for Today's Leaders in Google Cloud
In the ever-evolving digital landscape, organizations are grappling with a changing threat landscape in cybersecurity. This was highlighted at the recent Google Cloud Next 2025 event, where experts discussed the growing volume of cybercriminal actors, increasing geopolitical tensions, new regulations, and rapid technological advancements like AI.
One solution to mitigate these threats is the establishment of a single access layer for all data within an organization. This approach ensures that all data goes through a secure point, making it easier to monitor and protect.
Another solution is the alert triage agent, which performs investigations on each security alert for customers. This tool is designed to help cybersecurity professionals reduce their workload and respond more effectively to potential threats.
Google Cloud Next 2025 also showcased a number of AI solutions, aimed at making cybersecurity teams more efficient. These tools can help analysts working in security operation centers (SOC) stay one step ahead of attackers. However, there is often a lack of control over the data inputted into AI agents, making traditional governance strategies ineffective. This has resulted in significant data security challenges as organizations rapidly deploy AI tools.
Effective identity and access management programs are crucial in restricting the access of third-party contractors. With the rise of infostealers, malware used to harvest credentials which are then sold on criminal underground marketplaces, it is vital that organizations have robust measures in place to protect their data.
Chinese state actors have been identified as utilizing zero day vulnerabilities in network and edge devices. To combat this, it is essential to secure blind spots in organizations, as threat actors are targeting devices that do not support security tools like EDR.
The growing trend of North Korea's fake IT worker program, where malicious actors seek employment as IT workers to generate revenue for the North Korea regime and steal sensitive data, underscores the need for a whole of company approach to combatting insider threats. This includes HR departments playing a crucial role in vetting potential employees.
Organizations must develop a comprehensive process to improve their hiring practices. This could involve conducting rigorous background checks and holding in-person interviews if possible.
AI is also being used to unlock the value of unstructured data, such as images, texts, and video, which are not covered by traditional guardrails. However, there is an issue of trust in data taken from AI tools, with issues like misconfigurations and hallucinations prevalent.
Despite these challenges, it is clear that AI can play a vital role in improving cybersecurity. Broadcom, for example, has recently equipped VMware Cloud Foundation with extended security functions to strengthen cyber-resilience and compliance, particularly in regulated industries, and to prevent attacks on authenticated credentials in the cloud.
In conclusion, as the digital landscape continues to evolve, it is essential that organizations adapt and implement robust cybersecurity measures. This includes establishing a single access layer, improving identity and access management, securing blind spots, and developing comprehensive hiring practices. By doing so, organizations can protect themselves against the ever-evolving threats in the cybersecurity landscape.
