How Google Cloud helps government agencies stay ahead of security threats

Cybersecurity remains a top national concern, and Google Cloud is committed to providing government agencies with the security capabilities they need to achieve their missions. At the annual Google Cloud Security Summit today, we’re excited to share updates on how we’re helping governments around the world address their pressing security challenges and meet the demands of new and evolving cybersecurity mandates. 

Introducing Assured Open Source Software service

We continue to work closely with government leaders to innovate and develop initiatives and frameworks that strengthen open source software and the software supply chain.  For example, Google launched Supply Chain Levels for Software Artifacts in June 2021. Also known as the SLSA framework, it formalizes criteria around software supply chain integrity to help the industry and open-source ecosystem secure the software development lifecycle. We also introduced Open Source Insights, which helps developers better understand the structure and security of the software they use. Assured OSS, which is expected to enter Preview in Q3 2022, reflects our continued commitment to building safer security practices in government. 

Transforming security analytics and operations 

Powered by Google Chronicle and Siemplify, ASO can allow agencies to comprehensively manage cybersecurity telemetry across an agency, support the Event Logging Tier requirements of the White House guidance, and ultimately transform the scale and speed of threat detection and response. ASO can also help government agencies support continuous detection and continuous response so that cybersecurity teams can increase their productivity, reduce detection and response times, and stay ahead of attackers.

Expanding our government compliance

To help meet the Zero Trust requirements outlined in EO 14028, Google Cloud provides a range of capabilities to help federal agencies progress toward a Zero Trust architecture. Google Cloud’s BeyondCorp Enterprise can enhance government agencies’ ability to implement and scale Zero Trust secure access to applications and data on premises or in any cloud. For the Defense Innovation Unit (DIU), Google Cloud is implementing a Secure Cloud Management solution – leveraging Anthos, our container deployment and orchestration solution – to help provide a scalable, highly responsive alternative to the Department of Defense’s current network boundary security architecture. Google Cloud also offers a range of Professional Services engagements to help accelerate agencies’ adoption of cloud and of Zero Trust architectures.  

We are proud to help government agencies innovate securely, and we will continue to pursue federal certifications to support their needs. For more information on our work with the federal government and our security capabilities, please visit our Google Cloud for U.S. federal cybersecurity webpage.

_{1 New FedRAMP Moderate services include: Anthos Config Management, Anthos Service Mesh, Assured Workloads, Binary Authorization, Certificate Authority Service, Cloud External Key Manager, Cloud Run for Anthos, Cloud Scheduler, Cloud Tasks, Connect Service Directory, Document AI, Game Servers, and Secret Manager
2 New FedRAMP High services include: Cloud Admin Console, Cloud Data Loss Prevention, and Cloud Logging}