Reduced system downtime by over 90% for critical communications
Reallocated over 28% of the Security team to core infrastructure, freeing two out of seven analysts
Cut resolution time for simple alerts by over 80% (from one hour to 10 minutes)
Reduced false positives from 5+ per day to less than two per week with Gemini in SecOps
Pasco Sheriff's Office transformed its security and operations, unifying siloed tools with Google Security Operations to boost efficiency, improve community safety, and champion secure AI for law enforcement.
Pasco Sheriff's Office transformed its security and operations, unifying siloed tools with Google Security Operations to boost efficiency, improve community safety, and champion secure AI for law enforcement.
From 'whack-a-mole' to proactive defense: Securing a rapid cloud shift
The Pasco Sheriff's Office (PSO) is a pioneer in Florida law enforcement, dedicated to process improvement and innovation. In 2022, a critical and time-sensitive mandate to evacuate on-premise IT infrastructure led to a rapid move to a multi-cloud environment. However, this structure left the security team drowning. They were working on rigid, outdated, and manually-intensive security systems—a patchwork of two legacy SIEMs. The small security team of seven was forced to work rotating, 4:00 AM to 10:00 PM schedules, spending countless hours manually connecting data from siloed solutions.
The Pasco Sheriff's Office transitioned from a fragmented, "whack-a-mole" reactive security posture to a unified, proactive threat-hunting model using Google Security Operations.
This highly manual, reactive security posture, while diligent, limited their ability to focus on strategic threat hunting and inadvertently created vulnerabilities that stretched the team to its limit.
The system's binary security response was also a critical flaw: a security alert could mean locking down all systems, turning a deputy's device into a "black brick of uselessness" during an emergency. This risk drove PSO to search for a unified, automated, and cloud-native security platform that could meet strict CJIS compliance, ease staff burden, and truly protect the community.
A unified SOC: Automating security and augmenting staff with Google SecOps
PSO partnered with Google Cloud to execute a strategic and operational transformation centered on security. The core of this solution is the Google Security Operations (SecOps) platform, which consolidated a multitude of redundant, outdated services into a single, unified workflow. This shift immediately simplified their environment, eliminating tool sprawl and providing a single pane of glass into all security data. The benefits were transformative:
* Efficiency: Resolution time for simple alerts dropped from one hour to just 10 minutes—an 83% improvement.
* Proactivity: False positives were reduced from five or more a day to less than two a week, allowing the team to focus on meaningful threat hunting.
* Resilience: Fine-tuned playbooks reduced system downtime for critical communications by over 90%.
This massive efficiency gain is largely attributed to Google SecOps' Gemini capabilities. Research, analysis, and data enrichment are handled behind the scenes, presenting analysts with actionable intelligence. As Major Ross noted, "Now we have humans doing things humans need to do—interpret and act.
This operational relief led to an unprecedented organizational impact: we were able to shift two out of seven security personnel—over 28% of the security team—onto other critical core infrastructure needs."
The Pasco Sheriff’s Office reduced complex operational workflows from a 2–3 person, multi-day task to a single-operator process completed in under an hour—an efficiency gain of over 95%.
Pioneering secure AI and threat intelligence
for law enforcement
The commitment to an "all-in" Google Cloud strategy allows PSO to leverage technology for enhanced community safety and improved deputy efficiency. This includes deploying secure intelligent capabilities within their private environment. PSO uses Gemini to consolidate the massive knowledge base—from state statutes and case law to agency policies and software guides—giving officers fast, grounded answers for better decision-making. Crucially, their policies prohibit the use of public AI resources, relying on Google's enterprise security to ensure data stays within their instance and is not used to train external models.
The team uses Google Threat Intelligence and Mandiant security expertise to make the shift from a reactive to a proactive defense strategy, all powered by Google Security Operations with Gemini. This advanced integration proved critical when Google Threat Intelligence flagged a threat campaign targeting key JavaScript repositories.
Deploying SecOps has allowed us to shift personnel to other critical areas... [It's] a story about a strategic and operational transformation that has made the Pasco Sheriff's Office security posture more advanced and effective and, most importantly, made our community safer.
Major Justin Ross
Operational Logistics Bureau, Pasco Sheriff's Office
The threat was quickly shut down by using Google Security Operations with Gemini to develop custom YARA-L detections. This proactive approach dramatically cut the total response time—in one specific case, from an incalculable timeframe to under three hours. Technology can make agencies more efficient by removing the administrative burden, in turn, freeing up deputies to proactively patrol and build trust within communities.
The Pasco Sheriff's Office is a full-service Florida law enforcement agency dedicated to innovation and providing a safer community for its rapidly growing population.
Industry: Government
Location: United States
Products: Google Security Operations (SecOps), Mandiant, Google Threat Intelligence, Assured Workloads, Google Workspace
