Learn the latest perspectives from Google Cloud CISO Phil Venables. Read the blog.

Google Cloud for U.S. government cybersecurity

Google Public Sector helps agencies address Executive Order (EO) 14028 and other critical White House cybersecurity requirements with solutions spanning Zero Trust, cybersecurity analytics, and web asset protection.

Adopt proven Zero Trust protection with Google innovation

Google pioneered Zero Trust by globally implementing perimeter-less security for itself based on context-aware least privilege.  Agencies rely on Google Zero Trust capabilities for remote access, secure collaboration, and boundary security. To help you get started, we offer professional services (PSO) and partnerships to help you meet EO 14028, OMB M-22-09, and NSM-8.

Read Google's technical whitepapers on Zero Trust

Watch cybersecurity leaders discuss Google's Zero Trust journey

Threat Detection with Modern Cyber Analytics

Accelerate threat detection with modern cybersecurity analytics

Google Cloud’s security portfolio combined with Mandiant’s leading cyber threat intelligence allows us to help government agencies stay protected at every stage of the security lifecycle.

Google Cloud’s model of continuous detection and response can power agencies’ abilities to meet EO 14028 and OMB M-21-31. Google Cloud provides SaaS-based cyber analytics, powerful data platforms, BI platforms, SOAR, cloud logging tools, visibility tools, key security partnerships, as well as threat intelligence technology called VirusTotal.

Read the white paper: Modernizing the U.S. federal government’s approach to Cyber Threat Management with Autonomic Security Operations

Protect and modernize customer-facing web assets

EO 14058 seeks to improve digital customer experience by modernizing agency websites and online services that provide essential services to constituents. The security of public web servers is addressed in NIST 800-44. Google Cloud helps protect web assets from attacks and fraud by detecting bots, preventing denials of service, and using secure APIs.

Read the Google Cloud blog on protecting public-facing web assets
Modernize and Secure Customer-facing Web Assets
Secure the Software Supply Chain

Secure the software supply chain

Google best practices for the secure use of open-source software led it to create a framework for software supply chain security, known as Supply-chain Levels for Software Artifacts (SLSA). The framework helps government, industry, and the open-source community by formalizing criteria and providing recommendations around supply chain integrity and the software development life cycle.

Read the Google Cloud blog on the software supply chain

Meeting U.S. government compliance requirements

Many Google Cloud products meet NIST 800-53NIST 800-171 requirements, & can be used to support compliance with FedRAMPDoD cloud security requirements, CJIS, ITAR, & IRS 1075. Implementing Assured Workloads provides extra control & confidence in sensitive workloads, too.

Defense Innovation Unit

"Google Cloud's secure cloud management solution is one prototype helping to simplify engagement with non-traditional technology vendors by allowing DIU users to collaborate in real time. The solutions provide equivalent security and control to the DoD’s Cloud Access Point (CAP) while delivering real-time performance, which is critical for such things as videoconferencing and file sharing..."

John Chen, Interim CIO, Defense Innovation Unit (DIU)

Read the press release

Google’s $10 billion commitment to U.S. cybersecurity

At a 2021 White House Summit, Google announced a $10 billion dollar commitment over the next five years to expand Zero Trust programs, help secure the software supply chain, enhance open-source security, and strengthen the digital security skills of the American workforce.