CyberGRX provides an independent third-party validated cyber risk assessment of Google Cloud’s security posture. This assessment details Google Cloud’s compliance with industry standards and the security protocols built into our infrastructure.
CyberGRX’s assessment of Google Cloud covers the strength, coverage, and timeliness of 200+ controls. It has been independently validated and integrates Google Cloud’s responses with analytics, threat intelligence, and risk models. CyberGRX’s Framework Mapper allows for the mapping of Google Cloud’s assessment to over 20 different commonly used industry frameworks and standards, such as NIST SP 800-53, NIST CSF, ISO 27001, PCI-DSS, HIPAA, CMMC, SOC2, CSA STAR, NY-DFS, FFIEC, etc. Additionally, CyberGRX risk analytics platform and assessment questions are mapped to the MITRE ATT&CK framework and taxonomy. This enables customers to discover the controls that can mitigate the threats applicable for their industry, and the supporting controls that indirectly affect the efficacy of the attack techniques.
You can request access to the Tier 2 validated CyberGRX cyber risk assessment of Google Cloud directly from CyberGRX using this page.