Securing data centers, together: Why cloud and utilities should be cybersecurity partners

From electric vehicles to new manufacturing facilities to data centers, it’s no secret that consumer demands on energy infrastructure are spiking. At the same time, we’re seeing AI-augmented adversarial threats targeting power and energy generation on the rise, too.

These dual pressures, to make energy more resilient against cyberattacks just as experts are forecasting accelerated energy needs through the end of the decade, speaks to the complicated, important issues surrounding securing the grid.

One extreme example: The Russian threat group Sandworm hijacked Ukrainian power substation system control tools, sent unauthorized commands that coincided with missile strikes, and used malware to erase forensic evidence. These operations demonstrate a continuation of the cyber-physical hybrid warfare first seen in Crimea in 2014.

Why Google Cloud is investing in energy security

The global problem of boosting electricity supply while bolstering the industry’s cyber-physical resilience may have a solution through the interdependence of cloud service providers (CSPs) and the energy industry. Existing CSP and industry partnerships present a unique opportunity to collectively accelerate progress on both fronts.

Google Cloud depends on the power sector’s continued innovation. Our infrastructure, just like all energy customers, requires a safe, affordable, reliable, resilient, and sustainable energy ecosystem.

Because of this dependency, we want to be an active partner in advancing these capabilities for everyone. This partnership is especially timely because energy infrastructure is currently facing a perfect storm of challenges — unprecedented growth, highly distributed assets, legacy technology, and a rapidly evolving threat landscape.

With our expertise in AI, cloud security, and visibility into threat actor activities, Google Cloud is uniquely positioned to be a key partner for energy companies, enabling innovation with resilience and security, via collective defense.

Security, AI, and resilience

Resilience against natural disasters and human threat actors is paramount for the energy sector. At Google, we’ve built the most energy-efficient data centers on the planet, and our technical infrastructure optimized for AI calculations.

Adversaries and defenders are eagerly and aggressively seeking the benefits of AI, too. Threat actors have been using AI for productivity gains — enhancing and speeding up their attacks and making social engineering gambits seem more natural — and have begun attempting to use AI to enhance malware.

To counter this, we are helping security evolve from a reactive, human-dependent status quo to an AI-augmented, human-in-the-loop ecosystem. Security and resiliency strategies need to shift from compliance-centered processes to threat-informed, compliance-inclusive ones.

AI has already begun to fundamentally transform the role of a security engineer, with AI agents performing simple data enumeration in Google Security Operations, to complex reverse engineering malware analysis.

Collective defense

Google is uniquely positioned to observe threat activity against customers and identify victim entities globally. We operate on a philosophy of shared fate and an AI-integrated security stack that Google uses for its own products across enterprise, software, and hardware design to secure our customers.

We offer a unified security vision for critical infrastructure. Our platform integrates threat intelligence from Google Threat Intelligence Group, Mandiant’s frontline experience, and other elements — SIEM, SOAR, and Mandiant Consulting — into a single security partner. This integration is a critical differentiator, offering deep, actionable analysis of active attacks.

Mistakes and mismanagement of critical infrastructure can have catastrophic consequences, so reliability and resilience are the keys to great performance. At Google, we have the same point of view, inventing Site Reliability Engineering (SRE) to address those very concerns. SRE enables deliberate, fact-based decision-making, safety, and operational discipline to drive culture and performance because the stakes are so high.

Scalability in an age of sustainability

Google’s scale provides a global foundation of points of presence, fiber networks, regions, and zones with built-in failovers, which contributes to overall system resilience. As an innovator in the energy sector with projects like wildfire detection, Tapestry, and WeatherNext, we want to continue to partner with energy companies to continue these advancements as we envision a modern energy ecosystem supported by a multitude of energy sources.

Meeting this significant demand depends on AI-enabled optimization, planning, and security. Google Cloud’s vision is to reimagine the entire energy sector value chain through planning, building, operating, and enabling a secure, scalable foundation to advance everyone’s AI journey.

How we can move forward together

We can't afford to treat cyber threats as separate battles fought independently by energy companies and data centers. The Sandworm attacks demonstrated what's possible when sophisticated and determined adversaries target critical infrastructure, and attacks like those will only get more sophisticated.

The path ahead requires focusing on core competencies:

• Google: Provide platform, tools for research, modeling, monitoring, and optimization, coupled with world-class cybersecurity. Our mission is to be the world’s most trusted security partner in the AI era, delivering a secure-by-design infrastructure, pioneering AI-driven threat defense, and adopting a shared fate model to actively secure customer data, applications, and AI workloads.
• Energy companies: Increase power generation and transmission capacity, boost resiliency, and enhance cybersecurity posture by leveraging cloud and AI technologies.

We are better together. The symbiotic relationship between utilities and CSPs is the cornerstone of tomorrow's grid. By working together, we can beat bad actor AI with better AI for both operations and cybersecurity.

The transition to the cloud is about leveraging a digital immune system that anticipates and evolves against threats. To learn more about how we can work together to secure your assets, please reach out to Mandiant Consulting.