Google is highlighting several problems with Microsoft’s cybersecurity practices, and is positioning itself as a more secure alternative for managing sensitive government data and operations
read more
Google has published new security recommendations and a detailed white paper scrutinizing Microsoft’s cybersecurity practices following recent nation-state attacks.
This move appears to be part of Google’s strategy to attract Microsoft’s government customers. Additionally, Google has announced a new Workspace program designed to help these customers transition from Microsoft’s legacy systems.
The importance of this development lies in Google’s attempt to capitalize on Microsoft’s recent cybersecurity issues, aiming to draw in government clients who currently rely on Microsoft’s services.
By highlighting these vulnerabilities, Google is positioning itself as a more secure alternative for managing sensitive government data and operations.
This shift in the competitive landscape was driven by the Cyber Safety Review Board (CSRB) report, which criticized Microsoft’s security practices, particularly in light of a Chinese hack that was deemed preventable. This report has opened the door for competitors like CrowdStrike, Trellix, and now Google, to target Microsoft’s customer base, suggesting that there are more secure options available.
In response to the CSRB report, Google released a blog post authored by Jeanette Manfra, Google Cloud’s Senior Director of Global Risk and Compliance, and Charley Snyder, Google’s Head of Security Policy.
The post outlines their recommendations for improving cybersecurity practices, detailing a 14-page white paper that describes how they believe Microsoft was breached and the security principles that Google follows. These suggestions inherently promote Google’s own government services and aim to guide federal agencies towards more secure technologies.
Google’s recommendations include encouraging the federal government to diversify its tech vendors and adopt products with built-in “secure-by-design” principles. This approach not only suggests improvements based on the issues highlighted in the CSRB report but also subtly promotes Google’s offerings as a safer alternative.
In the broader context, Microsoft is currently facing significant scrutiny following the CSRB report.
Lawmakers are coordinating with Microsoft to schedule a congressional hearing regarding the breaches, and competitors are challenging a Pentagon decision to upgrade its Microsoft licenses while transitioning to zero-trust security principles.
In response to these criticisms, Microsoft has announced plans to address the security flaws that led to the recent breaches.
Additionally, CEO Satya Nadella has directed staff to prioritize cybersecurity over rapid production cycles, signalling a shift towards more robust security measures within the company.
Google’s recent actions underscore the competitive landscape among tech vendors vying for government contracts, particularly in the context of cybersecurity.
As Microsoft works to resolve its security issues, competitors like Google are positioning themselves as more secure alternatives. The ongoing scrutiny from lawmakers and government officials will likely continue to influence the strategies of both Microsoft and its competitors in the cybersecurity domain.