May 21, 2024 - Technology

Google tries to win over Microsoft's government cyber business

Illustration of a cursor on fire

Illustration: Natalie Peeples/Axios

Google has published new security recommendations and a detailed white paper scrutinizing Microsoft's cybersecurity practices after a pair of nation-state attacks in the last year.

Why it matters: Google is trying to poach some of Microsoft's coveted government customers.

  • Google is also offering a new Google Workspace program to help government customers move away from legacy systems like Microsoft's.

Driving the news: Ever since the release of the Cyber Safety Review Board's report on Microsoft's security practices, competitors have been lining up to take jabs at the Big Tech company.

  • The CSRB wrote in April that last summer's Chinese hack into Microsoft's systems was "preventable and should never have occurred."
  • CrowdStrike and Trellix both have pages on their websites dedicated to winning over Microsoft customers. CrowdStrike recently updated its page to include quotes from the CSRB's report.

Zoom in: Now, Google has joined the mix with a blog post released yesterday from Jeanette Manfra, Google Cloud's senior director of global risk and compliance, and Charley Snyder, Google's head of security policy.

  • Google also published a 14-page white paper detailing how it assumes Microsoft was breached last summer and the security principles Google follows.
  • The blog post details Google's "recommendations" for resolving the problems laid out in the CSRB report — each of which would benefit Google's own government services.
  • Google wants the federal government to work with tech vendors other than Microsoft and to purchase products that already adhere to "secure-by-design" principles.

The big picture: Microsoft has been facing a deluge of scrutiny from lawmakers, government officials and competitors in the weeks since the CSRB report.

  • House lawmakers are actively working with Microsoft to determine a date for a potential congressional hearing on the matter.
  • Competitors have also been vocal about a decision the Pentagon is weighing to upgrade its Microsoft licenses as it transitions to zero-trust security principles.

The other side: Microsoft has already unveiled its plans to rectify some of the security issues that led to the recent breaches.

  • Microsoft CEO Satya Nadella also sent a memo to staff directing them to prioritize cybersecurity over fast production cycles.
Go deeper