Google tries to win over Microsoft's government cyber business
Add Axios as your preferred source to
see more of our stories on Google.
/2024/05/20/1716242290586.gif?w=3840)
Illustration: Natalie Peeples/Axios
Google has published new security recommendations and a detailed white paper scrutinizing Microsoft's cybersecurity practices after a pair of nation-state attacks in the last year.
Why it matters: Google is trying to poach some of Microsoft's coveted government customers.
- Google is also offering a new Google Workspace program to help government customers move away from legacy systems like Microsoft's.
Driving the news: Ever since the release of the Cyber Safety Review Board's report on Microsoft's security practices, competitors have been lining up to take jabs at the Big Tech company.
- The CSRB wrote in April that last summer's Chinese hack into Microsoft's systems was "preventable and should never have occurred."
- CrowdStrike and Trellix both have pages on their websites dedicated to winning over Microsoft customers. CrowdStrike recently updated its page to include quotes from the CSRB's report.
Zoom in: Now, Google has joined the mix with a blog post released yesterday from Jeanette Manfra, Google Cloud's senior director of global risk and compliance, and Charley Snyder, Google's head of security policy.
- Google also published a 14-page white paper detailing how it assumes Microsoft was breached last summer and the security principles Google follows.
- The blog post details Google's "recommendations" for resolving the problems laid out in the CSRB report — each of which would benefit Google's own government services.
- Google wants the federal government to work with tech vendors other than Microsoft and to purchase products that already adhere to "secure-by-design" principles.
The big picture: Microsoft has been facing a deluge of scrutiny from lawmakers, government officials and competitors in the weeks since the CSRB report.
- House lawmakers are actively working with Microsoft to determine a date for a potential congressional hearing on the matter.
- Competitors have also been vocal about a decision the Pentagon is weighing to upgrade its Microsoft licenses as it transitions to zero-trust security principles.
The other side: Microsoft has already unveiled its plans to rectify some of the security issues that led to the recent breaches.
- Microsoft CEO Satya Nadella also sent a memo to staff directing them to prioritize cybersecurity over fast production cycles.
