An Alphabet subsidiary's goal to build a digital "immune system" against cyberattacks makes the company the latest of several trying to use this approach to solving enterprise security problems.
Alphabet Inc. , best known as the parent company of Google (Nasdaq: GOOG), has graduated a security company from its X "moonshot factory" business unit, with the goal of building a digital "immune system" against threats. It's a strategy similar to several competitors, ranging in scope from Cisco to at least one startup.
The new Google subsidiary, named Chronicle, will provide a cybersecurity and analytics platform to "help enterprises better manage and understand their own security-related data." Chronicle will also offer VirusTotal, "a malware intelligence service acquired by Google in 2012 which will continue to operate as it has for the last few years," Chronicle's new CEO, Stephen Gillett, said in a post on Medium Wednesday.
The proliferation of security alerts makes it harder for enterprises to follow up on all but a small fraction of generated alarms, allowing attackers to go undetected for months. And security teams need "months to fully understand what's going on once they've detected an issue," Gillett says. "All this adds up to more data breaches, more damage and higher security costs."
Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.
Chronicle is looking to multiply the speed and impact of security teams' work using its intelligence and analytics tools, leveraging Google's own high-performance and highly scalable platform, and machine learning and search tools, Gillett says.
Chronicle was founded as an X project in February 2016, Gillett says.
Gillett joined X from Google Venture and was previously COO of Symantec.
Instead of reacting to threats after they happen, Chronicle's goal, "which is still several years away, is predicting and deflecting cyber attacks before they infiltrate an organization's network" – a digital "immune system," Astro Teller, self-described "captain of moonshots" at X company, writes. Like the body's immune system, Chronicle's security protection would detect abnormalities and block them before they graduate to attacks.
Chronicle is the third company to graduate from X, following self-driving car company Waymo and life sciences company Verily.
Security is strategic to major cloud and infrastructure providers. It's core to Cisco's "network intuitive" strategy. Cisco is using anomaly detection, similar to the technique described by Chronicle, to flag possible threats in encrypted traffic without decrypting the traffic. (See Cisco Makes 'Intuitive' Bet to Reconquer Networks and Cisco Plugs Encryption Hole in Network Security.)
Likewise, Amazon searches for deviations from "baseline normal" network activity in its GuardDuty service announced in November. (See AWS GuardDuty Looks to Lock Down Cloud Security .)
This week, Amazon bought Sqrrl, which uses big data analytics to improve cloud security. (See Amazon Scoops Up Sqrrl for Cloud Security.)
Startup ShiftLeft launched a service last year where it scans application source code to -- once again -- detect potential anomalies in application behavior that might indicate threats. (See Cloud Security Startup ShiftLeft De-Stealths.)
The cloud security market is expected to hit $12 billion by 2024, up from $1.4 billion in late 2016. (See Cloud Security Will Hit $12B by 2024 – Report.)
Chronicle's digital "immune system" approach isn't original. But so what? The key to success isn't the idea, it's the execution. And Alphabet's talent, infrastructure and capitalization make it a good candidate for being the cure to the cybersecurity disease.
— Mitch Wagner Editor, Enterprise Cloud News