Google’s $5.4B Mandiant Merger: 5 Big Security Plans Ahead

From a new security operations suite to Mandiant boosting Google Cloud’s ‘shared fate’ cybersecurity model, here are five big plans ahead for the newly combined Google Cloud-Mandiant company.

5 Bold Security Plans Ahead For Google Cloud And Mandiant

Google Cloud has huge plans in store for Mandiant to take its cloud security to the next level and make cybersecurity a true market differentiator against its competitors both on-premises and in the cloud.

“Together, Google Cloud and Mandiant will help reinvent how organizations protect themselves, as well as detect and respond to threats,” said Thomas Kurian, Google Cloud’s CEO, in a statement Monday.

On Monday, Google completed its acquisition of Mandiant, a cyberdefense and threat intelligent superstar, for $5.4 billion.

The two companies will combine technologies to provide new offerings to its massive joint customer base—such as injecting Mandiant Attack Surface capabilities into Google’s “shared fate” security model, as well as building a new end-to-end security operations suite with capabilities to support customers across cloud and on-premises IT environments.

“Google Cloud and Mandiant have the knowledge and skills to provide an incredibly efficient and effective security operations platform,” said Kevin Mandia, Mandiant’s founder and CEO, in a blog post Monday. “We are building a ‘security brain’ that scales our team to address the expertise shortage.”

[Related: The 5 Biggest AWS Executive Departures In 2022]

Google’s Acquisition Of Mandiant

In March, Mountain View, Calif.-based Google unveiled its planned acquisition of Reston, Va.-based Mandiant for $5.4 billion.

Mandiant is a top-notch global provider of threat intelligence, security advisory, consulting and incident response services.

The company has been helping enterprises, government agencies and businesses of all sizes develop more effective and efficient cybersecurity programs and their readiness to defend against and respond to various cyberthreats. The Mandiant Advantage SaaS platform scales decades of front-line experience and threat intelligence to deliver a range of cyberdefense solutions.

Google Cloud will add Mandiant’s global security teams and cybersecurity portfolio to its broad customer base in more than 200 countries with the goal of reinventing the entire industry.

“With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help organizations reinvent security to meet the requirements of our rapidly changing world,” said Kurian.

As of Monday, Mandiant is now officially part of Google Cloud while it will retain the Mandiant brand inside the company.

CRN breaks down five cloud security and integration plans ahead for Google Cloud and Mandiant that all customers, partners and security experts should know.

Mandiant To Be Injected Into Google’s ‘Shared Fate’ Model

Google Cloud operates in a “shared fate” model, which aims to go beyond existing cloud security models to help customers not only reduce risk, but build a comprehensive and more efficient risk management program.

“For security operations, that means helping organizations find and validate potential security issues before they become an incident,” said Kurian in a blog post Monday regarding its shared fate model.

“Detecting, investigating and responding to threats is only part of better cyber risk management. It’s also crucial to understand what an organization looks like from an attacker’s perspective and if an organization’s cybersecurity controls are as effective as expected,” Kurian said.

To enhance its shared fate model, Google Cloud plans to add Mandiant’s attack surface management capabilities to its portfolio to enable organizations to continually monitor assets for exposure.

Adding Mandiant’s technologies will allow security teams to move security programs from reactive to proactive to understand what’s vulnerable, misconfigured and exposed.

With the addition of the Mandiant Security Validation offering, Google customers will be able to continually validate and measure the effectiveness of their cybersecurity controls across cloud and on-premises environments.

Mandiant CEO Mandia said he’s a “proponent” of Google’s shared fate model.

“By taking an active stake in the security posture of customers, we can help organizations find and validate potential security issues before they become an incident,” Mandia said in a blog post Monday. “Google Cloud and Mandiant have the knowledge and skills to provide an incredibly efficient and effective security operations platform. We are building a ‘security brain’ that scales our team to address the expertise shortage.”

Google To ‘Democratize Security Operations’ Via Mandiant Threat Intelligence

Kurian said Google Cloud’s goal with Mandiant at its side is to “democratize security operations” with access to the best threat intelligence and built-in threat detection and response.

“Ultimately, we hope to shift the industry to a more proactive approach focused on modernizing security operations workflows, personnel and underlying technologies to achieve an autonomic state of existence— where threat management functions can scale as customers’ needs change and as threats evolve,” said Kurian.

Google Cloud customers leverage its cloud infrastructure to ingest, analyze and retain their security telemetry across multi-cloud and on-premises environments.

To make this easier to achieve, Google will push customers to leverage the Mandiant Threat Intelligence service to give security leaders greater visibility and expertise from the front lines.

Mandiant’s Threat Intelligence is compiled of teams of security and intelligence experts spread across 22 countries who are serving customers in 80 countries.

“Mandiant’s experience detecting and responding to sophisticated cyberthreat actors will offer Google Cloud customers actionable insights into the threats that matter to their businesses right now,” said Kurian. “We will continue to share groundbreaking Mandiant threat research to help support organizations, even for those who don’t run on Google Cloud.”

Google-Mandiant To Create New Security Operations Suite

Google Cloud will blend Mandiant’s vast cybersecurity expertise and portfolio into its own security offerings with the ultimate goal of helping customers stay protected against cyberthreats at every stage of the security life cycle.

The two companies will combine technologies and security services to create an end-to-end security operations suite with capabilities to support customers across their cloud and on-premises IT environments.

“With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help organizations reinvent security to meet the requirements of our rapidly changing world,” said Kurian.

Google Cloud has a slew of security offerings including threat intelligence, zero trust architecture and large-scale analytics for security operations.

Google will leverage Mandiant’s security services, which are currently spread across 22 countries, into its own customers to help businesses better prepare for and react to cyberattacks.

Kevin Mandia: Google Will ‘Accelerate’ Our Vision

Kevin Mandia founded Mandiant in 2004 and led the company as CEO for nine years.

After an eight-year stint as CEO of fellow cybersecurity company FireEye, Mandia returned to Mandiant as CEO in October 2021. A few months later, Google unveiled its plan to purchase Mandiant for $5.4 billion.

In a blog post Monday, Mandia said his company is now better positioned to grow and has more ammunition to fight cybercriminals across the globe.

“As part of Google Cloud, Mandiant now has a far greater capability to close the security gap created by a growing number of adversaries,” said Mandia.

“In my 29 years on the front lines of securing networks, I have seen criminals, nation states and plain bad actors bring harm to good people. By combining our expertise and intelligence with the scale and resources of Google Cloud, we can make a far greater difference in preventing and countering cyberattacks, while pinpointing new ways to hold adversaries accountable,” Mandiant’s CEO said.

Mandia said his company is not going away as part of Google Cloud, but in fact would become “stronger.”

“We will maintain our focus on knowing the most about threat actors and extend our reputation for delivering world-class threat intelligence, consulting services and security solutions,” he said.

Kurian’s Strategy To ‘Industrialize’ Cybersecurity

In an interview with CRN earlier this year, Kurian explained his goal of shaking up the security landscape and addressing the fear every organization faces today.

“What we are trying to do is take cybersecurity and industrialize it so that people don’t have to always live with this worry, ‘Is tomorrow the day I get told that my systems have been breached?’” said Kurian.

With billions of people around the world using its parent company’s large-scale consumer services platforms like Google Search and Google Maps, Google arguably has the largest attack surface on the planet. “You would probably notice they have never been brought down, and you’re able to access them all the time,” Kurian pointed out. “It’s because of a lot of the security tools and operational solutions that we have built over the years to protect our own services. Now we’re making those solutions available to our cloud customers.”

Acquiring Mandiant is a key move for Google Cloud to achieve its vision ofindustrializing cybersecurity.

Kurian told CRN Mandiant will bring several key capabilities to Google, including vulnerability assessment and key consulting expertise around identifying threats and understanding the threat vector.

Kurian plans to integrate Mandiant’s technology into Google Cloud products such as its Chronicle cloud-native SIEM platform for better risk and vulnerability analysis, as well as recently acquired automation remediation technology from Siemplify.

In his blog post Monday, Kurian said the future is bright with Google Cloud and Mandiant teams working hand-in-hand.

“We welcome Mandiant to the Google Cloud team, and together we look forward to helping security teams achieve so much more in defense of their organizations,” he said.