Skip to main content
close search
site logo

4 security predictions from Google’s cyber leaders

The hopeful forecasts aren’t exclusive to Google’s cybersecurity experts. Many believe the industry is poised to deliver on its mission with greater efficiency and effect.

Published Oct. 21, 2022
Matt Kapko's headshot
Senior Reporter
Google logo displayed outside the company's New York City office.
The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019 in New York City. Drew Angerer via Getty Images

Google’s cybersecurity leaders are cautiously optimistic, despite the heady state of threats in the industry. Executives made some predictions during a Wednesday virtual discussion with journalists that, if realized, could significantly alter the state of readiness and defense at large.

Encouraging advancements in identity authentication, inherent defenses in the cloud and a broader technological convergence could narrow pathways for attacks and upend how most organizations approach cyber defense today.

Top executives, including Google Cloud CISO Phil Venables and Heather Adkins, VP of security engineering, said they expect these predictions to materialize during the next five to 10 years.

These four predictions aren’t unique to those responsible for security at Google, but rather many cybersecurity professionals who believe the industry is poised to deliver on its mission with greater efficiency and effect.

Tech convergence will simplify security

A continued convergence of technologies will help simplify security, according to Adkins. 

Security controls mandated in regulations and compliance frameworks are going to be built, by default, into all of the widely used operating systems and enterprise systems, Adkins said.

“The need will drive that convergence story and the automation that makes that happen,” she said. 

These gains may not immediately change presumptions about the persistent and omnipresent threats facing the industry, but it could eventually have a more long-lasting and positive effect.

“The reality is that everyone's going to get hacked at some point, and the differentiator will become how quickly we recover from that,” Adkins said.

“We're going to raise the bar really high. We're going to make it really hard to hack us,” she said.

Adkins also hopes systems will become more resilient as more organizations take advantage of cloud computing.

Cloud will become a ‘digital immune system’

Consistent updates to cloud infrastructure based on data from vulnerability and threat research will strengthen defenses at scale, Venables said.

The cloud, aided by constant push updates, could act like a “digital immune system,” he said.

“For many organizations, just sitting back and taking those updates, they’re getting a regular increase in security without doing much,” Venables said.

Google’s global perspective on the threats and vulnerabilities it tracks, now aided further with intelligence from Mandiant, drive these security-centric updates in Google Cloud, he said.

Updates could play a significant role in tamping down the threat of ransomware as well, according to Adkins. She envisions reaching a point where organizations can recover quickly when a cloud instance is taken over by ransomware with the push of a button.

“It sort of starts to make some of these attacks fairly irrelevant,” Adkins said.

Deeper integration of security in tech

Royal Hansen, VP of privacy, safety and security at Google, expects security to be far more integrated with technology across the industry.

Instead of the horizontal approach by which much of security is implemented today, Hansen said security will be part of every individual’s experience with technology.

In this digitalized and data-saturated world, it will become progressively important for security to be deeply integrated with the reason someone uses a computer or data, he said. 

“Let’s work on the human safety, not just the technical underpinnings,” Hansen said. 

This will shift resources in multiple positive ways. Once the constant cycle of patching can be automated, for example, organizations can focus on the business.

This transition, like others, is already underway, according to Parisa Tabriz, VP of Chrome Browser at Google. 

“An exciting thing for me is just how interdisciplinary cybersecurity has already gotten,” she said. 

“We're kind of addressing some of society's problems as they've moved online, and that requires deep expertise in so many other fields,” Tabriz said. “I think we'll continue to see that because it's just going to be central to our lives and society and the world in general.”

Death of the password

One of the most impactful predictions shared by Google executives involves a core component of almost every security process in place today — passwords.

“I think we will see the death of the password,” Adkins said. “I think we're far enough along the milestones that in the next five to 10 years we'll continue to iterate on things like security keys and passkeys.”

This passwordless future, she said, will change the authentication experience for most individuals and enterprises for the better.

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Rumpke Data Breach Investigation
From Migliaccio and Rathod
December 11, 2024
DigiCert Releases First-of-Its-Kind Open-Source DCV Library to Elevate Industry Standards
From DigiCert
December 18, 2024
Migliaccio and Rathod Investigates Byte Federal Data Breach
From Migliaccio and Rathod
December 12, 2024
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Editors' picks
Latest in Strategy
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.