National security and digital security go hand in hand. A nation’s strength depends on secure access to digital technologies when malicious actors can target critical infrastructure from half a world away.
This week at the Munich Security Conference, we’re talking to government leaders about how innovative technologies can help solve these complex national security challenges. To support these conversations, we’re launching a new whitepaper, “Staying Ahead of the Shadows: Digital Resilience in the Era of AI,” which describes how Google is working with defense organizations to equip democracies with the tools for a unified defense.
Recently released analysis by our Google Threat Intelligence Group has identified several critical trends that underscore the need for a unified approach to security in the defense sector. These include:
- Targeted defense technology: State-sponsored actors are targeting US and European defense suppliers with a focus on next-generation technologies such as drones and other unmanned serial systems. China in particular is targeting the defense sector; runs more cyber threat campaigns by volume than any other county.
- Threatening the industrial supply chain: Hackers and extortion operations increasingly threaten the manufacturing sector and its supply chain, threatening the ability to increase components where they are needed during crises.
- Exploiting the human element: Adversaries target employees through fake job portals and other manipulation of the hiring process.
- Increasing activity by China-nexus espionage groups: For the past several years, China has run more campaigns by volume than any other country or category of threat actor; and we have observed continued targeting of the defense sector by espionage groups linked to China.
A full-stack approach to resilience
Addressing modern threats requires a unified approach that protects all parts of our digital world – from the physical infrastructure, like undersea cables, to the data stored in the cloud and on the devices people use every day. Our digital resilience strategy focuses on five critical layers:
- Infrastructure: Google’s underwater and terrestrial networks span 2 million miles with 43 cloud areas and more than 200 points of presence, providing massive performance and security. Google’s Sovereign Cloud solutions deliver global scale and local control to public and private organizations of all sizes.
- Architecture: Google’s flexible data architecture helps defense and national security organizations break out of rigid data silos. Google AI is helping the US Defense Logistics Agency leverage real-time supply chain intelligence.
- Models: The twins and other models from our world-class research lab, Google DeepMind, enable governments to apply artificial intelligence on their own terms and citizens to access high-quality information and public services, even in war-torn Ukraine.
- Applications: Cloud-native applications like Google Workspace enable users to collaborate securely from anywhere with an Internet connection. The Ukrainian government’s decision to move official business to Workspace kept its officials connected online despite threats to localized infrastructure.
- Security: We don’t just fix bugs; we believe in eliminating entire classes of threats. We use AI-powered security tools, such as CodeMender, and provide guidance through the Secure AI Framework (SAIF) to give defenders a decisive advantage in cyberspace. And our investments in post-quantum cryptography (PQC) help our global users and customers future-proof their security.
As part of this full-stack approach, we have made strong commitments to enable digital resilience via rigorous technical and legal controls. We empower customers to control access to their data, ensure an open digital future by supporting open source software and eliminate lock-in, and actively support global cyber security and regulatory frameworks. That includes our partnerships with S3NS (achieving the highest SecNumCloud standards with a focus on strict sovereignty and security controls) and our Sovereign Cloud solutions like Google Cloud Air-Gapped offerings built on industry-leading open source components and designed to run independently of Google and the Internet.
We are proud that Google Cloud is becoming a partner of choice for the defense community, selected by organizations such as the NATO Communications and Information Agency, the US Department of War, the German Armed Forces, the UK Ministry of Defense and the Australian Ministry of Defense to deliver critical, secure computing and artificial intelligence capabilities at the tactical edge.
To build resilience in critical infrastructure, we need effective public-private partnerships focused on three core pillars:
- Speed is safety: Modernize procurement to reduce timelines and streamline permits for critical infrastructure.
- Integration through interoperability: Adopt open standards and shared encryption to break down data silos and reduce vendor lock-in.
- Control without compromise: Achieve resilience through technical expertise rather than “buy local” requirements that can exclude leading innovators.
The digital frontier is where global security will be decided. Following our bold and responsible approach to innovation, we stand ready to help design the resilient and interoperable platforms to ensure that democracies lead the way.