Taken over by aliens? Don't worry; Google has it covered

Google Enterprise CISO talks disaster recovery, mentalism and the importance to questioning the status quo

Google Enterprise director of security, Eran Feigenbaum

Google Enterprise director of security, Eran Feigenbaum

Imagine what would happen if all the Google engineers turned rogue and held the world’s Gmail accounts to ransom. Or if aliens attacked earth and wiped California off the map.

It sounds more like something from a Hollywood movie script than real life, but that’s the nature of disaster recovery — you rarely see it coming.

It may come as a surprise, however, to learn that the folks at Google Enterprise have considered just these scenarios.

“We play a lot of games here,” admits Google Enterprise director of security, Eran Feigenbaum. “Part of our disaster recovery plan is to assume the worst has happened. In last year’s scenario, Google was attacked by aliens and California was off the map. We asked: What do we do? How do we run our infrastructure?”

Read the full interview

Feigenbaum holds some serious security credentials; before joining Google in 2007, he held the post of US chief information security officer (CISO) for PricewaterhouseCoopers. He also spent several years designing and implementing cryptosystems for electronic commerce solutions for Fortune 1000 clients and government agencies.

But the links to Hollywood run deeper than war gaming and role play. When he is not defining and implementing the security strategy for Google's enterprise product suite, you are likely to find him practising the more arcane pursuits of magic and mentalism.

Indeed, you may know him better as Eran Raven, the contestant from NBC television show, Phenomenon.

“On a personal basis, I think the mentalism and profiling makes you curious,” he says. “It makes you want to attack problems, break them down and not accept the status quo. As a good security professional, I take those same types of skills. That’s really the way we do things a Google; let’s not accept things just because that’s the way it has been done in past. Let’s really attack it, break it down and ask: How can we do this better and change the way computing is done.”

It’s one of the reasons Google operates its own infrastructure, and custom-builds firewalls at the front end. But Feigenbaum maintains the real measure of a good security organisation is not just about security itself, but about how it reacts to an incident. For its part, Google employs more than 250 dedicated security professionals, as well as internal audit and compliance teams, physical security teams and those within the product teams.

“People don’t like to talk about it — we never want to think about getting into a car accident,” he says. “But the reality is security incidents happen for various reasons. It’s about how you react to that. Having a 24/7 security team is part of that and having our major security operations in California and Zurich so we can work through time zones.

"When there is a security incident, we assign an incident coordinator whose job is to triage that incident. And I think a big misnomer about this is if there is a security incident that affects customer data, we believe and contractually commit that it is our responsibility to notify those customers. There’s an idea that if something happens to your data, you won’t know. For sure – we will tell you.”

He says for all the hand wringing about Cloud security, it’s important to maintain perspective, even though he admits it is no panacea.

Read Google Apps vs Microsoft BPOS, Office 365

“We make headlines because we are Google,” he says. “But the reality is worse stuff is happening in the traditional environment every day.

“Is Cloud computing perfect security? No. It’s not. I’ll be the first one to say that. I was in an intelligence community where we proved we could find out information about a computer that was not connected to a network and was in a secure room, using various technologies. But I think Cloud computing is as secure, if not more secure, than what most organisations are doing today.”

Follow CIO Australia on Twitter: @CIO_Australia

Follow Georgina Swan on Twitter: @swandives

Join the CSO newsletter!

Error: Please check your email address.

Tags SaaSsecuritycloud securitycloud computingGoogle Apps

More about etworkGoogleISOMicrosoftNBCPricewaterhouseCoopers

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Georgina Swan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place