Cohesity expands Google Cloud partnership for cyber resilience

Cohesity has announced an expanded partnership with Google Cloud aimed at improving cyber resilience and data insight capabilities for organisations.
The partnership will introduce multiple new capabilities designed to help organisations better prepare for, respond to, and recover from cyber threats, as well as harness more value from their business data. According to industry data cited by Cohesity, enterprises incur an average cost of USD $540,000 per hour in downtime, highlighting a significant need for comprehensive cyber resilience solutions.
Through this enhanced collaboration, organisations will be able to leverage advanced artificial intelligence-driven tools and integrated threat intelligence to accelerate the detection and recovery from cyber incidents. New developments will focus on reducing business risk and operational disruptions that often accompany such events.
Paul Henaghan, Managing Director of Cohesity Australia and New Zealand, stated: "Australian businesses are facing mounting pressure to strengthen their cyber resilience strategies in an increasingly complex threat landscape. Through our expanded partnership with Google Cloud, organisations can now harness advanced AI-driven capabilities and integrated threat intelligence to detect and recover from cyber-attacks faster than ever. This collaboration delivers the security and speed needed to protect critical data while enabling organisations to gain greater data insights."
Among the upcoming features, Cohesity is launching the integration of Google Threat Intelligence within the Cohesity Data Cloud. This integration aims to provide customers with faster detection of threats within their backup data, using intelligence from a network of over 450 threat actors and insights based on more than 1,100 incident investigations annually. The goal is to enhance threat detection and incident response, boost containment, and minimise the impact of potential breaches.
The expanded partnership will also see increased cooperation between Cohesity's Cyber Events Response Team (CERT) and Google's Mandiant Incident Response teams. By combining resources, the two organisations aim to offer comprehensive incident response services, facilitating the containment, investigation, and mitigation of cyber attacks from both primary and backup infrastructures and helping to minimise business downtime.
Another feature being introduced is the establishment of a Cloud Isolated Recovery Environment (CIRE) in Google Cloud, collaboratively set up and validated by Cohesity customers and Mandiant. This measure is intended to allow rapid and trusted restoration of data and business operations following a cyber incident, aiming to help organisations maintain customer trust and reduce the broader impact of such events.
There will also be integration between Cohesity Data Cloud and Google's Security Operations, consolidating Cohesity's data protection features with Google's security management capabilities to promote improved data resilience and an enhanced security posture for joint customers.
As organisations continue to amass large volumes of data, the need to efficiently manage, analyse, and extract value from this data grows more pronounced. Cohesity is addressing this through the integration of its Data Cloud platform with Google Agentspace, introducing Cohesity Gaia as an artificial intelligence agent. This functionality will allow enterprises to securely search and analyse data across multiple hosting environments, utilising Google Cloud's Gemini models for advanced insights. The integration is designed to enhance compliance, data security, and the discoverability of trusted data assets.
Additionally, Cohesity Gaia will incorporate Google Gemini models to further its AI-powered enterprise search assistant, enabling more advanced data analysis, discovery, and management capabilities for users.
Stephen Orban, Vice President of Migrations, ISVs, & Marketplace at Google Cloud, commented: "In today's rapidly evolving threat landscape, organisations need comprehensive solutions that not only protect their data, but also help them derive value from it. Our collaboration with Cohesity will enable customers to strengthen their cyber resilience posture while accelerating their digital transformation journeys."
Vikram Kanodia, Vice President of Technology and Cloud Alliances at Cohesity, also addressed the significance of the agreement: "Cyber threats like ransomware continue to plague global organisations, putting their businesses at risk and limiting their ability to focus on new, value-driving activities and services. Cohesity is committed to offering the most comprehensive solution to keep our customers' businesses resilient, protect their critical data, help them quickly recover from incidents, while enabling them to find new insights into their data. Working closely with Google Cloud, we're strengthening that commitment, giving our joint customers the tools to not only protect their business data but transform it into a strategic asset."
Integrations with Google Cloud for cyber resilience and data insights are projected to be available by the summer of 2025, while the incident response partnership with Mandiant and integration with Google Security Operations are already available to customers.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Techday NZ

2 days ago

• Techday NZ

World's largest data breach exposes 16 billion credentials

The scale of the latest data breach, involving a staggering 16 billion new credentials and passwords, is forcing both experts and organisations to reckon with the ongoing weaknesses in global digital security. Described as the world's largest data breach, the incident has reportedly swept up data from a vast array of online platforms, including not only commercial giants like Apple and Google but also government services and numerous SaaS (Software as a Service) applications. Brian Soby, co-founder and CTO at AppOmni, whose company specialises in securing digital records, believes the breach was inevitable given the industry's reliance on outmoded security frameworks. Soby warns that the gravity of the situation goes beyond the raw numbers: "This isn't just a collection of old, previously leaked passwords; it appears to be a new, massive, and highly organised library of credentials." According to Soby, cybercriminals now hold a "roadmap for widespread account takeovers" that threatens the backbone of modern digital life — cloud services and SaaS applications — potentially outpacing many current security defences. Soby highlights a critical vulnerability at the heart of today's enterprises. While many organisations invest in identity management and access security projects, basic misconfigurations and failure to disable outdated forms of credential use leave them exposed. "Large credential dumps such as these are likely to highlight just how many organisations indeed remain vulnerable to credential attacks due to these insufficient protections," he adds. Spencer Young, Senior Vice President EMEA at cybersecurity firm Delinea, echoes the concern, underlining that static credentials, especially passwords which are seldom changed, represent an Achilles' heel. "Passwords alone – especially unrotated ones – leave consumers and organisations vulnerable to phishing, credential stuffing, and Pass-the-Hash attacks," he notes. Young stresses that the traditional advice of strong password hygiene is no longer sufficient. Instead, initiatives like automated password rotation and credential vaulting, which reduce the window of opportunity for attackers, should be the new standard. In terms of longer-term solutions, Young observes that passwordless authentication approaches are gaining traction. "Technologies such as biometrics, where biometric data remains encrypted and safely stored in the device and does not travel across the network, improves the authentication process," he explains. However, he warns that passwords themselves are far from obsolete; they are increasingly being relegated to the background as part of a layered, multifactor authorisation system that may include one-time passwords or magic links to enhance security. With cybercriminals orchestrating campaigns using vast troves of login data, the scale of weaponisation is unprecedented. Tim Eades, CEO and co-founder at Anetac, illustrates the dilemma facing organisations across the world, as these troves become "a commodity that are bought, sold, and weaponised in countless attacks." Eades notes that the unrelenting circulation of stolen records magnifies the risk over time, especially as new AI agents — sometimes deployed without adequate safeguards — can introduce further vulnerabilities and thousands of new access points for attackers. "The part that keeps CISOs up at night? These records circulate for years, the risk doesn't go away, it only grows over time." Raising further alarm, Eades points out that until affected organisations are identified, compromised individuals may have no warning or recourse. This opacity not only endangers users but also perpetuates a cycle in which threat actors vie to surpass one another, pushing the boundaries of data breaches ever further. He urges organisations to reinforce security measures: "Leaders should protect all credentials like they are the keys to the castle." Encouraging the use of unique passwords, two-factor authentication, and embedding a culture of security awareness are presented as essential starting points. Another concern arising from the breach is the "snowball effect" it might have on cyber-attacks, especially through the proliferation of sleeper accounts. Xavier Sheikrojan, Senior Risk Intelligence Manager at Signifyd, warns that fraudsters may use stolen credentials not just for immediate exploitation but to create dormant accounts for later and larger-scale attacks. He advocates for proactive action, urging businesses to monitor user behaviour, force password resets, and continually refine machine learning systems aimed at picking up fraudulent activity. As experts across the sector agree, the exposure of billions of records simultaneously marks a pivotal moment in the digital security landscape. While technology continues to advance, so too does the capacity and sophistication of cybercrime, prompting renewed calls for organisations and individuals alike to treat identity and access security with unwavering seriousness and vigilance.

Scoop

2 days ago

• Scoop

Tonga's Health System Hit By Cyberattack

A team of Australian cyber experts flew to Tonga this week after the country's National Health Information System was breached, leading to a demand for payment from the hackers. Talanoa O Tonga reports the Health Minister Dr Ana Akauola saying the system has been shut down, and staff are handling data manually. Dr Akauola said that hackers encrypted the system and demanded payment, but she has assured MPs "the hackers won't damage the information" on the system. This system was introduced in 2019 with Asian Development Bank (ADB) support to digitise Tonga's health records before going "live" in 2021. Police Minister Paula Piukala was critical of past governments for ignoring warnings that Tonga's digital infrastructure is not fully prepared for these threats. Journalist Sifa Pomana said the hackers are demanding millions of dollars, according to Tonga Police. Residents are being urged to bring essential records to the hospital to help with manual record-keeping.

Techday NZ

2 days ago

• Techday NZ

Exclusive: Logistics firms face rising OT cyber threats amid global tensions

Cyber attackers are increasingly targeting logistics and supply chain networks, aiming to destabilise nations and gain strategic leverage without ever crossing a border. According to Leon Poggioli, ANZ Regional Director at Claroty, the recent cyber espionage affecting logistics firms supporting Ukraine is not an isolated trend but part of a broader pattern. "There's two key reasons nation states do this," he explained during a recent interview with TechDay. "One is to disrupt the other nation's defences, and the other is to put political pressure on the general public by interfering with their supply chains." These attacks frequently target operational technology (OT) systems - the core infrastructure behind physical processes in logistics, energy, manufacturing and healthcare. Poggioli said attackers exploit connectivity in these environments to carry out sabotage remotely. "A lot of these environments have some kind of external connectivity, so that gives an attacker an ability to remotely trigger a cyber attack and disrupt those supply chains." In some cases, tactics have extended to disrupting weapons infrastructure, such as drones. "When one nation uses drones, the other will defend itself by trying to jam signals and disrupt that infrastructure," he explained. Compared to IT systems, OT vulnerabilities can be far more complex and risky to remediate. Poggioli noted that in OT, even small changes can impact safety and operations. "In the IT world, it's easy to push patches out," he said. "In OT, even a minor change can disrupt operations, so remediation needs to be more targeted." Claroty's platform is built to help organisations quickly cut through large volumes of vulnerability data to find what really matters. "A site may have 1,000 vulnerabilities, but we can whittle that down to the five that make the most impact," he said. "That becomes a manageable number that a cyber leader and OT asset manager can act on within weeks." Recent data from Claroty's global survey of cybersecurity professionals reinforces the growing financial and operational risks posed by cyber attacks on cyber-physical systems (CPS). Nearly half of respondents (45%) reported financial impacts of $500,000 USD or more from such attacks in the past year, with over a quarter suffering losses of at least $1 million. These costs were largely driven by lost revenue, recovery expenses, and employee overtime. "It's a growing concern across multiple sectors, particularly in chemical manufacturing, energy, and mining – more than half of organisations in those sectors reported losses over half a million dollars," Poggioli said. Ransomware remains a major burden, especially in sectors like healthcare where 78% of organisations reported paying over $500,000 to regain access to encrypted systems. "These are real costs, not theoretical risks," he added. "And they're rising." Operational downtime is also widespread. Nearly half of global respondents experienced more than 12 hours of downtime following an attack, with one-third suffering outages lasting a full day or more. "When operations halt, the financial and reputational damage mounts quickly," Poggioli said. He added that one of the most pressing vulnerabilities is the level of remote access in these environments. "We're seeing around 45% of CPS assets connected to the internet," he said. "Most of that is done through VPNs that were never built for OT security." Third-party access is another growing concern, with 82% of respondents saying at least one cyber attack in the past year came through a supplier. Nearly half said five or more attacks stemmed from third-party connections, yet 63% admit they don't fully understand how these third parties are connected to their CPS environment. Poggioli pointed to this as a critical blind spot. "Legacy access methods and poor visibility are allowing attackers in through the back door," he said. Even more concerning is the risk from insiders. "You want to be able to trust your team, but someone with inside knowledge can do more damage than an external attacker," Poggioli said. "Even air-gapped environments need constant monitoring." A cyber attack on Denmark's power grid in 2023 served as a wake-up call. "One operator didn't even know they had the vulnerable firewall in their system," he said. "That's why visibility is so important. You can't secure what you don't know exists." While preparedness across the logistics sector varies, Poggioli believes the industry is slowly recognising the strategic value of cybersecurity. "It's going to become a point of competitive advantage," he said. "Customers are going to start asking serious questions about cyber security and supply chain integrity." He drew a sharp distinction between cyber criminals and state-backed actors. "Cyber criminals want fast financial gain, but nation states are more focused on political objectives," he said. "They have better resources and longer timelines. That changes the game." Poggioli warned that just because no incident has occurred doesn't mean attackers aren't already embedded in critical networks. "There's growing evidence of adversaries nesting in these systems," he said. "My hypothesis is they're preparing for future conflict. If war breaks out, they're already in position to strike." For logistics firms looking to strengthen their defences, Poggioli said the first step is basic visibility. "Most people I speak to admit they don't know 100% what's out there or how it's connected," he said. "Start with an asset inventory. Once you have that, you can start risk modelling and reduce exposure." There are signs that resilience strategies are making a difference. According to the Claroty report, 56% of professionals now feel more confident in their CPS systems' ability to withstand cyber attacks than they did a year ago, and 72% expect measurable improvements in the next 12 months. Still, Poggioli said complacency is not an option. "If you don't know how big the problem is, you won't know how to solve it," he said. "Once you understand the risks, you can act to protect your operations and show the business the value of cyber security."