Cloud CISO Perspectives: Going beyond 2FA to address fast-rising, emerging threats

Google Cloud is enhancing security against identity-based cyberattacks with two key innovations. These advancements are passkeys and Device Bound Session Credentials (DBSC), developed in partnership with the security community. Identity-based attacks, including stolen credentials and phishing, are a growing threat, accounting for 37% of breaches in 2024. Passkeys offer a more secure and simpler alternative to passwords, being cryptographically tied to a user's device. DBSC, currently in beta, aims to disrupt cookie theft by binding authenticated sessions to specific devices. This technology creates a cryptographic key pair, with the private key securely stored, and periodically proves possession to refresh session cookies. This limits the usefulness of stolen cookies for attackers. Google strongly recommends Workspace customers, especially those with high-value users, implement passkeys and DBSC. The company is also sharing recent security updates and threat intelligence from its teams. These include insights on secure cloud usage, AI security, and responses to various cyber threats. Google Cloud continues to innovate and collaborate to provide robust security solutions for its users.