rvlsoft - Fotolia

Google to unveil post-Chronicle cloud cybersecurity plans

Google plans to discuss its cloud cybersecurity portfolio at a conference next week, with the capabilities developed by Chronicle figuring heavily into the mix.

Google is set to reveal how cloud cybersecurity technologies developed by Chronicle have been worked into its portfolio for large enterprise customers.

In June, Google Cloud announced it had acquired Chronicle, a startup launched within parent company Alphabet in 2015. Integration work has proceeded since then, and details will be shared at the Cloud Next '19 UK conference, which begins in London on Nov. 20.

A recent report on Chronicle from Vice's Motherboard publication painted a bleak picture of the company post-Google acquisition, with key executives including its founder and CEO departing, and dismal morale in the product-development trenches.

"People keep quitting. Sales doesn't know what to do, since there's no real product roadmap anymore. Engineering is depressed for the same reason," an unnamed Chronicle employee told the site.

Asked for comment, a Google spokeswoman pointed to the company's blog post on the upcoming announcements at Cloud Next UK, and did not address the claims of unrest at Chronicle.

Google plans to announce "multiple new native capabilities" for security, as well as planned new features for Backstory, Chronicle's main cloud cybersecurity product, according to the blog.

Backstory can ingest massive amounts of security telemetry data and process it for insights. It is geared toward companies that have a wealth of this information but lack the staff or resources to analyze it in-house.

Customers upload their telemetry data to a private repository on Google Cloud infrastructure, where it is indexed and analyzed by Chronicle's software engine. The engine compares the customer's data against threat intelligence signals mined from many sources and looks for problematic correlations.

Backstory will compete with both on-premises security information and event management platforms and cloud cybersecurity systems, such as Sumo Logic and Splunk. Rival cloud providers have responded as well, with one prominent case being Azure Sentinel, which Microsoft launched this year.

Beyond performance and results, pricing may be a key factor for Backstory. Chronicle has made much of the fact that it won't be priced according to data volume, but the exact nature of the business model still isn't clear. Microsoft uses a tiered, fixed-fee pricing scheme for Azure Sentinel based on daily data capacity.

Backstory's biggest opportunity may be outside Google Cloud

Jon OltsikJon Oltsik

While Chronicle's staff would have enjoyed more freedom if kept independent from Google Cloud, there's no evidence to suggest it's being held back at this point, according to Jon Oltsik, senior principal analyst for cybersecurity at Enterprise Strategy Group.

The Google Cloud management team needs to give Chronicle the latitude to innovate and compete.
Jon OltsikSenior principal analyst, cybersecurity, Enterprise Strategy Group

"The Google Cloud management team needs to give Chronicle the latitude to innovate and compete against a strong and dynamic market," he said. "This should be the model moving forward and I'll be monitoring how it proceeds."

There is an emerging market for specific security analytics and operations tools for monitoring the security of cloud-based workloads, which aligns well with Google Cloud, Oltsik added. But the bigger opportunity lies with customers who aren't necessarily Google Cloud users, he added.

Dig Deeper on Cloud infrastructure design and management