Google struggles to manage security complexities

As the nature and scope of security threats has changed dramatically over the last few years, enterprise security professionals have struggled to keep up. But they're not alone. The folks at Google Inc. also have had their share of challenges in adjusting to the new state of security on the Web.

Even though Google sprang from the Internet culture that now dominates the corporate computing environment, the company is constantly working to understand the nature of the threats online and how they affect the company's customers and the broader Internet community, Scott Petry, Google's director of enterprise security and compliance said during a keynote speech at the Gartner IT Security Summit here Monday. Sure, Google has helped define and shape the way people work online, but that doesn't mean the company is immune to the complexities that online computing can introduce.

"It turns out that it's a very black-box world," Petry said. "We need to change our thinking to a security mentality that recognizes that the world is a black box and we don't know what some of the threats are and that we need to be able to respond to changes and threats as they happen. We don't know what we don't know. There's no way we can define a white box around all of the Google applications."