Google Cloud unveils Indonesia BerdAIa for Security, bolstering cyber resilience with AI-enabled defense, local data region, and expert training.
Google Cloud unveiled Indonesia BerdAIa for Security, a cybersecurity-focused program that empowers organizations with best-in-class Google Cloud Security solutions, expertise, and training to bolster the cyber resilience of Indonesia’s key economic sectors and digital landscape.
Core to the program is the launch of Google Cloud’s new security operations data region in Indonesia, hosted in Google Cloud data centers located in Jakarta. This allows more organizations in Indonesia, including government agencies and enterprises in regulated industries, to take advantage of the intelligence-driven, AI-enabled Google Security Operations platform while meeting their local data residency requirements.
Research reveals that by embracing advanced AI-enabled security platform tools and threat intelligence, local organizations can transition from reactive to proactive security strategies, enabling them to reduce cyberattack-related losses by at least IDR 29 trillion (US$1.8 billion) over the next five years.
Fanly Tanto, Country Director, Indonesia, Google Cloud, said: “Financial losses and reputational damage from data breaches stem from three of security’s most deeply-rooted problems: threat overload, toil, and the widening talent gap. Indonesia BerdAIa for Security helps organizations overcome these problems. With access to AI-enabled security operations platform capabilities, actionable threat intelligence at unmatched scale, Mandiant experts, and essential training options, companies can confidently implement a modern approach for faster, more effective cyber threat detection, investigation, and response. They will emerge from this program with a defender’s advantage for protecting their most critical assets.”
Indonesia BerdAIa for Security leverages Google Cloud’s proven security transformation framework and comprehensive solution portfolio, as well as its elite security experts and Managed Security Service Provider (MSSP) partner ecosystem. It will facilitate:
- Independent assessment of an organization’s existing cybersecurity efforts across four core areas: security governance, security architecture, cyber defense, and security risk management;
- Delivery of in-depth, best-practice recommendations to improve security posture, based on the organization’s specific risk profile and current security maturity;
- Development of a bespoke strategy and roadmap for establishing, optimizing, or transforming its security operations or security operations center (SOC);
- Deployment of the intelligence-driven, AI-enabled Google Security Operations platform to reduce toil and accelerate threat detection, investigation, and response;
- Formulation and tracking of key performance indicators (KPIs), such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), to demonstrate enhanced security effectiveness and measurable improvements driven by Google Security Operations over time;
- Implementation of managed threat defense or co-managed SOC options for organizations seeking continuous support, including access to Mandiant frontline experts who provide 24/7 threat detection, investigation, and response services;
- Workforce cyber-readiness through on-demand, instructor-led, or hands-on courses, accessible via training platforms like Google Cloud Skills Boost for Organizations and Mandiant Academy.
Google Cloud’s local MSSP partner ecosystem consists of Accenture, Astra Graphia Information Technology (AGIT), Deloitte, Elitery (PT Data Sinergitama Jaya Tbk), SQShield (PT Gan Mitra Usaha), and more.
Under the program, Google Cloud and its MSSP partners will also provide subsidized access to Google Cloud Skills Boost for Organizations licenses and Mandiant Academy Learning Passes. These resources will enable organizations to educate senior management about cyber defense, prepare in-house cloud security engineers and security operations engineers for professional certification; simulate real-world cyberattack scenarios for security teams to rehearse and refine their incident response capabilities; and improve enterprise-wide end-user cyber literacy and hygiene.
Industry-leading organizations like Astra International, Bukalapak, Dipo Star Finance, and Kereta Api Indonesia are amongst the various early-movers that have joined the program.
Modern security operations infused with AI
Google Security Operations drives exponential gains in security team productivity while empowering them to detect and mitigate emerging threats. With the platform, an organization can ingest security telemetry data—with data residency controls—from across its IT environment (on-premises, Google Cloud, or multicloud), enriched with Google Threat Intelligence for forensic analysis and uncovering indicators of compromise. They can also utilize AI tools, underpinned by security-tuned Gemini models, to supercharge integrated Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR).
Today’s security teams are facing threat overload: hundreds of alerts per day to analyze and respond to. Each alert has the potential to be the first sign of a major security incident, but relatively few of them are. Google Security Operations’ always-on alert triage agent addresses threat overload by autonomously gathering context for suspicious activity, analyzing command line instructions, and mapping out the sequence of events. It then renders a verdict on each alert, such as its severity level, with next-step recommendations.
Once high-priority, contextualized incidents are surfaced, Google Security Operations’ investigation assistant reduces the toil (i.e., manual, repetitive, automatable, tactical tasks) associated with deeper investigation and remediation. For example, when conducting an investigation on a potential threat, a security analyst can simply ask the assistant questions about suspicious activity and receive concise summaries of its findings – all in natural language. The analyst can also use natural language to quickly generate complex search queries for threat hunting and create sophisticated detection rules to identify specific malware or threat actor techniques, instead of having to manually write them in specialized computer language. Additionally, the analyst can turn to Google Security Operations’ playbook assistant to build out entire SOAR playbooks that automate incident response workflows.
While there are efforts to train more security experts, AI can help bridge the talent gap in resource-constrained SOCs. For instance, with an alert triage agent, an investigation assistant, and a playbook assistant, a junior security analyst can perform advanced functions that previously required deep expertise in specific computing query languages and scripting, ultimately expanding the capabilities of security teams and helping them do more with less.
“Google Cloud has been incorporating machine learning (ML) into its security solutions for well over a decade. We’ve more recently integrated generative AI tools and AI agents, enabled by Gemini for Security, into these solutions, reducing the time security teams spend triaging and investigating incidents. This is part of Google Cloud’s expansive vision for an agentic SOC, where a connected, multi-agent system works alongside security professionals to autonomously take on routine tasks, augment their decision-making, automate workflows, and empower them to focus on what matters most: the complex investigations and strategic challenges demanding human expertise,” said Tanto.
