Google Cloud recently announced a new Data Security Posture Management (DSPM) offering, now available in preview, that provides users with end-to-end governance for data security, privacy, and compliance.
According to Gartner, DSPM provides a holistic view of where sensitive data resides, who has access to it, and how it is being used. It helps organizations assess their data’s current security state, identify potential risks, and implement controls to maintain the confidentiality and integrity of sensitive information. The typical users of DSPM include security and compliance teams, IT departments, and executive leadership.
Hamid Akhtar explained in a Medium blog post that the origins of DSPM trace back to the realization that conventional tools like Data Loss Prevention (DLP) and Security Information and Event Management (SIEM) couldn’t keep up with the volume and velocity of cloud data.
Born out of this necessity, DSPM filled critical visibility and control gaps. Within a year, it transitioned from a niche concept to an industry-defining category, and today, cybersecurity titans like CrowdStrike and Check Point have embraced the approach, either by developing native capabilities or integrating with startups.
The DSPM market is rapidly evolving, with several specialized vendors offering solutions for specific use cases. According to a recent discussion on Reddit among fintech professionals, vendors like Polymer are seen as highly “fintech-friendly” with their real-time, AI-powered solutions. Other players include BigID, known for its strong data discovery for large enterprises, and Open Raven, which provides solid visibility for cloud-native organizations. Moreover, this competitive landscape highlights the growing need for tailored DSPM solutions to manage the increasing data risks from SaaS sprawl, AI models, and stricter regulations.
Google Cloud’s new offering includes differentiating advanced data controls that match security, privacy, and compliance requirements and align with business needs. It is available as part of Google’s Security Command Center, a Cloud-native solution designed to reduce tooling complexity and provide a native platform experience.
The authors of a Google Cloud blog post on the offering explain:
DSPM starts with a data map that offers a birds-eye view of data across your Google Cloud environment, its sensitivity level, and its default security posture. Discovery can help apply policies to monitor and secure their data, allowing curated controls to be matched with their sensitive data needs.
(Source: Google Cloud blog post)
While Google Cloud’s new DSPM offering is a recent release in preview, competitors like Microsoft have also been developing similar data-centric security tools. Microsoft’s solution, which is deeply integrated with Microsoft Purview, focuses on a “data-centric” approach as it uses data-aware attack path analysis within Microsoft Defender for Cloud to prioritize vulnerabilities based on their proximity to sensitive data. While both services aim to centralize data security posture management and provide granular controls for compliance, Google’s offering is natively tied to its Security Command Center. In contrast, Microsoft’s is presented as a multi-cloud solution that unifies data governance and security across Azure, AWS, and GCP.
Lastly, more details are available in the user guide.
