I don’t drink coffee, but I was sipping orange juice, listening to Still Into You by Paramore as I pulled up to Topgolf at the MGM Grand. It was 8:19 AM, Vegas sunlight (and heat) bouncing off the pavement, and I was ready. One of our Carahsoft counterparts met me out front, and we walked together to the event space—clean layout, perfect views, and most importantly, the kind of energy you only get when you know a good day’s ahead.
As we got set up, I synced quickly with the team—Carahsoft orchestrating everything behind the scenes with the kind of grace only seasoned event pros have, and our Google counterparts locking in with us to ensure every detail was crisp. I met up with my co-pilot for the day, Atticus Lin, and we dove right into setup, welcoming attendees as they came in—familiar faces and fresh ones alike. Among them: Jason Frame, CIO of Southern Nevada Health District, and Bob Leek, CIO of Clark County—two leaders with real vision and commitment to secure transformation.
I kicked us off by grounding the room in reality—the current threat and incident landscape, what’s trending in the attacker playbook, and where defenders need to shift their strategy. Leaned into the Mandiant 2025 M-Trends Report to set context, then spoke from the frontlines about the friction security teams are still facing—alert fatigue, skill shortages, tooling sprawl—and how we combat all of it.
As I walked through the five key pillars of the Google Security Suite, I wanted to make sure folks in the room didn’t just hear what each piece does—but understood what makes it different when Arctiq is in the loop.
- Google Threat Intelligence (powered by VirusTotal): This isn’t just threat feeds. It’s curated, context-rich intelligence rooted in real-world breaches, updated with a velocity and fidelity that most orgs only dream of. At Arctiq, we don’t just surface that intel—we operationalize it across environments, embedding it into detections, playbooks, and risk-based decision making.
- Google SecOps: SecOps gives you the bones—unified telemetry at scale. What we do at Arctiq is provide the brain: detection engineering, automated triage design, and platform tuning that make your SOC work smarter, not just harder.
- Security Command Center (SCC): SCC is where posture meets context. It ties together asset inventory, misconfigurations, and threat exposure across your multi-cloud environment. We help teams use it not just for hygiene, but for prioritization. It’s about focus—not just findings.
- Chrome Enterprise Security: We make this tangible by tying it to endpoint hardening, DLP enforcement, and end-user risk management—especially important in hybrid and BYOD-heavy orgs where identity and access boundaries are constantly shifting.
- Mandiant Consulting: The brand speaks for itself—but where we come in is integration. When you bring Mandiant in through Arctiq, we’re right there beside them, ensuring knowledge transfer, follow-through, and program integration long after the last IR brief.
Each of these tools, on their own, is powerful. But when you combine them under a tailored strategy with Arctiq's expertise, they become more than the sum of their parts. They become a force-multiplier for any security operations program.
After setting the foundation with the suite, we took a moment to explain Google’s Secure Data Fabric—a concept I think is often misunderstood, but one I’ve come to really appreciate.
The Secure Data Fabric isn’t just another term for centralized logging. It’s about creating a thread of verifiable, usable, and governed security telemetry across every asset, environment, and user—whether they’re in the cloud, on-prem, or somewhere in between. It removes the guesswork. It makes compliance achievable. And with Arctiq, we bring structure to the sprawl—aligning it to your threat model, use cases, and regulatory landscape.
Then there’s Gemini for Security, which… honestly, I think a lot of folks still underestimate.
Gemini isn’t just a chatbot layered over your SIEM. It’s a contextual decision-support engine. It helps junior analysts think like seniors, and helps seniors work with surgical precision. We’ve trained our clients on how to use Gemini to accelerate investigation timelines, craft queries in natural language, summarize incidents, and even draft executive reports—all in seconds. When used intentionally, Gemini isn’t a shortcut—it’s a strategy.
Finally—what may have been the biggest mic drop of the morning—I walked the room through Google Unified Security (GUS). Hot off the heels of its unveiling at Google NEXT, we became the first partner to formally deliver this message to the broader industry. Now, let me talk to you—not just as a Principal Architect, but as someone who’s been deep in security since the before-SIEM-was-a-buzzword days.
Google Unified Security (GUS) is not a tool. It’s a philosophy.
It's what we’ve been asking for since the first time we duct-taped a threat feed to a log aggregator and tried to make meaning out of chaos.
GUS brings together SecOps, Gemini, Threat Intelligence, and the rest of the suite—not as loose integrations, but as a singular, interconnected platform where insights flow, context travels, and decisions get made with clarity.
Being the first partner to formally deliver this message to the industry wasn’t just an honor—it was a responsibility. We know what this means for security teams fighting fatigue, fragmentation, and failure points. GUS gives them what they’ve been missing—a unified view, an intelligent response mechanism, and an ecosystem that works the way they do.
Once I wrapped, it was Atticus’s time.
Atticus led a detailed walkthrough of Google SecOps, showcasing platform features that had attendees nodding, taking notes, asking questions—not performative interest, but real “this is exactly what we’ve been missing” kind of engagement. He walked through the SecOps signal unification, SOAR automation, and the contextual advantage of threat correlation across hybrid environments. He didn’t just present the tool—he masterfully demonstrated its mindset: proactive, scalable, intuitive.
Then he passed the mic to Dan Minella, our Nevada Regional Sales Lead and the reason we had the pleasure of hosting Jason and Bob. Dan’s relationships in the region are built on trust, results, and years of shared purpose—and it showed. He introduced Bob Leek, who gave one of the most riveting, candid takes I’ve heard on public sector cybersecurity.
Bob flipped the script on the usual narrative. While most orgs blend IT and security budgets—often to security’s detriment—Clark County has drawn a hard line, prioritizing cyber in a way that’s enabled them to secure presidential election ballots with confidence. It wasn’t just talk—it was about ensuring the CIA triad (Confidentiality, Integrity, and Availability) on every vote cast, and it hit home with everyone in the room.
When Jason Frame shared his journey at the Southern Nevada Health District, it struck a chord.
Before partnering with Arctiq, Jason’s team was drowning in false positives, false negatives, and a flood of alerts with no context. Talented professionals were stuck triaging noise, manually stitching together stories across tools that didn’t talk to each other.
Since bringing us in, we’ve become a true extension of their team. We helped them recalibrate their detection strategy, streamline alert routing, and build meaningful automation into their workflows. We didn’t just deploy tools—we reduced noise, amplified signal, and brought Jason’s team back to what matters: securing public health, not sorting logs. That’s why we do this.
After a quick break, we split tracks. I facilitated the executive track—and to be honest, it felt like coming home. I was surrounded by CISOs, VPs, and leaders who all carried the same weight: protecting operations without disrupting them, scaling teams and controls with limited resources, building culture while defending infrastructure.
We didn’t round-robin. No one was put on the spot. Instead, we leaned into deep discussion. In an hour, we only made it through five questions. But the insights shared—especially around data governance and the cultural dynamics of organizational change—were equivalent to a year’s worth of boardroom strategy. We discussed how culture influences risk acceptance, how governance frameworks can either empower or constrain, and how security’s success is often more about relationships than firewalls.
As we wrapped, I had the pleasure of announcing something we’ve been quietly building: the Arctiq Security Leaders Forum, which will launch right here in Las Vegas. It’ll be a recurring space—local, relevant, focused—where we drive action on regional cybersecurity challenges and grow together as a community. We’ll also be expanding to other West Coast locations soon.
What struck me most as I joined the Capture the Flag group near the end wasn’t just what they accomplished—it was how fast they got there. And a big part of that was thanks to Atticus Lin.
Atticus didn’t just hand them a platform and say “good luck.” He translated it. He broke SecOps down into intuitive workflows, showed how SOAR automations could be tested and iterated on live, and—critically—gave every participant a moment of clarity. Whether they were a seasoned analyst or someone just beginning their journey in security, he brought them all to the same starting line quickly.
He walked them through how to leverage Gemini for Security not just as a fancy assistant, but as a strategic partner in decision-making. From threat research to alert investigation to surfacing anomaly patterns that would’ve taken hours to stitch together manually—he showed how to wield it with purpose.
Participants were vocal afterward about how the SecOps interface felt natural, even to those with limited experience. They weren’t buried in menus or paralyzed by choice—they were exploring, acting, and learning in real time. And the platform’s ability to unify data across sources meant no one had to play “connect the dots” with fragmented telemetry.
It was a reminder of how powerful access + enablement can be. The best tech in the world won’t change a team unless someone shows them how to use it with confidence. That’s exactly what Atticus did. And the ripple effect? You could feel it in the room.
We closed out the morning with good food, great conversation, incredible people—and yeah, a few swings at Topgolf. We won’t talk about any scores, but let’s just say I stick to security strategy for a reason.
Events like this remind me why I love what I do. Why partnerships like ours—with Google and Carahsoft—are more than logos on a slide. They’re force multipliers. They’re proof that when you bring the right minds together, in the right environment, with the right intention, security becomes more than protection—it becomes progress.
Ready to move from security chaos to confident control? Arctiq and Google Cloud Security makes it happen. Let's build your smarter, faster, unified security program. Connect with us.
