That tells me there isn't a single security research group, but at least six of them. Which doesn't surprise me.
Shouldn't they be blogging the org chart? When I want to follow updates, it's generally from a particular part of the org. Each group has its own separate mission and its own audience.
That makes as much sense as saying every Y Combinator startup should post on a single shared blog, with tags to filter by company.
No -- a single blog should revolve around a single group of authors writing around a single, concrete theme -- an individual product, product suite, initiative, or similar.
The idea of a single blog with 500 posts a day from 500 different people sounds terrifying, tags or not. It's too many tags -- like, you'd need tags for the tags!
And? It has a couple of posts a day on average. It's extremely high-level. It's not aggregating the probably hundreds of posts you'd get across the entire corporation.
You'd never in a million years want content like this mixed in with that:
googleprojectzero.blogspot.com, security.googleblog.com, cloud.google.com/blog/topics/threat-intelligence, bughunters.google.com/blog, blog.google/technology/safety-security