Everyone is navigating AI security in real time — even Google

The rapid evolution of AI technology presents significant security challenges for all organizations, including leading tech companies like Google. This necessitates a proactive and integrated approach to security, moving beyond traditional defenses that are no longer sufficient against sophisticated AI-driven threats. Francis de Souza, COO of Google Cloud, emphasizes that security cannot be an afterthought in the AI journey, requiring a platform-centric strategy from inception. He warns against "shadow AI," where employees use consumer tools without organizational oversight, stressing the need for embedded security, governance, and auditability in AI platforms.

De Souza advocates for a multi-cloud security posture, highlighting that companies rarely operate on a single cloud platform due to reliance on SaaS applications and diverse business partners. A consistent security strategy across various cloud environments and models is crucial to mitigate risks effectively.

The threat landscape has fundamentally shifted, rendering older defensive models obsolete. The time between a breach and the next stage of an attack has dramatically shrunk, and the attack surface has expanded to include models, data pipelines, agents, and prompts. De Souza also points to the danger of agents uncovering forgotten data repositories within internal systems, which could expose sensitive information if not adequately secured.

To combat these advanced threats, the solution lies in meeting machine speed with machine speed through an "AI-native, fully agentic defense." This involves AI-driven agents managing security, with humans overseeing the process. This shift elevates AI security to a board-level and executive team imperative, transcending its traditional role as solely a technology or security team concern.

Despite the push for AI-native defenses, a shortage of qualified personnel to oversee these systems persists. Moreover, AI itself introduces new vulnerabilities faster than security teams can address them. This is exemplified by incidents where Google Cloud developers faced large bills due to unauthorized API calls to Gemini models, stemming from API keys that gained expanded capabilities without clear disclosure.

These incidents highlight a broader issue with platform providers. Even when developers attempt to nullify compromised API keys, attackers may still retain access, underscoring the ongoing need for robust security measures and transparent communication from platform providers regarding changes in API capabilities and billing policies. This dynamic environment necessitates continuous adaptation and vigilance in AI security.