Cloud CISO Perspectives: How Google approaches critical security topics, from fundamentals to AI
As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here.
aside_block
How Google approaches critical security topics, from fundamentals to AI
By Royal Hansen, vice-president, Engineering
Royal Hansen, vice-president, Engineering
We’re in the midst of a generational refactoring of the entire technology stack, and 2025 was the year AI moved to the forefront of the cybersecurity agenda. It’s clear that as 2026 progresses, the game is changing for both attackers and defenders. It’s an exciting — and daunting — time to be in our industry.
To help support the cybersecurity community, Google Cloud hosts quarterly, free, online Security Talks that bring together security leaders and practitioners to hear from Google and industry experts. Our newest Security Talks takes a deep dive into how Google approaches the thorniest of today’s security challenges, from understanding the threat landscape, to managing AI infrastructure risks, to building a resilient security strategy for the future.
Using agents in the security operations center is a key goal of how we’re innovating with AI, and you’ll continue to see more related offerings throughout 2026.
The rapidly-evolving AI threat landscape
Threat actors have been experimenting with AI and are incorporating it into their operations, as John Hultquist discussed earlier this month. Adversaries are using AI to automate and enhance their operations, treating it like software development or knowledge work.
The most concerning developments are:
* AI-powered malware and automated intrusion activity: These scaled, automated, and dynamic attacks are much faster than human-involved attacks, and are harder to defend against.
* Targeting critical infrastructure and supply chains: While targeting health services, energy, grocery stores, and other essential services isn’t new for threat actors, AI is changing the scale and scope of their attacks.
* More aggressive attacks: These include ransomware, which is the easiest way for attackers to monetize vulnerabilities, making personal threats, and vishing.
* Vishing awareness: Attackers are using voice, text, and other channels besides email for delivering phishing messages, and becoming more creative at the same time.
Foundational risks to AI infrastructure
Fundamentally, the risk of losing control of AI infrastructure goes beyond launch processes and software development processes because it’s about more than just writing software. It's about business processes that could lead to where you might lose control of how AI is being used in any one of those steps — and that makes it an issue of governance.
Google is working on controls to manage key risks to AI generally. These include evaluating:
* Loss of control risk: We strongly recommend implementing an overarching governance of launch, software development, and procedural business processes to prevent losing control of AI.
* Supply chain risk: We advocate for implementing tamper-proof provenance for risks associated with models, orchestration servers, tools called by agents, and third-party security, mirroring but expanding on traditional software supply chain best practices.
* Data risk: Data is the new perimeter. The data used to train models can be poisoned, manipulated, and used to plant a back door.
* Input and output risk: We also recommend treating prompts like code to better manage prompt manipulation risks. This is similar to traditional SQL injection risk management.
Google's defense strategy and AI agents
We’ve had a lot to say about defense and AI, and how we’re using agents to boost the defender’s daily workflow. Agentic AI is transforming traditional security operations, as agents combine advanced AI models with security tools. They have started to identify, reason through, and take actions to accomplish goals on behalf of defenders.
These capabilities mark a fundamental shift, where agents work alongside security teams and give human analysts more time to focus on challenges that truly demand their expertise. Using agents in the security operations center (SOC) is a key goal of how we’re innovating with AI, and you’ll continue to see more related offerings throughout 2026.
Some areas where we can highlight that work so far include:
* Building semi-autonomous defense: The current focus is on a semi-autonomous SOC that goes faster but keeps humans (including analysts and forensics experts) in the loop, moving toward an eventual autonomous, self-defending state.
* Agentic workflows: These workflows use the same existing tools, teams, and processes but connect steps faster to strengthen analysts. Fully automated tasks include alert triaging and threat hunting.
* Interface and usability: The interface is similar to Gemini, allowing analysts to interrogate and engage with workflows using natural language.
* Prompt reuse: Analysts can save effective prompts for specific use cases and actions in the agentic SOC, and make them available to the rest of the team. This can also help with risk management, by narrowing in on use cases and mitigating prompt injection vulnerabilities.
* Ecosystem integration: The system strings together existing third-party tooling with first-party products (such as Google Security Operations and Google Threat Intelligence) to help teams to benefit from third-party tool upgrades without ripping out existing infrastructure.
* Protection: The ecosystem is protected by Identity and Access Management (IAM), Cloud Armor (acting as a firewall for models), and policies and logging to defend against AI risks like data poisoning and prompt injection.
Learn more about how Google does security
Over the past year, we’ve pulled back the curtain on how Google approaches critical security topics, including implementing AI red teams, finding and fixing software vulnerabilities, using threat intelligence to track down cybercriminals, modernizing threat modeling, and building security programs at a global scale.
To learn more, you can check out all of the new Security Talks presentations here.
aside_block
In case you missed it
Here are the latest updates, products, services, and resources from our security teams so far this month:
* Why cloud, data centers, and utilities should be cybersecurity partners: Utilities, data centers, and cloud providers should partner to develop resilience and secure critical infrastructure. Here’s why. Read more.
* Delivering a secure, open, and sovereign digital world: At Google Cloud, we believe that digital services should be built on a foundation of trust. To support that goal, today we’re expanding our Sovereign Cloud portfolio. Read more.
* Keeping Google Play and Android app ecosystems safe in 2025: As bad actors use AI to change their tactics and launch increasingly sophisticated attacks, we’ve deepened our investments in AI and real-time defenses for Google Play and the Android app ecosystems over the last year to maintain the upper hand and stop these threats before they reach users. Read more.
* Resilience in the AI era: Here’s the latest on how Google is encouraging the IT and business communities to take a full-stack, collaborative approach to security, and build a shared digital foundation that transcends borders. Read more.
Please visit the Google Cloud blog for more security stories published this month.
aside_block
Threat Intelligence news
* Disrupting the GRIDTIDE global cyber-espionage campaign: Google Threat Intelligence Group (GTIG), Mandiant, and partners have taken action to disrupt a global espionage campaign targeting telecommunications and government organizations in dozens of nations across four continents. Read more.
* How UNC6201 is exploiting a Dell RecoverPoint for virtual machines zero-day: Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Machines by UNC6201, a suspected PRC-nexus threat cluster. Read more.
* Threats to the defense industrial base: The modern defense sector faces a relentless barrage of cyber operations conducted by state-sponsored actors and criminal groups. In recent years, Google Threat Intelligence Group (GTIG) has observed several distinct areas of focus in adversarial targeting of the defense industrial base. Read more.
* UNC1069 targets the cryptocurrency sector with new tooling and AI-enabled social engineering: North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) sectors. Mandiant recently investigated an intrusion targeting a FinTech organization in this sector, attributed to UNC1069, a financially-motivated threat actor active since at least 2018. Read more.
Please visit the Google Cloud blog for more threat intelligence stories published this month.
Now hear this: Podcasts from Google Cloud
* Two security leaders on measuring agentic SOC success: What are the best metrics to use to evaluate the success of the agentic SOC — and how should we measure them? Alexander Pabst, global deputy CISO, Allianz SE, and Michael Sinno, director, Detection and Response, Google, debate the next SOC evolution with hosts Anton Chuvakin and Tim Peacock. Listen here.
* Why new tools won’t fix broken SOC processes (even with AI): Daniel Lyman, vice-president, Threat Detection and Response, Fiserv, chats with Anton and Tim about the difference between true SOC transformation and buying a newer product but leaving old processes intact. Listen here.
* Behind the Binary: Jailbreaking, prompt injection, and the agentic flaw in MCP: Host Josh Stroschein is joined by Kevin Harris, who says that skilled adversaries have a 100% success rate against all of the defenses that we know about. Listen here.
To have our Cloud CISO Perspectives post delivered twice a month to your inbox, sign up for our newsletter. We’ll be back in a few weeks with more security-related updates from Google Cloud. 🔗 Google Security
https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-google-approaches-critical-security-topics-fundamentals-to-ai/?utm_source=dlvr.it&utm_medium=blogger
No hay comentarios.