Google Cloud COO Francis de Souza recently shared critical insights on the evolving landscape of AI security. Speaking at an event in Los Angeles, de Souza highlighted that everyone, including tech giants like Google, is currently navigating the transition toward a more robust AI security framework. He emphasized that while the current phase is challenging, companies must adopt a platform-centric approach to reach a more secure equilibrium.
The core message from de Souza is that security cannot be an afterthought in the AI journey. He urged executives to move beyond treating security as a "bolt-on" feature or leaving it to individual employees. He specifically warned against "shadow AI"—the unauthorized use of consumer-grade tools by staff—and argued that organizations must demand built-in governance, security, and auditability from their platforms. "There’s no such thing as an AI strategy without a data strategy and a security strategy. They need to go hand in hand," he noted.
Interestingly, de Souza advocated for a multi-cloud reality rather than just pitching Google Cloud. He pointed out that even organizations aiming for a single cloud provider are inevitably multi-cloud due to SaaS applications and business partnerships. Therefore, maintaining a consistent security posture across different clouds and AI models is non-negotiable.
The threat landscape has fundamentally shifted, rendering old defensive models obsolete. De Souza noted that the average time for an attacker to move from initial breach to the next stage has collapsed from eight hours to just 22 seconds. Furthermore, the attack surface now includes AI models, data training pipelines, agents, and prompts, all of which require specialized protection.
A specific risk de Souza highlighted involves the autonomous nature of AI agents. Agents moving through internal systems can uncover long-forgotten data repositories, such as old SharePoint servers with outdated access controls. While these were previously protected by obscurity, agents can easily locate and expose this legacy data. His recommended solution is to meet machine speed with machine speed through the emergence of an AI-native, fully agentic defense system.
