Google Cloud COO: AI security requires platform approach from start
Original: Everyone is navigating AI security in real time — even Google
Why This Matters
Highlights critical security challenges as enterprises rapidly adopt AI technologies
Google Cloud COO Francis de Souza says companies must integrate security into AI strategies from the beginning, warning against 'shadow AI' where employees use consumer tools without oversight. Attack surface has expanded beyond traditional networks to include AI models, data pipelines, and agents.
Francis de Souza, Google Cloud COO, emphasized that AI security cannot be an afterthought as companies embark on AI adoption. He warned about 'shadow AI' where employees use consumer tools without organizational oversight and stressed the need for security, governance, and auditability from the start. 'There's no such thing as an AI strategy without a data strategy and a security strategy,' he said. De Souza noted the threat landscape has changed fundamentally, with attack handoff time dropping from eight hours to 22 seconds. The attack surface now includes AI models, data pipelines, agents, and prompts. He highlighted a specific risk where AI agents can discover forgotten data repositories like old SharePoint servers with outdated access controls.