The Shift to Agentic Defense
Francis de Souza, COO of Google Cloud, argues that the speed of modern cyberattacks—where the window between breach and exploitation has shrunk from eight hours to 22 seconds—renders human-led security models obsolete. He advocates for an "AI-native, fully agentic defense" where autonomous agents manage security operations under human oversight. This approach is necessary because the attack surface has expanded to include models, data pipelines, and agents themselves. A critical, often overlooked risk is that these internal agents can inadvertently expose forgotten, poorly secured data repositories (e.g., legacy SharePoint servers) that were previously hidden from view.
Security as a Platform Requirement
De Souza emphasizes that security cannot be a bolt-on feature; it must be integrated into the platform architecture from the start. Organizations must adopt a "platform approach" that enforces consistent security and governance across multicloud environments and various AI models. He warns against "shadow AI," where employees use consumer tools without oversight, and insists that a robust AI strategy is inseparable from a comprehensive data and security strategy. This is no longer just a technical challenge but a board-level governance issue.
The Gap Between Prescription and Practice
Despite this high-level advice, there is a disconnect between platform providers' security prescriptions and their actual infrastructure performance. Reports indicate that Google Cloud developers have faced massive, unexpected bills due to unauthorized API calls after Google silently expanded the scope of existing API keys to include Gemini. Furthermore, research by Aikido reveals that revoking a compromised API key does not provide immediate protection; keys can remain active for up to 23 minutes due to slow propagation across Google's infrastructure. While Google has technically solved this for newer credential formats—which revoke in seconds—the persistence of this delay for older keys suggests that the current security posture is often a matter of internal prioritization rather than an insurmountable engineering constraint.