Close Menu
  • Home
  • AI
  • Entertainment
  • Finance
  • Sports
  • Tech
  • USA
  • World
  • Latest News

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

What's Hot

5 things to know before the stock market opens on Thursday

July 16, 2026

Cause of Sam Neill’s ‘sudden’ death revealed

July 16, 2026

Stock purchases with borrowed funds reach record market high levels

July 16, 2026
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram Vimeo
BWE News – USA, World, Tech, AI, Finance, Sports & Entertainment Updates
  • Home
  • AI
  • Entertainment
  • Finance
  • Sports
  • Tech
  • USA
  • World
  • Latest News
BWE News – USA, World, Tech, AI, Finance, Sports & Entertainment Updates
Home » Everyone is navigating AI security in real time, including Google
AI

Everyone is navigating AI security in real time, including Google

adminBy adminMay 24, 2026No Comments6 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp VKontakte Email
Share
Facebook Twitter LinkedIn Pinterest Email


I recently had the opportunity to sit down with Francis de Sousa, COO of Google Cloud, backstage at an event in Los Angeles. Speaking in the calm, measured tone of a university professor despite the din, De Souza offered some useful advice for companies trying to navigate the AI ​​security era we’re all experiencing. “There’s going to be a transition period, but I think we’ll be in a better place after that,” he said.

He wasn’t talking about Google at the time, but it’s clear that even Google is still figuring things out.

De Souza’s central message was one that security experts have been urging executives to internalize for years, and one now made more urgent by AI: “Security can’t be an afterthought.” “As companies embark on this AI journey, they need to take a platform approach,” he said. “Security is not something that can be added as an afterthought, and it cannot be left to employees to do whatever they want.” He specifically warned about “shadow AI” (employees reaching out to consumer tools without organizational oversight) and argued that companies need to demand security, governance, and auditability from their platforms from the start. “There is no such thing as an AI strategy without a data strategy and a security strategy. They need to work together.”

It’s worth noting that he wasn’t promoting Google Cloud alone. When he realized that his advice sounded like a Google ad, he rebelled. He said Google is committed to a multi-cloud approach, and argued that companies that think they operate on a single cloud almost certainly aren’t. “Even if they choose a single cloud, they rely on SaaS applications and may have business partners who use different clouds,” he said. “It is important for enterprises to have a consistent security posture across clouds and models.”

He also argued that the old defense model is too slow because the threat landscape has fundamentally changed. He noted that the average time from initial compromise to handover to the next stage of an attack has decreased from 8 hours to 22 seconds, and the attack surface has expanded far beyond traditional network boundaries. “In addition to the usual assets, there is a model. There is a data pipeline that is used to train the model. There are agents. There are prompts. All of this needs to be secured.”

One of the threats de Souza warned about is not getting enough attention. That means agents moving through a company’s internal systems can surface forgotten data repositories that no one has thought about in years. “A lot of organizations have old SharePoint servers (and access controls) that haven’t really been updated, which wasn’t a problem because no one really knew where the servers were. But agents walking around the enterprise would find those data assets and expose the data that was there.”

In his mind, the answer is to meet the speed of the machine to match the speed of the machine. “We are now seeing the emergence of AI-native, complete agent defense where organizations can run agents that drive defense,” he said. “Instead of having a human-led defense, or having a human involved, humans can now oversee a fully agent-based defense,” he said, adding that this is no longer just a technology issue, but a leadership issue. “This is a board-level issue and a management issue. It’s not just a security team issue.”

But while AI is taking on more defense workloads, there is a shortage of qualified talent to oversee it. Additionally, the vulnerabilities that AI itself introduces are proliferating faster than security teams can address them. “We’re going to need people to deal with bug catastrophes,” Lee Kisner, LinkedIn’s chief information security officer, told the New York Times this week, adding that he doesn’t expect the industry to understand AI security in a sustainable long-term way for at least a few years.

Now back to the platform provider itself. Over the past few weeks, The Register has published a series of reports documenting how a series of Google Cloud developers were hit with five-figure bills due to fraudulent API calls against Gemini models. Many of the developers had never used that service or intentionally enabled it. The incident followed a familiar pattern. API keys originally deployed for Google Maps and made public at Google’s own direction secretly gained access to Gemini after Google expanded its scope without explicitly disclosing the changes.

Rod Dunnan, CEO of interview preparation platform Prentus, said his bill reached $10,138 in about 30 minutes after the compromised API key was put into use by the attackers. Isuru Fonseka, a Sydney-based developer whose account was also compromised, noticed a charge of approximately AU$17,000, despite believing there was a spending limit of $250. What neither of them knew was that Google’s automated systems were upgrading their billing tiers based on their account history, effectively raising the limit to $100,000 without their explicit consent.

Google refunded both after The Register published its initial report. Still, Google told The Register that it has no plans to change its automatic tier upgrade policy, preferring to prevent outages over enforcing user-specified budget settings.

In the meantime, another question is what happens when developers try to shut things down. The Register reported this week that an investigation by security firm Aikido found that even developers who discover and quickly remove compromised keys may not be safe. According to Aikido’s findings, Google’s revocation propagates gradually throughout the infrastructure, allowing an attacker to keep the key in use for up to 23 minutes. The success rate during this period is unpredictable, with more than 90% of requests still authenticated within minutes, and attackers could use that time to steal files and cached conversation data from Gemini, Aikido researcher Joseph Leong told The Register.

Leon also pointed out that Google’s own new credential format doesn’t seem to have the same issue. Service account API credentials are revoked in approximately 5 seconds, while Gemini’s new AQ-prefixed key format takes approximately 1 minute. “Both are being executed at Google scale,” he writes in a related Aikido paper. “Both suggest that this is technically solvable with a Google API key as well.” So, according to Leon, the 23-minute window is a matter of company priorities, not engineering constraints.

It is worth considering this when reading Mr de Souza’s advice, which is sound and should be taken very seriously. He’s not wrong, but there is a gap between what the platforms are currently prescribing and how quickly the platforms themselves are adapting, and this is also a good thing to recognize.

If you buy through links in our articles, we may earn a small commission. This does not affect editorial independence.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Email
Previous ArticleJennifer Aniston’s Favorite Collagen Powder: Great Deal on Vital Protein
Next Article Oil prices fall after President Trump says talks with Iran are ‘constructive’
admin
  • Website

Related Posts

Apple Intelligence approves China launch with Alibaba and Baidu

July 16, 2026

How Elorian AI achieved a $300 million pre-seed valuation

July 16, 2026

Applied Computing wants to provide oil and gas operators with plant-wide AI models

July 16, 2026

Microsoft is reportedly training salespeople to silence OpenAI and Anthropic

July 16, 2026
Leave A Reply Cancel Reply

Our Picks

Newly freed hostages face long road to recovery after two years in captivity

October 15, 2025

Former Kenyan Prime Minister Raila Odinga dies at 80

October 15, 2025

New NATO member offers to buy more US weapons to Ukraine as Western aid dwindles

October 15, 2025

Russia expands drone targeting on Ukraine’s rail network

October 15, 2025
Don't Miss
Entertainment

Cause of Sam Neill’s ‘sudden’ death revealed

By adminJuly 16, 20260

More information has come to light since Sam Neill’s death. Three days after the Jurassic…

Family speaks out after Josh Grisetti’s death

July 16, 2026

Diddy sells Miami mansion for $55 million after prison sentence

July 16, 2026

Actress Maggie Grace divorces husband Brent Bushnell

July 16, 2026
About Us
About Us

Welcome to BWE News – your trusted source for timely, reliable, and insightful news from around the globe.

At BWE News, we believe in keeping our readers informed with facts that matter. Our mission is to deliver clear, unbiased, and up-to-date news so you can stay ahead in an ever-changing world.

Our Picks

Former CEO of Italian highway operator found guilty over Genoa bridge tragedy

July 16, 2026

Putin’s false claim to have captured one Ukrainian town reveals the bloody slowness of Russia’s advance

July 16, 2026

Two refugee boats disappear off the coast of Myanmar, leaving more than 500 people missing, UN agency says

July 16, 2026

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Facebook X (Twitter) Instagram Pinterest
  • Home
  • About Us
  • Advertise With Us
  • Contact US
  • DMCA
  • Privacy Policy
  • Terms & Conditions
© 2026 bwenews. Designed by bwenews.

Type above and press Enter to search. Press Esc to cancel.