Google Faces AI Security Scrutiny as Experts Warn Businesses Against Emerging Threats

As businesses race to adopt artificial intelligence, experts are warning that security can no longer be treated as an afterthought. Speaking at an event in Los Angeles, Francis de Souza, Chief Operating Officer of Google Cloud, stressed that organizations must integrate security into their AI strategies from the outset. According to de Souza, companies that fail to build strong governance, auditability, and data protection measures into their AI systems risk exposing themselves to significant operational and cybersecurity threats.

De Souza highlighted the growing concern of “shadow AI,” where employees independently use consumer AI tools without oversight from their organizations. He argued that a successful AI strategy must be supported by a comprehensive data and security framework, noting that businesses cannot rely solely on employees to manage AI-related risks. He also emphasized that organizations should maintain a consistent security posture across multiple cloud environments, as most enterprises inevitably rely on a combination of cloud providers, software platforms, and third-party services.

The Google Cloud executive further warned that cyber threats are evolving at unprecedented speed. He noted that the average time between an initial system breach and the next stage of an attack has reportedly fallen from several hours to mere seconds. At the same time, the rise of AI models, data training pipelines, prompts, and autonomous agents has dramatically expanded the attack surface that organizations must secure. One overlooked risk, he said, is the ability of AI agents to uncover forgotten databases and legacy systems containing sensitive information that may have remained hidden for years.

To counter increasingly sophisticated attacks, de Souza believes organizations will need AI-powered security systems capable of responding at machine speed. He described the emergence of fully autonomous, AI-driven defense mechanisms that can monitor threats continuously while human experts oversee operations at a strategic level. However, cybersecurity professionals caution that the industry still faces a shortage of qualified talent capable of managing these systems. Lea Kissner recently warned that the technology sector may need several years before it develops a sustainable understanding of long-term AI security challenges.

Despite advocating stronger AI security practices, Google itself has come under scrutiny over security concerns linked to its Gemini AI platform. Reports have emerged of developers receiving unexpected five-figure bills after compromised API keys were allegedly used to access Gemini services they had not intentionally enabled. Security researchers have also raised concerns over delays in API key revocation, claiming attackers may continue using compromised credentials for several minutes after deletion. While Google has refunded affected developers, the incidents have fueled debate about whether major technology platforms are adapting quickly enough to the risks created by the rapid expansion of artificial intelligence. As AI adoption accelerates worldwide, the gap between security recommendations and real-world implementation remains one of the industry’s most pressing challenges.

source: techcrunch