This post was originally published on this site

Welcome to the first Cloud CISO Perspectives for July 2026. Today, Francis deSouza, COO, Google Cloud and President, Security Products, explains the crucial role that deep context plays in creating an AI advantage for defenders.

As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog. If you’re reading this on the website and you’d like to receive the email version, you can subscribe here.

aside_block
<ListValue: [StructValue([('title', 'Get vital board insights with Google Cloud'), ('body', ), (‘btn_text’, ‘Visit the hub’), (‘href’, ‘https://cloud.google.com/solutions/security/board-of-directors?utm_source=cgc-site&utm_medium=et&utm_campaign=FY26-Q2-GLOBAL-GCP39634-email-dl-dgcsm-CISOP-NL-177159&utm_content=-&utm_term=-‘), (‘image’, )])]>

How AI leverages deep context as the defender’s advantage

By Francis deSouza, COO, Google Cloud and President, Security Products

Francis DeSouza 2026

Francis deSouza, COO, Google Cloud and President, Security Products

Attackers are making headlines with AI, but defenders have a distinct and powerful advantage.

AI is rapidly transforming the cyberthreat landscape, driving unprecedented shifts in the scale, speed, and sophistication of attacks. Just recently, Google Threat Intelligence Group documented a critical milestone: the first known case of a zero-day exploit built entirely with AI. While we successfully disrupted their plans and got the vulnerability patched before launch, it highlights exactly what we are up against.

With AI agents, attacks are accelerating at machine speed. Last year, the handoff time between the first and second stage of an attack was eight hours; today, it takes just 22 seconds.

There’s an old saying in cybersecurity that adversaries only have to be right once, but defenders have to be right every time. That is the attacker’s advantage.

But AI is rewriting those rules, delivering a decisive defender’s advantage built on deep context.

The AI Era: Attacker’s Profile vs. Defender’s Advantage

Aspect

Attacker’s Profile

Defender’s Advantage

Visibility

Limited to outside-in probing; little enterprise context upon entry.

Complete inside-out context; knows exact asset locations, application behavior, and team ownership.

Operational Speed

Executes multi-agent handoffs in 22 seconds.

Machine-speed defense; proactive mitigation in seconds (such as Morgan Stanley’s 90-second resolution.)

Core Tactics

Multi-model phishing, deepfakes, AI-built zero-days, and model poisoning. 

Closed-loop defense; continuous exposure mapping and accelerated code patching.

The unified blueprint: Google AI Threat Defense

Previously, enterprise context data was fragmented across disconnected security tools. Now, AI empowers defenders to synthesize this rich data into a unified, always-on, autonomous defense.

We built Google AI Threat Defense to combine Google’s security capabilities into a single platform: the advanced reasoning of Gemini, the contextual cloud power of Wiz, the code-level remediation capabilities of CodeMender, and the frontline intelligence of Mandiant.

Our platform transforms vulnerability management across a continuous four-step framework:

Stage

Technology & Actions

Strategic Value to the Enterprise

1. Prepare 

Map exposed applications, APIs, identities, and runtime environments using Wiz. Simulate attack paths with the Wiz Red Agent.

Hardens the foundation to reduce internet reachability before vulnerabilities hit production.

2. Scan & Prioritize 

Run multi-model scanning — using lighter models for broad coverage and Gemini frontier models for deep-dive analysis of high-risk assets.

Replaces massive alert lists with deep, context-driven risk validation, including an optimal cost per token.

3. Remediate 

Deploy CodeMender inside developer IDEs/CLIs to auto-generate verified code fixes.

Replaces slow, manual patching with autonomous code-level remediation and memory-safe migrations.

4. Monitor 

Deploy AI agents tied to Wiz to hunt for vulnerabilities and anomalies across network, identity, and application telemetry.

Pair with Google Security Operations to rapidly hunt for unknown threats.

Establishes machine-speed runtime detection for zero-day response and threats against unpatchable environments. 

To stop vulnerabilities before they hit production, Morgan Stanley partnered with Google Cloud and Wiz, aligning their strategy with the core principles of the AI Threat Defense framework: prepare, scan, remediate, and monitor. By replacing fragmented tools with this unified blueprint, Morgan Stanley collapsed its mean time to detect threats by 99.9%, shifting from a reactive 45-minute window to proactive mitigation in 90 seconds or less.

Google Cloud x Morgan Stanley: Redefining Threat Defense in the AI Era

Google Cloud x Morgan Stanley: Redefining Threat Defense in the AI Era

Maintaining strategic human oversight

While human-speed execution cannot keep pace with automated threats, human management remains essential. We align autonomous AI agents directly with the human teams they support. In Wiz, for example, the Red agent automates penetration testing, the Blue agent drives threat investigations, and the Green agent accelerates cloud remediation.

Every AI conversation is a security conversation. That means securing AI infrastructure requires building from the ground up, and not bolting on.

This ensures autonomy under human supervision, empowering engineering and security teams to eliminate backlogs and secure the software development lifecycle without sacrificing speed.

What’s next: AI-native, agent-driven infrastructure

The foundation of your defender’s advantage starts with protecting your environments — not just from outside threats, but from internal risks like shadow AI and unauthorized agents. When employees download models and deploy agents outside of IT oversight, they create silent logic breaches and data-poisoning risks.

The key to countering this is enforcing Zero Trust for AI, and directing teams toward approved architectures with proper governance. Every AI conversation is a security conversation. That means securing AI infrastructure requires building from the ground up, and not bolting on.

At Google, security is not just an added layer; it is our foundation. Our secure-by-default architecture automatically blocks nearly 15 billion unwanted emails and protects billions of users every day.

As the threat landscape matures, outperforming automated adversaries requires a platform built from the ground up to be AI-native and agent-driven.

Fight AI with AI. Learn more about how to secure your software lifecycle with Google AI Threat Defense.

aside_block
<ListValue: [StructValue([('title', 'Learn something new'), ('body', ), (‘btn_text’, ‘Watch now’), (‘href’, ‘https://www.youtube.com/watch?v=CmGWIwgHR60’), (‘image’, )])]>

In case you missed it

Here are the latest updates, products, services, and resources from our security teams so far this month:

  • FinOps for SecOps: How to optimize the agentic SOC for value: To be more resilient in AI adoption, CISOs should develop a disciplined “FinOps for SecOps” blueprint that maximizes threat disruption while keeping control over compute costs. Here’s how. Read more.
  • New IDC study: How Mandiant transforms security into a competitive advantage: A new IDC Business Value White Paper found that you save an average of $4.3 million, driving a 268% three-year ROI, with Mandiant Consulting. Read more.
  • Drive proactive security, prioritize risks with Google Threat Intelligence and Wiz ASM: To help you match your real-world exposures with real-time adversary activity, we’ve begun integrating Google Threat Intelligence with Wiz Attack Surface Management. Read more.
  • Shift into high gear with agents: Securing the software-defined vehicle: To better support and secure SDVs, Google Cloud and Valtech have partnered to develop Nexus SDV, a highly-scalable, AI-enabled connected vehicle platform. Read more.
  • Meet the 33 cybersecurity startups joining the Gemini Startup Forum: Our flagship Google for Startups program, Gemini Startup Forum: Cybersecurity, has selected its first 33 trailblazing startups. Read more.
  • Introducing k8s-aibom on GKE for automated AI bills of materials: We’re open-sourcing k8s-aibom, a Kubernetes controller that continuously monitors environments to detect AI runtimes and generate standard ML-BOMs. Read more.
  • BGP route policies: Top 3 use cases by customer demand: We detail the three most impactful use cases for Cloud Router BGP route policies that have emerged since 2025. Read more.
  • Contributing to U.K. financial sector resilience as a critical third party: The U.K. Treasury has designated Google Cloud EMEA as a critical third party (CTP) to the U.K. financial sector under the CTP regime. Here’s how that helps you. Read more.
  • Google Cloud confirmed to offer a safer choice for EU public sector organizations with Dutch DPIA approval: We understand that for the EU public sector, data protection is a prerequisite. We’re excited to reinforce this commitment with a major milestone. Read more.
  • Why IaC coverage belongs on your security dashboard: Rethinking infrastructure-as-code coverage as a funnel that shows how much of your infrastructure is governed, traceable, and ready for remediation at speed. Read more.
  • Inside the ProdSec playbook: Operationalizing Wiz for end-to-end cloud security: Rethinking infrastructure-as-code coverage as a funnel that shows how much of your infrastructure is governed, traceable, and ready for remediation at speed. Read more.
  • Build AI security agents with Wiz MCP: Power AI-driven security with trusted security context, Wiz AI Agents, and Wiz AI Skills. Read more.

Please visit the Google Cloud blog for more security stories published this month.

aside_block
<ListValue: [StructValue([('title', 'Join the Google Cloud CISO Community'), ('body', ), (‘btn_text’, ‘Learn more’), (‘href’, ‘https://rsvp.withgoogle.com/events/google-cloud-ciso-community-interest-form-2026?utm_source=cgc-blog&utm_medium=blog&utm_campaign=FY25-Q1-global-GCP30328-physicalevent-er-dgcsm-parent-CISO-community-2025&utm_content=cisop_&utm_term=-‘), (‘image’, )])]>

Threat Intelligence news

  • A look at the drivers, dynamics, and applications of the pro-Russia influence ecosystem: Four years into Russia’s full-scale invasion of Ukraine, the pro-Russia influence ecosystem has evolved from a tool of war back into a global strategic asset. The interconnected nature of the ecosystem’s disparate components makes it resilient to limited scope disruptions, a factor that defenders need to consider to mitigate pro-Russia influence threats. Read more.
  • Google’s continued disruption of malicious residential proxy networks: In coordination with the FBI, Lumen, and others, Google took action against the NetNut residential proxy network, also known as Popa. This action builds on our disruption of the IPIDEA proxy network that took place in January 2026, and is a continuation of Google’s objective to dismantle malicious residential proxy networks. Read more.
  • GhostApproval: A trust boundary gap in AI coding assistants: Learn how Wiz uncovered a category-level blind spot in modern AI coding assistants, and why the human-in-the-loop safety model fails against this classic threat. Read more.
  • The latest addition to Turla’s intelligence gathering apparatus: Google Threat Intelligence Group (GTIG) has conducted an in-depth analysis of a .NET backdoor, tracked as STOCKSTAY, that has been continually developed and deployed by the Russia-linked threat actor Turla, one of the oldest known cyber espionage groups, since at least December 2022. As part of our continued tracking of this group, we’re providing an overview of our STOCKSTAY analysis, a timeline of key developmental and operational observations, and detailed similarities to KAZUAR to contextualize this new capability in Turla’s arsenal. Read more.
  • Recovering active ADFS signing keys via Machine DPAPI: During a recent red team engagement, Mandiant discovered that when ADFS certificates are manually rotated, configuration drift can silently leave active signing keys exposed in Machine DPAPI. Here’s how to defend against it. Read more.

Please visit the Google Cloud blog for more threat intelligence stories published this month.

Now hear this: Podcasts from Google Cloud

  • Cloud Security Podcast: Building an AI-pilled, solo vibe-coded, Clickhouse-based SIEM: Dan Lussier, founder, Nano, unpacks how he vibe-coded an entire SIEM from scratch during his end-of-year holiday break. Listen here.
  • Cloud Security Podcast: Scaling lessons, from leading the NSA to defending the world: Morgan Adamski discusses how public-private partnerships and the shift to cloud infrastructure have transformed cybersecurity defense through improved intelligence sharing and collective trust. Listen here.
  • Cloud Security Podcast: Closest alligator to the canoe: How transforming the SOC became P0 for Lloyds Bank: Matt Row, chief security officer, Lloyds Bank, explains the bank’s digital transformation strategy, highlighting how it modernized its security operations center to achieve a 20x reduction in human-reviewed alerts. Listen here.
  • Defender’s Advantage: Human-machine teaming and applying AI to frontline threat intelligence workflows: Jake Nicastro, AI lead, Frontline Intelligence Operations, GTIG, details how his team is shifting from simple prompt engineering to more advanced agentic workflows, focusing on a model of human-machine teaming. Listen here.

To have our Cloud CISO Perspectives post delivered twice a month to your inbox, sign up for our newsletter. We’ll be back in a few weeks with more security-related updates from Google Cloud.