Everyone is navigating AI security in real time — even Google

At a recent event in Los Angeles, Francis de Souza shared his perspective on the current state of AI security within enterprises and the challenges organizations must address as AI adoption accelerates. Speaking calmly amid the busy atmosphere backstage, he explained that the industry is still moving through a transitional phase but believes it will eventually arrive at a more secure and mature environment.

Ironically, even Google Cloud appears to be navigating that same transition internally.

De Souza emphasized a point security experts have long stressed to corporate leaders: security cannot be treated as an afterthought, especially in the era of artificial intelligence. According to him, businesses adopting AI need a platform-first mindset where governance and protection are built into the system from day one rather than added later. He also cautioned against the rise of “shadow AI,” where employees use public AI tools without company oversight, increasing security and compliance risks.

He stressed that a successful AI strategy must also include strong data management and cybersecurity policies. In his view, companies should demand governance, transparency, and auditability from AI platforms right from the start.

While his comments could easily sound like a promotion for Google Cloud, de Souza clarified that Google supports a multicloud philosophy. He argued that most enterprises are already operating across multiple cloud ecosystems, even if they believe they rely on a single provider, because SaaS applications and external business partners often use different cloud infrastructures. As a result, he said organizations need a unified security framework that works consistently across different clouds and AI models.

De Souza also highlighted how dramatically the cybersecurity landscape has evolved. He pointed out that the time between an initial security breach and the next phase of an attack has reportedly dropped from several hours to just seconds. Additionally, the attack surface has expanded beyond traditional networks to include AI models, training pipelines, prompts, and intelligent agents — all of which now require protection.

One major concern he raised involves AI agents moving across internal enterprise systems and uncovering forgotten or outdated data repositories. Older servers or neglected storage systems that once remained hidden could now become exposed as AI agents search through company environments and surface sensitive information.

To counter these rapidly evolving threats, de Souza believes organizations must fight automation with automation. He described the rise of AI-native, agent-driven security systems capable of responding to attacks at machine speed. Instead of relying entirely on humans to manage defenses directly, companies may increasingly depend on AI agents while human teams supervise overall operations. He also stressed that AI security has become a boardroom-level concern rather than an issue limited to IT departments alone.

However, despite AI taking on more security responsibilities, qualified professionals capable of managing these systems remain scarce. At the same time, the number of AI-related vulnerabilities is growing faster than many organizations can handle. Lea Kissner recently warned that the industry could face a “bug-pocalypse,” noting that achieving long-term stability in AI security may still take years.

The discussion becomes even more complicated when examining challenges involving the platform providers themselves. The Register recently reported multiple cases of developers using Google Cloud receiving unexpectedly massive bills tied to unauthorized Gemini API activity. Many affected users claimed they had never intentionally activated the services involved.

According to the reports, API keys initially created for Google Maps were later granted access to Gemini models after Google expanded permissions without clearly communicating the changes. This allegedly allowed attackers to exploit exposed keys and generate large usage charges.

One affected developer, Rod Danan, reportedly accumulated over $10,000 in charges within about half an hour after his API credentials were compromised. Another developer based in Sydney, Isuru Fonseka, faced charges of nearly AUD $17,000 despite believing his account spending limit was capped at $250.

The developers later discovered that Google’s systems had automatically increased their billing thresholds based on prior account activity, in some cases allowing spending limits to rise dramatically without direct user approval.

Google eventually refunded the affected customers after media attention intensified. Nevertheless, the company reportedly stated that it does not currently plan to revise its automated billing tier policies, arguing that avoiding service interruptions takes priority over strict enforcement of user-defined spending caps.

Additional concerns emerged from research conducted by cybersecurity firm Aikido. The research suggested that even after developers revoke compromised API keys, attackers may still be able to use them for several more minutes due to delays in how revocations propagate through Google’s systems.

Aikido researcher Joseph Leon stated that during this temporary window, many unauthorized requests can continue to authenticate successfully, potentially allowing attackers to access cached Gemini conversations or sensitive files.

Leon also noted that Google’s newer authentication systems appear to resolve credentials much faster, suggesting the longer delay affecting older API keys may not be a technical limitation but rather a matter of implementation priorities.

Taken together, de Souza’s warnings about AI security remain highly relevant and credible. However, the ongoing incidents involving Google Cloud also highlight a noticeable gap between the security practices major platforms recommend to customers and the speed at which they are addressing vulnerabilities within their own ecosystems.

Voice Of Osiz

At Osiz Technologies, we believe the rapid rise of AI is transforming enterprise operations, but it is also exposing organizations to a new generation of cybersecurity risks. As AI agents, data pipelines, and intelligent automation become deeply integrated into business ecosystems, security can no longer remain a secondary consideration. Enterprises must adopt a proactive AI governance strategy that combines strong data protection, real-time monitoring, and multi-cloud security resilience. The recent concerns surrounding unauthorized API access and AI-related vulnerabilities highlight the importance of building transparent, secure, and scalable AI infrastructures from the ground up. Businesses embracing AI should prioritize auditability, controlled access management, and continuous threat detection to avoid operational and financial risks. The future of enterprise AI will belong to organizations that balance innovation with responsible security practices. At Osiz, we see AI security not just as a technical requirement, but as a critical pillar for sustainable digital transformation.

Source: Techcrunch.com