Back to News Hub
☁️Google Cloud AI
July 16, 2026
Business

Cloud CISO Perspectives: How AI leverages deep context as the defender's advantage

Overview

Welcome to the first Cloud CISO Perspectives for July 2026. Today, Francis deSouza, COO, Google Cloud and President, Security Products, explains the crucial role that deep context plays in creating an AI advantage for defenders. As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog.

Key Takeaways

  • If you're reading this on the website and you'd like to receive the email version, you can subscribe here .
  • Last year, the handoff time between the first and second stage of an attack was eight hours; today, it takes just 22 seconds.

    There's an old saying in cybersecurity that adversaries only have to be right once, but defenders have to be right every time.

  • Operational Speed Executes multi-agent handoffs in 22 seconds.

    Machine-speed defense; proactive mitigation in seconds (such as Morgan Stanley's 90-second resolution .

  • We built Google AI Threat Defense to combine Google's security capabilities into a single platform: the advanced reasoning of Gemini, the contextual cloud power of Wiz, the code-level remediation capabilities of CodeMender, and the frontline intelligence of Mandiant.

    Our platform transforms vulnerability management across a continuous four-step framework: Stage Technology & Actions Strategic Value to the Enterprise 1.

  • Remediate Deploy CodeMender inside developer IDEs/CLIs to auto-generate verified code fixes.
Cloud CISO Perspectives: How AI leverages deep context as the defender's advantage

If you're reading this on the website and you'd like to receive the email version, you can subscribe here . aside_block How AI leverages deep context as the defender's advantage By Francis deSouza, COO, Google Cloud and President, Security Products Francis deSouza, COO, Google Cloud and President, Security Products Attackers are making headlines with AI, but defenders have a distinct and powerful advantage. AI is rapidly transforming the cyberthreat landscape, driving unprecedented shifts in the scale, speed, and sophistication of attacks.

Just recently, Google Threat Intelligence Group documented a critical milestone: the first known case of a zero-day exploit built entirely with AI . While we successfully disrupted their plans and got the vulnerability patched before launch, it highlights exactly what we are up against. With AI agents, attacks are accelerating at machine speed.

Last year, the handoff time between the first and second stage of an attack was eight hours; today, it takes just 22 seconds. There's an old saying in cybersecurity that adversaries only have to be right once, but defenders have to be right every time. That is the attacker's advantage.

But AI is rewriting those rules, delivering a decisive defender's advantage built on deep context. The AI Era: Attacker's Profile vs. Defender's Advantage Aspect Attacker's Profile Defender's Advantage Visibility Limited to outside-in probing; little enterprise context upon entry.

Complete inside-out context; knows exact asset locations, application behavior, and team ownership. Operational Speed Executes multi-agent handoffs in 22 seconds. Machine-speed defense; proactive mitigation in seconds (such as Morgan Stanley's 90-second resolution .

) Core Tactics Multi-model phishing, deepfakes, AI-built zero-days, and model poisoning. Closed-loop defense; continuous exposure mapping and accelerated code patching. The unified blueprint: Google AI Threat Defense Previously, enterprise context data was fragmented across disconnected security tools.

Now, AI empowers defenders to synthesize this rich data into a unified, always-on, autonomous defense. We built Google AI Threat Defense to combine Google's security capabilities into a single platform: the advanced reasoning of Gemini, the contextual cloud power of Wiz, the code-level remediation capabilities of CodeMender, and the frontline intelligence of Mandiant. Our platform transforms vulnerability management across a continuous four-step framework: Stage Technology & Actions Strategic Value to the Enterprise 1.

Prepare Map exposed applications, APIs, identities, and runtime environments using Wiz. Simulate attack paths with the Wiz Red Agent. Hardens the foundation to reduce internet reachability before vulnerabilities hit production.

Scan & Prioritize Run multi-model scanning - using lighter models for broad coverage and Gemini frontier models for deep-dive analysis of high-risk assets. Replaces massive alert lists with deep, context-driven risk validation, including an optimal cost per token. Remediate Deploy CodeMender inside developer IDEs/CLIs to auto-generate verified code fixes.

For more details please read the original article at Google Cloud AI.

Why It Matters for Business

Real business deployments are the most reliable signal of where AI is generating measurable ROI. Watching which sectors operationalize AI, what they pay for it, and how it changes their P&L tells you more than any vendor demo. These case studies are what serious buyers and investors triangulate on.

Continue Learning

Originally published by Google Cloud AI
Read the original

Comments

Sign in to join the conversation