Cloud CISO Perspectives: The 4 lessons that guided AI Threat Defense

As with all Cloud CISO Perspectives, the contents of this newsletter are posted to the Google Cloud blog . If you're reading this on the website and you'd like to receive the email version, you can subscribe here . aside_block Cloud CISO Perspectives: The 4 lessons that guided AI Threat Defense By Chris Betz, CISO, Google Cloud Chris Betz, CISO, Google Cloud Just a year ago, it would take months or even years for a good application security team to find thousands of vulnerabilities.

Today, a team equipped with multiple AI models can find the same number in hours - or even minutes. AI is rewriting the rules of cybersecurity. It's true that AI has boosted adversaries, introducing new threat actors, techniques, and surfaces to defend against, all operating with unprecedented scale, speed, and sophistication.

AI-powered attackers are developing zero-day exploits by analyzing more than just source code: Configuration vulnerabilities, binaries, and firmware are all in their crosshairs. However, AI has also created a significant advantage for defenders. Not only are these same capabilities in our hands, adding to our defense, but we have the added advantage of the full business context that adversaries lack.

Software security, and especially vulnerability finding and fixing, is being revolutionized. Security is changing rapidly, demanding that we all innovate in response. Here is how we are approaching this work today, and some of the lessons we learned along the way.

It's clear that the AI benefits for security are rapidly evolving, and we can no longer rely on legacy, manual defenses. The new imperative for CISOs and business leaders is to transform vulnerability management by combating machine-speed threats with a defensive strategy that's AI native, agentic, and open. We've been preparing for this moment for years: From Project Naptime , an internal project to automate vulnerability hunting (so security researchers can take regular naps), to Big Sleep , our autonomous zero-day hunter, to CodeMender , our automated AI-patching agent, we've innovated to advance using AI to improve security for all.

Across our products and services, we've found that a unified approach helps us protect Google at Google scale . Based on this approach, we recently introduced AI Threat Defense as a pathway to achieve the threat-readiness transformation that you need to defend against AI threats with AI. The framework is straightforward, and you'll find that it's ultimately about two key points: Using rapidly-advancing AI to protect ourselves.

Four key lessons Our work is built on a four-step framework, structured directly on what we learned: Prepare : How Google started the journey - hardening our foundation and operationalizing the framework. Scan and prioritize : How we identified vulnerabilities - conduct deep-dive analysis and posture validation. Remediate : What we learned from remediation - implement workflows to autonomously verify and patch vulnerabilities quickly.