Google Cloud COO Highlights AI Security Challenges as Threats Evolve at Machine Speed
At a recent Los Angeles event, Google Cloud COO Francis de Souza emphasized the urgent need for organizations to integrate security into AI adoption from the outset, warning that outdated defensive models are no longer sufficient. Speaking to the risks of "shadow AI" where employees use unvetted consumer tools de Souza stressed that AI strategies must be paired with robust data and security frameworks. He also highlighted the expanding attack surface, noting that threats now move at unprecedented speeds, with the average time between a breach and lateral movement dropping from eight hours to just 22 seconds.
De Souza pointed to overlooked vulnerabilities, such as forgotten data repositories (e.g., old SharePoint servers) that AI agents can uncover, exposing sensitive information. To counter these risks, he advocated for AI-native defenses, where automated agents operate at machine speed under human oversight a shift he framed as a board-level priority. However, the industry faces a critical skills gap, with security teams struggling to keep pace with AI-driven vulnerabilities.
Meanwhile, Google Cloud itself has faced scrutiny over security lapses. Recent reports revealed developers hit with five-figure bills after attackers exploited publicly exposed API keys originally meant for Google Maps that were later repurposed for Gemini access without clear disclosure. Victims, including Prentus CEO Rod Danan and Sydney-based developer Isuru Fonseka, saw charges surge to $10,000 and AUD $17,000, respectively, after Google’s automated systems raised their spending limits without explicit consent. While Google issued refunds, it maintained its policy of prioritizing service continuity over user-set budgets.
Further investigations by security firm Aikido found that revoking compromised API keys doesn’t immediately halt attacks. Due to gradual propagation across Google’s infrastructure, attackers can exploit keys for up to 23 minutes post-deletion, exfiltrating data or cached conversations. Aikido researcher Joseph Leon noted that newer credential formats revoke in seconds, suggesting the delay is a matter of priority rather than technical limitation. The incidents underscore a disconnect between Google’s security prescriptions and its own platform’s adaptability.
Source: https://techcrunch.com/2026/05/24/everyone-is-navigating-ai-security-in-real-time-even-google/
Google Cloud TPRM report: https://www.rankiteo.com/company/googlecloudsecurity
"id": "goo1779669072",
"linkid": "googlecloudsecurity",
"type": "Breach",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'name': 'Prentus', 'type': 'Company'},
{'location': 'Sydney, Australia',
'name': 'Isuru Fonseka',
'type': 'Individual (Developer)'},
{'customers_affected': 'Multiple (unspecified)',
'industry': 'Technology/Cloud Computing',
'location': 'Global',
'name': 'Google Cloud',
'size': 'Large',
'type': 'Cloud Service Provider'}],
'attack_vector': 'Publicly exposed API keys',
'customer_advisories': 'Affected users notified of refunds and advised to '
'revoke exposed API keys.',
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High (potential PII or proprietary '
'data)',
'type_of_data_compromised': ['Cached conversations',
'Sensitive data']},
'description': 'Google Cloud COO Francis de Souza highlighted evolving AI '
"security threats, including 'shadow AI' and rapid lateral "
'movement post-breach. Separately, attackers exploited '
'publicly exposed Google Cloud API keys, leading to '
'unauthorized charges and data exfiltration. Google issued '
'refunds but maintained policies prioritizing service '
'continuity over user-set budgets. Security firm Aikido found '
'that revoking compromised API keys does not immediately halt '
'attacks due to propagation delays.',
'impact': {'brand_reputation_impact': 'Negative scrutiny over security lapses '
'and refund policies',
'data_compromised': 'Cached conversations, sensitive data',
'financial_loss': ['$10,000 (Prentus CEO Rod Danan)',
'AUD $17,000 (Sydney-based developer Isuru '
'Fonseka)'],
'operational_impact': 'Unauthorized API usage, automated spending '
'limit increases',
'systems_affected': ['Google Cloud services (e.g., Gemini)',
'User accounts with exposed API keys']},
'initial_access_broker': {'entry_point': 'Publicly exposed API keys'},
'investigation_status': 'Ongoing (partial resolution with refunds)',
'lessons_learned': 'Need for AI-native defenses, better API key management, '
'immediate revocation of compromised credentials, and '
'alignment of security policies with user expectations.',
'motivation': ['Financial Gain', 'Data Theft'],
'post_incident_analysis': {'corrective_actions': ['Immediate revocation of '
'compromised API keys (with '
'reduced propagation delay)',
'Review of spending limit '
'policies',
'Enhanced monitoring of API '
'key usage'],
'root_causes': ['Publicly exposed API keys '
'repurposed for unauthorized '
'access',
'Delayed propagation of API key '
'revocation',
'Automated spending limit '
'increases without explicit user '
'consent']},
'recommendations': ['Integrate security into AI adoption from the outset',
"Monitor and restrict 'shadow AI' usage",
'Improve API key management and revocation processes',
'Enhance automated spending limit controls',
'Adopt AI-driven security tools operating at machine '
'speed',
'Address skills gaps in AI security'],
'references': [{'source': "Google Cloud COO Francis de Souza's remarks at Los "
'Angeles event'},
{'source': 'Aikido Security investigation'},
{'source': 'Reports on API key exploitation (Prentus, Isuru '
'Fonseka)'}],
'response': {'communication_strategy': 'Public statements, refunds, policy '
'clarification',
'containment_measures': 'API key revocation (with delayed '
'propagation)',
'remediation_measures': 'Refunds issued to affected users, '
'policy review',
'third_party_assistance': 'Aikido Security (investigation)'},
'stakeholder_advisories': 'Google Cloud advised users to review API key '
'security and spending limits.',
'title': 'Google Cloud API Key Exploitation and AI Security Challenges',
'type': ['API Key Exploitation', 'Data Exfiltration', 'Unauthorized Access'],
'vulnerability_exploited': 'Misconfigured or repurposed API keys (e.g., '
'Google Maps keys used for Gemini access)'}