AI Security Gets an Upgrade Through Google's New Measures

Google has announced a series of innovative features aimed at enhancing the security of AI applications and digital infrastructures at the Google Cloud Security Summit 2025. Here's a rundown of the key announcements:

Google is expanding its portfolio with three central innovations: enhanced inventory and risk analysis, improved inline protection and status monitoring, and proactive threat detection for AI agents. This will help businesses better manage and secure their AI workloads.

To protect sensitive data, Google is introducing Data Security Posture Management in the Security Command Center. This feature provides governance for sensitive data, ensuring that it is handled securely and in compliance with regulations.

In the realm of AI governance, Google is collaborating with Mandiant Consulting to offer risk-based AI governance, pre-deployment consulting to secure the AI environment, and AI threat modeling. This partnership aims to help businesses create a secure AI ecosystem.

Google is also introducing the Agentic IAM for automatic provisioning of agent identities for all development environments. This feature simplifies the management of identities and enhances security by ensuring that only authorised agents have access to sensitive resources.

To improve security operations, Google has developed the Agentic SOC, designed to proactively detect threats through agent-assisted defensive functions. The new SecOps Labs, part of Google Security Operations, provides early access to the latest features of Google Security Operations, many of which are developed with Gemini AI.

In response to the growing concern about shadow AI risks, Google is expanding Chrome Enterprise's security features to Android and iOS. This includes URL filtering on iOS to help reduce shadow AI risks.

Google is also focusing on real-time protection. The real-time protection of Model Armor is being extended to inputs and outputs in Agentspace. This means that attacks like jailbreaking or the disclosure of confidential data can be defended in real-time.

To help businesses quickly respond to external attacks, new detection mechanisms in the Security Command Center use information from Mandiant and Google to uncover risky behaviour and suspicious activities.

In an effort to simplify event investigation, Google is introducing the Alert Investigation Agent. This agent can autonomously enrich events, analyze CLIs, and build process trees based on the best practices of Mandiant's human frontline analysts.

Lastly, Google is making Cloud Key Management System Autokey generally available. This feature supports customers in adopting recommended key management practices with customer-owned encryption keys. Additionally, Google is introducing re-authentication for sensitive actions as a security feature.

These new features demonstrate Google's commitment to making the use of agent-based AI more secure and helping businesses protect their AI ecosystems.