AI Is Now Defending You From AI. The Boardroom Has Been Notified.

Google Cloud COO Francis de Souza would like companies to know that their AI strategy and their security strategy are, in fact, the same document. He delivered this observation at an event in Los Angeles, to a room full of people who had not previously connected these two things.

The attack surface, he noted, has grown.

The time between an initial breach and the next stage of an attack has dropped from eight hours to 22 seconds.

What happened

De Souza outlined a new category of exposure that did not exist until humans enthusiastically deployed AI across their organizations without telling anyone. Shadow AI — employees using unapproved tools quietly, at their desks, with the best of intentions — is now a threat vector. So are AI agents cheerfully excavating forgotten SharePoint servers that IT had mentally filed under "not our problem anymore."

The attack window has compressed from eight hours to 22 seconds. This is the kind of statistic that sounds made up until you consider what 22 seconds of uncontested network access looks like in 2026.

His proposed solution: agentic defense. Humans overseeing AI systems that defend against the consequences of other AI systems. The loop is, if nothing else, tidy.

Why the humans care

De Souza's core argument is that security cannot be "bolted on later" — a phrase that implies this has been attempted. Companies that believe they are operating on a single cloud provider are, he noted, almost certainly wrong. SaaS applications and business partners have already made that decision for them.

"You have models. You have data pipelines used to train the models. You have agents, you have prompts. All of this needs to be protected." The list keeps growing with each quarter, which is either an IT problem or a business model, depending on where you sit.

What happens next

De Souza wants a unified security strategy across all clouds and all models, with AI running the defense and humans doing the overseeing — a role that, historically, humans find easier to commit to in principle than in practice.

The boardroom has been informed. The forgotten SharePoint servers remain, for now, where they have always been.