AI-Native Defense at Scale: Google Cloud's Security Strategy for the Agentic Era

The attack surface enterprises have to defend in 2026 looks nothing like it did three years ago. Agentic workflows, multimodal phishing, AI-assisted criminal toolkits, and prompt injection attacks against model infrastructure have created a threat environment that outpaces human-speed defense. The only viable response is an AI-native one.

‍

Patrick Moorhead sits down with Francis DeSouza, COO and President of Security Products at Google Cloud, at Google Cloud Next 2026. DeSouza walks through how he’s balancing operations and security, why Google’s control of the full AI stack is starting to matter more for enterprise buyers, and how AI is reshaping both threats and defenses over the next 18–24 months. He also breaks down what the newly announced AI-powered SOC strategy looks like in practice and how the Wiz acquisition fits into Google’s broader multicloud security approach.

DeSouza also shares what the company's internal AI deployment, including the fact that over 75% of code at Google is now AI-generated, signals about what is operationally possible for enterprise customers at scale.

Key Takeaways:

• Full-stack ownership is driving buyer preference: Google’s control across fiber, data centers, chips, models, and agents is becoming a primary reason enterprises choose Google Cloud for mission-critical workloads, as customers look for a partner that can signal where AI is going—not just where it is today.
• The threat landscape is expanding on two fronts: AI-powered attackers with limited expertise and new attack surfaces across models, agents, prompts, data pipelines, and shadow AI are outpacing traditional perimeter-based defenses.
• The SOC model is shifting to agent-driven operations: Google’s AI SOC strategy deploys purpose-built agents across red, blue, and green teams, with triage agents reducing 30-minute investigations to about a minute and threat-hunting agents operating at machine scale.
• The impact is already measurable: Google has cut its own threat detection time by over 90% using AI, while Deloitte is applying similar approaches to reduce security operations costs by roughly two-thirds.
• The platform is expanding through integration: The Wiz acquisition extends Google’s reach into cloud-native application protection, shift-left developer security, and AI workload security—combined with Mandiant intelligence and Google’s operations stack to connect detection directly to remediation.

The message for CISOs and CIOs is direct: agentic, AI-native, multi-network, multi-model security is not a future state. Enterprises that are not building toward that architecture now are already behind the threat actors who have already adopted it.

Watch now and subscribe to Six Five Media for analyst-led coverage from Google Cloud Next 2026.

‍Disclaimer: Six Five Media is a media and analyst firm. All statements, views, and opinions expressed in this program are those of the hosts and guests and do not represent the views of any companies discussed. This content is for informational purposes only and should not be construed as investment advice.

FRANCIS DESOUZA:
Cyber defenders are going to have to be AI native in their defense, agentic, so they can match the scale and speed of these attacks. And they need to make sure that their security works across networks, across models.

PATRICK MOORHEAD: 

The Six Five is On The Road here at Google Cloud Next 2026 in Las Vegas. It's where all the tech shows happen, it seems, in the middle of middle of America. But it's great to be up in a great show, really. The overall headline, it's all about the entire full stack, all the way from infrastructure to agents and everything in between. And by the way, being open at the same time. One of the topics that we talk a lot about on The Six Five is security. And whether three years ago, starting with generative AI, now we're in an agentic area, the attack plane is getting bigger. We're actually creating new types of information that could potentially be exploited. We're connecting different data sources across and through agents, giving users access to that. The key is, obviously, giving access to that data that people are allowed to see. Then, on the other side, we have AI technologies being used to exploit all of this fancy new technology. I can't imagine a better person to talk about this than Francis D'Souza, COO of Google Cloud and also President of the Security Products Division. Great to see you, Francis.

FRANCIS DESOUZA: 

Thanks for having me. It's great to be here.

PATRICK MOORHEAD: 

I've interviewed a lot of people. Some of them have had two jobs, two titles. Congratulations, I think, but it's very tough. You have two very large jobs. And quite frankly, in this age of agents, security is an opportunity and obviously it is a threat. So in a perfect world, I used to be an operator as well. We'd like to do everything overnight, but the fact is we have to have priorities of what we're going to after, what we're going to build. And when you look across operations and security, what are your top priorities?

FRANCIS DESOUZA: 

Sure, there are a few priorities. From an operational perspective as COO, one of the things I'm focused on most is helping scale Google Cloud. You know, we're seeing sort of incredible demand for AI infrastructure, for GCP, and our offerings, and so I want to make sure that we've put the infrastructure in place to support the growth that our customers are seeing. As part of that, one of the initiatives I'm responsible for driving for Google Cloud is something we're calling Google AI at Google, which is a multi-year journey we've been on to actually deploy our own AI technologies across the company. We've been public about the fact that now, for example, over 75% of the code generated at Google is generated by AI. But that's just one example. There are hundreds of use cases now across Google, from logistics, to finance, to supply chain, to marketing, where we've deployed AI internally. And we've cataloged the ROI we're getting from each of these use cases so we can serve as an example to our customers about what's possible. So on the operations side, we're looking to scale our ability to serve our customers. And then on the security side, what we're doing is, one, making sure that we are secure, but two, provide offerings to our customers to help them, especially as they scale their security into the AI era. So really providing AI-native, agentic cyber defense solutions for customers around the world.

PATRICK MOORHEAD: 

Yeah, your scale and growth has been very impressive. You always had infrastructure scale, but when it came to Google Cloud, there are important nuances that's different from your consumer business to require you to do that. I remember when TK first showed up, first thing was meet the customers where they are. And how do we scale? And a lot of that was externally with customer support, customer engineering to help customers get there. And your numbers speak for themselves. They're impressive, very profitable. And I remember when people were talking about, hey, I wonder how long they're going to be in this business. And you're here, and you're kicking butt. So congratulations on that. Thank you. The data side was your foray in data and analytics. and it's a natural foray into AI after that because you had been doing that for decades at the company, and now we're applying it to real business solutions. I want to talk about mission-critical workloads, a great buzzword marketing term, but it's real. What are new customers, why are they choosing Google Cloud? I talked about they used to choose you because of your data products and capabilities. Why are they choosing you now?

FRANCIS DESOUZA: 

What we're hearing from our customers is that there are a number of reasons why GCP is becoming the choice for them. One thing we're hearing is that we're the only hyperscaler that has our own full-stack AI, all the way from we have fiber, we have the data centers, we have the AI chips, we have the models, we have the agents, and that's really important to our customers. Because a lot of what they're thinking about is, where did their organizations go? And part of that is, where's AI going to go? And so they want to talk to a hyperscaler that has pioneering AI models, so they can start to get a sense of, where is this industry going to go? How does that enable them to move their businesses forward? So having our own AI stack is a big deal. Having a best-in-class AI stack is really powerful for our customers, and that drives also the choice of hyperscaler. In addition, what they love about working with Google Cloud is, although we have our own technology at every component of the AI stack, every layer, we're also open. What that means is we have our own chips, but we're also one of the world's biggest partners in the world for NVIDIA. So this week, for example, we announced our TPU-8, but we also announced that we're going to be one of the first networks in the world to bring NVIDIA's Vera Rubin chips to the market. Similarly, we have our own models, our own frontier models, the Gemini family, for example, that we're very proud of and does very well on the leaderboards. But if you go to our model garden, we provide our customers with over 200 models, including Claude from Anthropic, DeepSeek, and a whole bunch of other models. And so at every layer of the stack, although we provide our own best-in-class technologies, we make sure we're open and give our customers choice. That's different, and that's something that our customers really value.

PATRICK MOORHEAD: 

Yeah, I'm really glad you brought up open because the contra to integrated is always, well, is it open? And you listed a lot of really good ones. What I appreciated too was PyTorch support. I also appreciated MCP. You're going all in there, quite frankly. That is, you know, the open standard right now for even vibe coders like me to access. And the fact that, you know, even me, I could access that says, it does say a lot to me. I want to shift to security, right? Amazing opportunity. Let's just, you know, for the sake of argument, AI capabilities are 10Xing every month, okay? In terms of that's not just, you know, compute capability, but it's the actual capabilities of the model. Let's just say 10X every quarter. And that does provide an opportunity, but also a ton of threats. When you look out 18 to 24 months, What are some of the biggest shifts changing the security landscape? And I think I have a follow-up after that as well.

FRANCIS DESOUZA: 

Yeah, I mean, you're right. We're living through a period where AI is changing much of how we will work, how we will play. It's also driving a generational refactoring of the entire enterprise IT infrastructure as companies look to go AI native. And probably one of the parts of the enterprise infrastructure that's getting the most impacted is cybersecurity. Because AI is changing almost every part of cybersecurity. On the one hand, it's changing who the threat actors are on the threat landscape. We're seeing new threat actors emerge. For example, criminal organizations are entering cybersecurity, even though they may not have deep technical capability because they're now able to use AI tools.

PATRICK MOORHEAD: 

As a service. Exactly.

FRANCIS DESOUZA:

 Like Worm GPT or Hex Strike MCP and string together sophisticated agentic attacks without necessarily needing that much technical expertise. On the other end of the spectrum, we're seeing more advanced organizations like APT28 that are really pushing the envelope of what's possible. So we're seeing new threat actors. They're using new techniques. We're seeing all agentic attacks on organizations. We're seeing multimodal phishing attacks where people are leveraging AI and deep fakes to make phishing attacks that use both a phone call and an email and increase their rates of getting people You know, so you see multimodal phishing attacks. You're also seeing attacks against the AI infrastructure, you know, prompt injections, model poisoning. And so you're seeing a whole new set of attacks that are being performed at a scale and speed and sophistication that dwarfs anything we've seen in the past. On the other hand, enterprises now have an expanded surface area to protect. They have to protect the models they're rolling out, the agents, the prompts, the data pipelines, and they're also having to protect against shadow AI, where employees are downloading models and agents, and they're having to protect their supply chain as well. So you have this expanded threat surface area that has to be protected. And so we're really seeing a complete sea change in the cybersecurity threat environment, and that needs a new defense model. In addition to the usual playbook, cyber defenders are going to have to be AI native in their defense, agentic, so they can match the scale and speed of these attacks. And they need to make sure that their security works across networks, across models.

PATRICK MOORHEAD: 

You've been talking a lot about your AI-based SOC strategy, and I'm curious about the conversations you've been having this week, some of the announcements. How does that fold in into this?

FRANCIS DESOUZA: 

I think it's becoming clear that as attacks move at the speed of AI, that you end up having to use AI to fight AI. Again, if you're seeing machine speed attacks, then what you will need from a defender's perspective is to have agents that are responding and defending your enterprise. And so we announced this week a whole set of agents to augment security operations centers. On the Wiz portfolio, we announced the red, blue, and green agents that support the red, blue, and green teams in a SOC. So the red agent does permanent pen testing of your environment, acting as an external attacker to identify vulnerabilities, You have the blue team that's supported now with the blue agent to do the investigations and the green team to drive remediation and bring things back to green. From a SOC perspective, we also announced a few agents. We have our triage agent that can help turn what used to be a 30 minute investigation into a one minute resolution. We have detection and threat hunting agents that, you know, the threat hunting agents will scan your environment at a scale and speed humans couldn't do to identify risks. And then the detection agent will identify coverage gaps. And so we've laid out a fleet, if you like, of agents to help you drive cyber defense at machine speed.

PATRICK MOORHEAD: 

Are these technologies being used inside of Google today that you just talked about?

FRANCIS DESOUZA: 

Absolutely. We've been using agents and AI in our defense now for quite some time, and we've seen some pretty dramatic results. By using AI in our SOC, we've been able to reduce the time to detect a threat by over 90%, but it's also being used externally. Companies like Deloitte, for example, are using agents to lower their costs and improve their efficiency by two-thirds. And so we're seeing pretty significant benefits that our customers are seeing. For example, we work with the Los Angeles Department of Water and Power. and we're helping them secure their critical infrastructure before the LA-28 games. We have banking customers, we have like DBS, we have the CME, which secures the world's largest commodities exchange using our security infrastructure.

PATRICK MOORHEAD: 

So I've been observing Google Cloud in particular has had a 

combination of organic innovation and acquisitions. And the latest one, congratulations, close on the whiz. Mandian, of course. I'm curious if I look at how are you going to roll that out into the broader portfolio? What are you telling your customers?

FRANCIS DESOUZA: 

Yeah, we are super excited about WiZ joining Google and Google Cloud. As some of you may know, WiZ has really pioneered the space of cloud-native application protection. And so what they help enterprises do is secure their assets in the cloud. And over the last few years, as companies have migrated infrastructure to the cloud, it's clear to companies that some of their most valuable assets are no longer sitting in their own data centers, but in the cloud. And so this has been very popular among enterprise customers to help secure their assets in the cloud. In addition to securing their assets in the cloud, You know, Wiz helps what we call in the security industry shift security left, which is go upstream to help developers write secure code before it goes into production. And then if a vulnerability happens, really close the loop back to the developers to help them fix the code. So terrific product that's seeing a lot of momentum in the market. It's also really well positioned to provide AI security for companies. And so what we talk to ourselves about is making Wiz more available more broadly by connecting it with our go-to-market capability and expanding the reach that Wiz has so more customers around the world have more access to Wiz's capability. In addition then, from a technology perspective, we're combining with Google's offerings like our threat intelligence, our Mandiant expertise, our security operation centers, so you can have a more integrated security platform.

PATRICK MOORHEAD: 

It makes a lot of sense. It's good to see you're keeping the leverage of partners as well. One final question and could be one of the most important. If you have one thing you want to leave CISOs and CIOs with on how they should look at Google Cloud Security's long-term vision, what would you tell them?

FRANCIS DESOUZA: 

Yeah, what I would say is that we're partnering with our customers to deliver the leading-edge security for the AI era. That cyber defense is going to evolve to a model that is AI-native, that is agentic-led, that humans aren't going to be driving the defense primarily, and humans are going to be overseeing agents that do a lot of the real-time heavy lifting, and that security needs to be multi-network, multi-model. And so we partner with them to deliver a security platform that is AI-driven, agentic, and multi-network, multi-model.

PATRICK MOORHEAD: 

No, I appreciate that. Francis, I want to thank you for your time. Congratulations on the growth and what you've been able to, you know, what the company's done, and I guess it's up and to the right for you. Thanks a lot. Thank you. This is Patrick Moorhead with The Six Five. I hope you enjoyed that discussion that we had. Check out all of our Google Cloud Next 2026 content and all of our security content on The Six Five and also on my website. Take care. Tune in. Bye bye.

‍