AI-Powered Security - Six Five On the Road

How is the integration of AI and cloud technologies transforming cybersecurity for federal agencies as they face a rapid evolution of cyber threats?

‍

Host Patrick Moorhead is joined by Google's Ron Bushar, CISO & Managing Director, at Google’s Public Sector Summit, for a conversation on AI-powered security. They explore how Google’s full-stack AI is reshaping cybersecurity strategies for national security and critical government missions.

‍

Key Takeaways Include:

‍

🔹Full-stack AI integration: Google’s end-to-end AI platform, including custom silicon and Gemini models, is engineered to deliver improved threat detection and accelerated response for federal agencies.

‍

🔹Modern security for government data: By leveraging “FedRAMP High” as a security baseline, applying zero-trust principles, Mandiant expertise, and Google Distributed Cloud (GDC), Google enables more robust security postures versus traditional GovCloud solutions.

‍

🔹Multi-cloud security tools: How agencies benefit from posture management, virtual red teaming, and lifecycle AI protection, securing sensitive workloads not only on Google Cloud but also in other clouds and at the tactical edge.

‍

🔹Roadmap to proactive defense: Google is working towards autonomous SecOps, combining AI-driven agents, Mandiant incident response, and continuous threat intelligence to shift agencies from reactive to proactive cybersecurity.

‍

Learn more at Google. 

Watch the full video at sixfivemedia.com, and be sure to subscribe to our YouTube channel, so you never miss an episode.

‍

Or listen to the audio here:

Disclaimer: Six Five On the Road is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.

‍

Patrick Moorhead: The Six Five is On The Road here in Washington D.C. at Google's Public Sector Summit. AI is a tremendous opportunity, but also amplifies the threats. Not only is there data that needs to be managed differently, it's also more fractalized. It's in different places and new data is created that provides a risk. And let's not forget AI being used as a tool to breach systems is very much alive and well. And I'm here with Ron from Google Cloud to discuss these issues, but also more importantly, what Google is doing to help with those threats. Ron, welcome to the show.

‍

Ron Bushar: Great, thanks for having me.

‍

Patrick Moorhead: Absolutely. First off, Google has a top to bottom full stack all the way from silicon and infrastructure all the way to the application Lay.

‍

Ron Bushar: Yes.

‍

Patrick Moorhead: Can you talk through? I think people say, hey, that's a good approach, but from a security posture, how is it more secure than let's say piece parting different pieces of the stack together?

‍

Ron Bushar: Well, what I would say is it's not automatically more secure, but the way we've taken our approach is to say how do we embed security at every layer of the way we're deploying our software and our tools and services. And what that means is starting foundationally with our core infrastructure, which is what allows us to do high, high performance computing, build the underlying network infrastructure that allows us to move tremendous amounts of data around the world at sub second speeds. Building that in a secure manner and then building on top of that in layers allows us to have confidence at each step of the way that what we're providing to our customers is secure and extremely performant. So what that helps you avoid obviously is you don't have to deal with the intersections or the interfaces of a typical mixed stack of software and hardware. We're building everything from the ground up. So that gives us a tremendous advantage. It's something Google's really been doing since its inception. How do we build this planet scale computer and how do we build it in such a way that it can perform, but it can also be as secure as possible. Really proud to be able to build on top of that now the AI functionality and capabilities that again provide us with tremendous capabilities, but built on that heritage and that foundation that really gives us confidence that when we provide that to our customers, it's as secure as possible.

‍

Patrick Moorhead: That just makes sense. And also it seems like having one throat to choke, it helps too. Yeah, I mean, sometimes finger pointing and stuff like that. I mean, it's Google products. If you're all in, then it should make that a lot easier.

‍

Ron Bushar: That's true. But I mean, again, we also pride ourselves in being a very open cloud environment, meaning we want to build for everyone. And so if you want to bring open source AI models, if you want to bring your own code, if you want to bring your own independent software capabilities, we are open to that. We have open APIs, we have the ability for you to integrate with us in a secure way. So I do think what we're trying to build is the most secure platform and the most secure environment for our customers to then build on top of and really customize for their mission and their capabilities that they need.

‍

Patrick Moorhead: Let's move to GovCloud. There's a lot of them out there, call them traditional Gov clouds. How are you providing a better security posture for those with technologies like GDC or FedRamp High, things like that?

‍

Ron Bushar: Sure. What we looked at was, candidly, we were probably half a generation behind some of the early movers in terms of how cloud was being adopted by the public sector. And it really started with that, what I would call Cloud 1.0 for government, which was a gov cloud model, which was essentially to build a dedicated set of infrastructure, data centers, networks, all of it. Put a boundary around it, put bubble wrap around it and make it super secure. Then bring your commercial software into that environment. That worked great for the first generation, especially early adoption of cloud, where people were really worried about security and compliance. When we took a look at how we entered that market, we said that's kind of an outdated model for a few reasons. First of all, you can't get the most cutting edge capabilities by definition into this separate boundary very quickly. It takes a lot of engineering effort and it's a much slower process. Second, it doesn't scale because you've got to build this dedicated infrastructure. You can't take advantage of this tremendous commercial capability that we've built out that I just described to you. So Google took a fundamentally different approach and said, we're going to define a software based boundary, not a hardware based boundary in our govcloud, meaning we can operate a govcloud and we can define that boundary in our software through cryptography, through assured compliant controls, and we can bring the best of what Google is innovating and bring that into that environment almost immediately. And we know we can do it securely. We've proven that to the government now. So we think that that is kind of the 2.0 iteration of what cloud for the public sector really means. Making the true cutting edge frontier commercial capabilities immediately available to customer missions in a secure and compliant way.

‍

Patrick Moorhead: That makes a lot of sense. One of the things that I really admired about Google Cloud, even in its early days, it was all in on multi cloud, right? And some people might have said, oh well, their position, of course they have to be multi cloud. Some companies talked, other companies talked about multi-cloud too. They just really aren't implementing it. And one area that you're doing multi cloud is, is on security. So regardless of the cloud that they're in, you can secure it and even go to the tactical edge. Can you talk about how you do this?

‍

Ron Bushar: Yeah, absolutely. It's actually a lesson I took from many years of working at Mandiant, right When we inevitably, no matter what the customer environment we were working in, incident or breach response, they always had interconnects, even if they were primarily a Microsoft shop or primarily an Amazon shop. Most complex infrastructure, IT infrastructure for customer missions involves a litany of tools, capabilities and software. And so Google took that approach from a security perspective and said we cannot. There's no universe in which a homogeneous environment will exist. We have to be able to say customers can bring whatever they have to us. And this is the advantage of kind of taking more of an AI first honestly and kind of search first approach to security, meaning we don't really care what the technology is as long as we can connect to it and consume the data. We will make sense of it using our skills and capabilities and analytics, big data and now AI. And we can consume that at tremendous scale and speed and then make sense of it quickly for customers. As a security practitioner, if you tell me you want to feed me application security logs, great. If you want to feed me firewall logs, great. If you want to feed me Amazon logs, awesome. If you want to feed me Azure logs, I'll take it all. From the beginning of our journey with how we thought about applying Google security capabilities to customer mission sets, that's been our approach and I think it's starting to pay tremendous dividends with our customers because they're finally getting to see the power. When you can bring all that data into a central analytic engine and do it at scale, you don't have to make these trade offs that a lot of organizations have to do today with traditional items where I might not be able to Consume all the log data I want to or I might not be able to parse it properly. We can do all that for you and provide you with tremendous insights and actionable intelligence very, very quickly.

‍

Patrick Moorhead: So the reality is, I mean like enterprises are all multi cloud. Government agencies are multi-cloud too. What you've illustrated here that I hadn't thought of fully was the benefit of pulling all that data from all those clouds in to give you a better idea of what is going on. So you know the next best action to take.

‍

Ron Bushar: Yeah, absolutely. And if you fast forward to where we're going now and the things we're actually announcing at the summit here, we're going beyond the absorb and analyze and make sense of the data and we're moving into, okay, now I want to take action on the data. So now I have this interconnected system, multi cloud, hybrid cloud. I can go on prem as well. I can take that intelligence, what I learned from a threat actor or what I'm seeing in the environment as threat and then I can apply agentic capabilities to it and say, okay, now go out and do something about that. Take a system that looks like it has malware on it and isolate that system or remove that malware from that system and do it with automation where I don't have to necessarily have a human in the loop or I've pre defined these courses of actions from a security perspective. So now I've got the full loop of ingestion and action across your entire stack, which is really, really powerful.

‍

Patrick Moorhead: Yeah, one question or many questions I get on the thought of getting ahead of it. Ahead of the game with security is, hey, just when you think you're ahead, the bad guys are pretty much right there. Do IR+ agents give you the capability to stay ahead for longer or am I looking at. Or am I asking the wrong question about that?

‍

Ron Bushar: I don't think it's the wrong question. I don't think it's necessarily a case of longer. It's better, faster, more effective. As these systems scale and as we have customers who are applying more capabilities in these environments, we have to be able to scale security with it. So in my mind it's not necessarily. It is definitely staying ahead of the threats and that's understanding what threat actors are doing, how they're pivoting, what they're building, what they're targeting. All that intelligence is hugely valuable. But then what do you do about it? Right? And it becomes a two factor game. It's a speed game. You got to get out in the environment and either, you know, prevent those vulnerabilities from being, you know, being taken advantage of by threat actors and. Or if you do miss something, you have to have the speed and accuracy to get to that problem and isolate it before it becomes a major issue in your environment. So both of those things we've done through human expansion, through adding more and more analysts and more and more experts, you tap out on that or you. I mean, you've seen the reports, right? Our threats, the threats facing the United States today, are employing tens of thousands, hundreds of thousands of really smart people targeting us, and they're applying AI to the problem set. So we have to stay ahead of that, and we have to be able to give the defenders the advantage back in that. In that battle space.

Patrick Moorhead: Yeah, I mean, nation state budgets that have gone into that. It's relatively recent. A recent thing. And then you layer on top of that what you can do with some of the best AI to come after that is going to keep you innovating and securing this country for a long time.

‍

Ron Bushar: Absolutely. Absolutely true. And we're here for it. We're obsessed about the mission again. We want to take all these great innovations that Google is applying now, especially in the AI space, and make them available and make them useful for our defenders.

‍

Patrick Moorhead: Yeah. The country appreciates what you're doing, I appreciate what you're doing, and I appreciate your time.

‍

Ron Bushar: All right, great. Thank you so much.

‍

Patrick Moorhead: Thanks, Ron.

‍

Ron Bushar: It's been great.

‍

Patrick Moorhead: This is Patrick Moorhead here at the Google Public Sector Summit here in Washington, D.C. talking about Security in the Age of AI. Hit that subscribe button. Tune into all of our Google cloud content out there. Have a nice night.

‍